2008-02-29
《struts2权威指南》学习笔记之使用拦截器完成权限控制
本例的功能是,必须指定用户名 scott/tiger 登陆的用户,方能查看系统中viewBook的这个资源,否则直接跳回登陆页面
登陆Action
package auth;import com.opensymphony.xwork2.ActionSupport;import com.opensymphony.xwork2.ActionContext;import java.util.*;public class LoginAction extends ActionSupport
...{
private String username; private String password; public void setUsername(String username)
...{ this.username = username;
} public String getUsername() ...{ return username; } public void setPassword(String password) ...{ this.password = password; } public String getPassword() ...{ return password; } public String execute() throws Exception ...{ System.out.println("进入execute方法执行体.........."); Thread.sleep(1500); if (getUsername().equals("scott") && getPassword().equals("tiger") ) ...{ ActionContext ctx = ActionContext.getContext(); Map session = ctx.getSession(); session.put("user" , getUsername()); return SUCCESS; } else ...{ return ERROR; } }
}权限检测拦截器
package auth;import java.util.Map;import com.opensymphony.xwork2.Action;import com.opensymphony.xwork2.ActionContext;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.interceptor.AbstractInterceptor;public class AuthorityInterceptor extends AbstractInterceptor ...{ public String intercept(ActionInvocation invocation) throws Exception ...{ ActionContext ctx=invocation.getInvocationContext(); Map session=ctx.getSession(); String user=(String)session.get("user"); if(user!=null&&user.equals("scott"))...{ return invocation.invoke(); }else...{ ctx.put("tip", "您还没有登录"); return Action.LOGIN; } }}
配置action (struts.xml)
<?xml version="1.0" encoding="GBK"?><!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd"><struts> <constant name="struts.custom.i18n.resources" value="globalMessages"/> <constant name="struts.i18n.encoding" value="GBK"/> <package name="lee" extends="struts-default"> <interceptors> <interceptor name="authority" class="auth.AuthorityInterceptor"></interceptor> </interceptors> <global-results> <result name="login">/login.jsp</result> </global-results> <!-- 将viewBook.jsp放在web-inf下,防止直接用url访问 --> <action name="viewBook"> <result>/WEB-INF/viewBook.jsp</result> <!-- 拦截器一般配置在result之后 --> <interceptor-ref name="defaultStack"></interceptor-ref> <interceptor-ref name="authority"></interceptor-ref> </action> <action name="login" class="auth.LoginAction"> <result name="error">/error.jsp</result> <result name="success">/welcome.jsp</result> </action> </package> </struts>
web.xml
<?xml version="1.0" encoding="UTF-8"?><web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <filter> <filter-name>struts2</filter-name> <filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter> <filter-name>struts-cleanup</filter-name> <filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class> </filter> <filter-mapping> <filter-name>struts-cleanup</filter-name> <url-pattern>/*</url-pattern> </filter-mapping></web-app>
viewBook.jsp 放到web-inf下
<%...@ page contentType="text/html; charset=GBK"%><html><head> <meta http-equiv="Content-Type" content="text/html; charset=GBK"/> <title>作者李刚已经出版的图书:</title></head><body>作者已经出版的图书:<p>Spring2.0宝典<br>轻量级J2EE企业实战<br>基于J2EE的Ajax宝典<br></body></html>
login.jsp
esffor
- 浏览: 84451 次
- 性别:
- 来自: 北京
- 详细资料
搜索本博客
最近加入圈子
最新评论
-
Static初始化代码快访问st ...
当然啦,final型常量只能被赋值一次
-- by Chihom -
Tomcat 5.5不能使用EL表达 ...
請在web.xml修改XSD<?xml version="1.0" enc ...
-- by trowa -
一个通用的泛型GenericH ...
谢谢!使用中!
-- by sangood -
Spring AOP四种创建通知( ...
我一直想知道如何拦截某个类中特定的方法,而不是所有的方法?
-- by yourgame -
HashTable和HashMap的区 ...
这么多总结,还算你的这个不错,谢谢,学习
-- by lysmart_8
评论排行榜