Struts2使用Interceptor做用戶登陸檢查:
1)新增一個bean: User.java
package com.my.beans; import java.util.Date; import org.apache.struts2.json.annotations.JSON; public class User { private int userId; private String username; private String password; private int age; private Date createTime; public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public int getAge() { return age; } public void setAge(int age) { this.age = age; } public Date getCreateTime() { return createTime; } public void setCreateTime(Date createTime) { this.createTime = createTime; } public int getUserId() { return userId; } public void setUserId(int userId) { this.userId = userId; } public User(int userId, String username, String password, int age, Date createTime) { this.userId = userId; this.username = username; this.password = password; this.age = age; this.createTime = createTime; } public User() { } }
2)新增一個:CheckLoginInterceptor.java
package com.my.interceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.struts2.ServletActionContext; import com.my.beans.User; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.ActionProxy; import com.opensymphony.xwork2.interceptor.AbstractInterceptor; @SuppressWarnings("serial") public class CheckLoginInterceptor extends AbstractInterceptor { @Override public String intercept(ActionInvocation invocation) throws Exception { // invocation invoke result String result = null; // get invocation proxy ActionProxy ap = invocation.getProxy(); if (ap.getNamespace().equals("/") && ap.getActionName().equals("login") && (ap.getMethod().equals("execute") || ap.getMethod().equals("signin"))) { result = invocation.invoke(); } else { // check user already login HttpSession session = ServletActionContext.getRequest().getSession(); Object userObject = session.getAttribute("USER"); User user = (User) userObject; if (null != user) { result = invocation.invoke(); } else { HttpServletResponse response = ServletActionContext.getResponse(); HttpServletRequest request = ServletActionContext.getRequest(); // get query string String strQueryString = (String) request.getQueryString() != null ? "?" + request.getQueryString() : ""; // redirect URL response.sendRedirect(request.getContextPath() + "/login?path=" + java.net.URLEncoder.encode(request.getRequestURI() + strQueryString, "UTF-8")); } } // return action return result; } }
3) 新建一個LoginController.java
package com.my.controller; import java.io.IOException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.struts2.ServletActionContext; import com.my.beans.User; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionSupport; @SuppressWarnings("serial") public class LoginController extends ActionSupport { private String path; private User user; public synchronized User getUser() { return user; } public synchronized void setUser(User user) { this.user = user; } public String getPath() { return path; } public void setPath(String path) { this.path = path; } @Override public String execute() throws Exception { return SUCCESS; } public String signin() throws IOException { if (user != null) { // check user name and password if (user.getUsername().equals("admin") && user.getPassword().equals("admin")) { HttpSession session = ServletActionContext.getRequest().getSession(); session.setAttribute("USER", user); HttpServletResponse response = ServletActionContext.getResponse(); response.sendRedirect(getPath()); } } return SUCCESS; } }
4)新增一個: login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ taglib prefix="s" uri="/struts-tags" %> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Insert title here</title> </head> <body> <s:form action="login!signin"> User name:<s:textfield name="user.username"></s:textfield><br/> password:<s:password name="user.password"></s:password><br/> <s:hidden name="path"></s:hidden> <s:submit value="Login"></s:submit> </s:form> </body> </html>
5)加入struts.xml
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN" "http://struts.apache.org/dtds/struts-2.3.dtd"> <struts> <!-- 把它設置為開發模式,發布時要設置為false --> <constant name="struts.devMode" value="true" /> <!-- 設置在class被修改時是否熱加載,發布時要設置為false --> <constant name="struts.convention.classes.reload" value="true"/> <!-- 自動動態方法的調用,使用這個設置后可以這樣調用:action!method --> <constant name="struts.enable.DynamicMethodInvocation" value="true" /> <!-- 指定jsp文件所在的目錄地址 --> <constant name="struts.convention.result.path" value="/WEB-INF/content/" /> <!-- 用於配置包名后綴。默認為action、actions、struts--> <!-- <constant name="struts.convention.package.locators" value="controller" /> --> <constant name="struts.convention.action.packages" value="com.my.controller"></constant> <!-- 用於配置類名后綴,默認為Action,設置后,Struts2只會去找這種后綴名的類做映射 --> <constant name="struts.convention.action.suffix" value="Controller"/> <!-- 設置即使沒有@Action注釋,依然創建Action映射。默認值是false。因為Convention-Plugin是約定優於配置的風格, 可以不通過注解根據預先的定義就能訪問相應Action中的方法 --> <constant name="struts.convention.action.mapAllMatches" value="true"/> <!-- 自定義jsp文件命名的分隔符 --> <constant name="struts.convention.action.name.separator" value="-" /> <!-- 國際化資源文件名稱 --> <constant name="struts.custom.i18n.resources" value="i18n" /> <!-- 是否自動加載國際化資源文件 --> <constant name="struts.i18n.reload" value="true" /> <!-- 瀏覽器是否緩存靜態內容 --> <constant name="struts.serve.static.browserCache" value="false" /> <!-- 上傳文件大小限制設置 --> <constant name="struts.multipart.maxSize" value="-1" /> <!-- 主題,將值設置為simple,即不使用UI模板。這將不會生成額外的html標簽 --> <constant name="struts.ui.theme" value="simple" /> <!-- 編碼格式 --> <constant name="struts.i18n.encoding" value="UTF-8" /> <!-- 設置默認package --> <constant name="struts.convention.default.parent.package" value="default"></constant> <package name="default" namespace="/" extends="json-default"> <interceptors> <interceptor name="cacheInterceptor" class="com.my.interceptor.CacheInterceptor" /> <interceptor name="loginInterceptor" class="com.my.interceptor.CheckLoginInterceptor" /> <interceptor-stack name="cacheStack"> <interceptor-ref name="defaultStack"></interceptor-ref> <interceptor-ref name="paramsPrepareParamsStack"></interceptor-ref> <interceptor-ref name="cacheInterceptor"></interceptor-ref> <interceptor-ref name="loginInterceptor"></interceptor-ref> </interceptor-stack> </interceptors> <default-interceptor-ref name="cacheStack"></default-interceptor-ref> <default-action-ref name="index" /> <global-results> <!-- <result name="error">/error.jsp</result> --> <result name="json" type="json"> <!-- 是否包括父類的屬性輸出,默認true. --> <!-- <param name="ignoreHierarchy">false</param> --> <!-- 是否輸出null值的屬性,默認false --> <!-- <param name="excludeNullProperties">true</param> --> </result> </global-results> <global-exception-mappings> <exception-mapping exception="java.lang.Exception" result="error"/> </global-exception-mappings> </package> </struts>
關鍵點在於:
<interceptor-ref name="loginInterceptor"></interceptor-ref>
使用此方法可以對所有的action進行監控。
如果使用web.xml的filter做監控的話,那將會對所有的資源都會監控,比如jsp、css、js等。使用Interceptor只對action做監控即可。