struts2登錄攔截器

1.在web.xml配置session超時的時間

<!-- 配置session超時時間，單位分鐘 -->
	<session-config>
		<session-timeout>180</session-timeout>
	</session-config>

2.在此也貼出個人一個session工具類，方便獲取登錄成功以後session中用戶信息。

package com.wzxy.nc.util;
import com.opensymphony.xwork2.ActionContext;
import com.wzxy.nc.entity.SysUser;
public class HttpSessionUtil{
	@SuppressWarnings("unchecked")
	public static <T> T getObject(String key,T t){
		return (T)ActionContext.getContext().getSession().get(key);
	}
	public static void put(String key,Object value){
		ActionContext.getContext().getSession().put(key, value);
	}
	public static SysUser getCurrentUser(){
     // SysConstant.LOGIN_USER 是一個字符串，也就是你放到session用戶信息的key
	return (SysUser) ActionContext.getContext().getSession().get(SysConstant.LOGIN_USER);
	}
}

3. 編寫一個攔截器的類，實現攔截的邏輯

package com.wzxy.nc.interceptor;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.ServletActionContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import com.wzxy.nc.entity.SysUser;
import com.wzxy.nc.util.HttpSessionUtil;
public class LoginInterceptor extends AbstractInterceptor {
	private static final long serialVersionUID = 7860956813431996758L;
	private static final Logger logger = LoggerFactory.getLogger(LoginInterceptor.class);
	@Override
	public String intercept(ActionInvocation ai) throws Exception {
		logger.info("************** 登錄攔截器 **************");	
		// 取得請求的URL
		String url = ServletActionContext.getRequest().getRequestURL().toString();
		HttpServletResponse response = ServletActionContext.getResponse();
		response.setHeader("Pragma", "No-cache");
		response.setHeader("Cache-Control", "no-cache");
		response.setHeader("Cache-Control", "no-store");
		response.setDateHeader("Expires", 0);
		SysUser user = null;
		// 對登陸與註銷請求直接放行,不予攔截
		if (url.indexOf("login") != -1 || url.indexOf("logout") != -1) {
			return ai.invoke();
		} else {
			// 驗證Session是否過時
			if (!ServletActionContext.getRequest().isRequestedSessionIdValid()) {
				// session過時,轉向session過時提示頁,最終跳轉至登陸頁面
				return "relogin";
			} else {
				user = HttpSessionUtil.getCurrentUser();
				// 驗證是否已經登陸
				if (user == null) {
					logger.info("還沒有登陸");
					// 還沒有登陸,跳轉至登陸頁面
					return "relogin";
				} else {
					return ai.invoke();
				}
			}
		}
	}	
}

4.在struts2配置一下這個攔截器並運行項目測試

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "http://struts.apache.org/dtds/struts-2.1.dtd">
<struts>
	<package name="default" namespace="/" extends="json-default,struts-default">
        <interceptors>
            <interceptor name="loginInterceptor" class="com.wzxy.nc.interceptor.LoginInterceptor"/>
            <interceptor-stack name="loginStack">
                <interceptor-ref name="loginInterceptor" />
                <interceptor-ref name="defaultStack" />
            </interceptor-stack>
        </interceptors>   
        <global-results>
            <result name="relogin" type="redirect">/login.jsp</result>
        </global-results>
		<action name="*_*" method="{2}" class="com.wzxy.nc.controller.{1}Controller">	
			<result name="success">${forwardPage}</result>
			<result name="error">${forwardPage}</result>
			<result name="redt" type="redirect">${forwardPage}</result>
			<result name="download" type="stream">
				<!-- 指定下載文件的類型 -->
				<param name="contentType">application/octet-stream</param>
				<!-- 指定下載文件的位置 -->
				<param name="inputName">fileInputStream</param>
				<param name="contentDisposition">attachement;filename=${downFileName}</param>
				<!-- 指定下載文件的緩衝大小 -->
				<param name="bufferSize">4096</param>
			</result>
			<result name="json" type="json">
				<param name="root">dataMap</param>
			</result>
			<interceptor-ref name="loginStack" />
		</action>
	</package>
</struts>

5.須要注意的是，若是頁面嵌套在iframe或者frameset中在登錄的頁面寫上這一段js，這樣能夠跳出整個iframe。

<script language="javascript">    
   if(window !=top){  
       top.location.href=location.href;  
   }
</script>