今天剛學了用struts2的攔截器,就用他作了個權限控制的小例子來加深對攔截器的認識.用戶經合法途徑登錄後用戶登錄信息會保存在session中,用戶在訪問其餘資源時,攔截器會首先查看session中是否有用戶信息.從而控制用戶登錄javascript
login.jsp系統登陸頁html
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>java
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
<s:form name="form1" action="login">
<s:textfield name="username" label="username"></s:textfield>
<s:password name="password" label="password"></s:password>
<s:submit value="submit"/>
</s:form>
</body>
</html>
web
package com.huan.tv.web;apache
import com.huan.tv.domain.User;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;session
public class LoginAction extends ActionSupport {app
private static final long serialVersionUID = 7016663291573110941L;
private String username;
private String password;
@Override
public String execute() throws Exception {
if("java".equals(username.trim())&&"123".equals(password.trim())){
User user = new User(username,password);
ActionContext.getContext().getSession().put("user", user);
}
return SUCCESS;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
Uer.java類封裝了用戶登錄的信息dom
package com.huan.tv.domain;jsp
public class User {ide
private String username;
private String password;
public User() {
super();
}
public User(String username, String password) {
super();
this.username = username;
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
下面就是關鍵的攔截器了
package com.huan.tv.web;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
public class AuthorInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 5359767511938232965L;
public String intercept(ActionInvocation invocation) throws Exception {
ActionContext ac = ActionContext.getContext();
Object user = ac.getSession().get("user");
if (user != null) {
return invocation.invoke();
} else {
HttpServletResponse response = ServletActionContext.getResponse();
response.setContentType("text/html;charset=UTF-8");
response.getWriter().write(
"<script language=\"javascript\">alert('請登陸系統!');parent.location.href='"
+ ServletActionContext.getRequest()
.getContextPath() + "/login.jsp';</script>");
}
return null;
}
}
攔截器就是經過判斷session裏user是否有值,user爲空說明用戶沒有登錄就返回首頁.登錄後就invocation.invoke();將控制權轉交給Action的execute方法
配置文件struts.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<package name="base-package" extends="struts-default">
<interceptors>
<interceptor name="author"
class="com.huan.tv.web.AuthorInterceptor" />
<interceptor-stack name="permissionStack">
<interceptor-ref name="defaultStack" />
<interceptor-ref name="author" />
</interceptor-stack>
</interceptors>
<action name="login" class="com.huan.tv.web.LoginAction">
<result>/welcome.jsp</result>
</action>
<action name="view" class="com.huan.tv.web.ViewAction">
<result>/index.jsp</result>
<interceptor-ref name="permissionStack"/>
</action>
</package>
</struts>
咱們定義了一個攔截器棧,它包含剛寫了權限攔截器和默認攔截器.login是登錄的不用權限控制.view是登錄後查看的須要加上攔截器.若是用戶不登錄直接訪問view.action則系統攔截器就會起做用,提示用戶登錄後才能操做.
welcome.jsp登錄後的歡迎頁
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
登錄成功! <br>
<s:form action="view">
<s:submit value="submit"/>
</s:form>
</body>
</html>
index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
</head>
<body>
通過view.action後訪問的 <br>
</body>
</html>
最後別忘了web.xml中添加struts2
<filter> <filter-name>Struts2</filter-name> <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class> </filter> <filter-mapping> <filter-name>Struts2</filter-name> <url-pattern>*.action</url-pattern> </filter-mapping> <filter-mapping> <filter-name>Struts2</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping>