struts 用拦截器进行用户权限隔离,未登录用户跳到登录界面
一般,我们的web应用都是只有在用户登录之后才允许操作的,也就是说我们不允许非登录认证的用户直接访问某些页面或功能菜单项。对于个别页面来说,可能不需要进行拦截,此时,如果项目采用struts view框架来做的话,我们可以用strut的拦截器做一个intercepter类。
首先在项目中独立一个包出来
我们写一个拦截器类,让它继承 MethodFilterInterceptor。
1 /** 2 * 登陆拦截器 3 * @author Administrator 4 * 5 */ 6 public class LoginIntercepter extends MethodFilterInterceptor{ 7 8 9 10 @Override 11 protected String doIntercept(ActionInvocation invoke) throws Exception { 12 Map session = invoke.getInvocationContext().getSession(); //從上下文中獲取session會話,結果為MAP集合,裏面是以json格式保存的相關信息 13 Object user = session.get("user"); //獲取session會話中的會員名稱 14 if(user != null){ 15 return invoke.invoke(); //對該操作不攔截 16 }else{ 17 invoke.getInvocationContext().put("tip","您还没有登录,请登陆系统"); 18 return "loginUI"; //返回登陸界面 19 } 20 } 21 22 23 24 }
加入配置文件interceoper-struts.xml ,其中 name="intercepter" 作为独立的一个全局的package 其他的配置文件只需加入extends="intercepter"即可。尤其
<param name="excludeMethods">xx,xxx</param> 这一代码是过滤的方法 ,即不进行拦截的方法。把对应的方法名放入即可,中间用逗号分隔。
<param name="includeMethods">xx,xxx</param> 这行代码意思,进行拦截的方法,把对应的方法名放入即可,中间用逗号分隔。
1 <?xml version="1.0" encoding="UTF-8" ?> 2 <!DOCTYPE struts PUBLIC 3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN" 4 "http://struts.apache.org/dtds/struts-2.3.dtd"> 5 6 <struts> 7 <package name="intercepter" extends="struts-default"> 8 <interceptors> 9 <!-- 配置未登录进行操作的拦截器 --> 10 <interceptor name="loginInterceptor" class="com.chinawaf.intercepter.action.LoginIntercepter" /> 11 <!-- 重新封装一个默认的拦截器栈 --> 12 <interceptor-stack name="myStack"> 13 <interceptor-ref name="loginInterceptor" > 14 <!-- 设置方法名 ,对应的方法不做拦截 --> 15 <param name="excludeMethods">login,getVerriCode</param> 16 </interceptor-ref> 17 <interceptor-ref name="defaultStack" /> 18 </interceptor-stack> 19 </interceptors> 20 <!-- 为这个包设置默认的拦截器栈 --> 21 <default-interceptor-ref name="myStack" /> 22 23 <global-results> 24 <result name="loginUI">/WEB-INF/jsp/afterend/login.jsp</result> 25 </global-results> 26 27 28 </package> 29 30 </struts>
然后在struts.xml中进行导入:
1 <?xml version="1.0" encoding="UTF-8" ?> 2 <!DOCTYPE struts PUBLIC 3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN" 4 "http://struts.apache.org/dtds/struts-2.3.dtd"> 5 6 <struts> 7 8 <!-- 禁用动态方法访问 --> 9 <constant name="struts.enable.DynamicMethodInvocation" value="false" /> 10 <!-- 配置成开发模式 --> 11 <constant name="struts.devMode" value="false" /> 12 <!-- 配置拓展名为action --> 13 <constant name="struts.action.extention" value="action"/> 14 <!-- 把主题配置成simple --> 15 <constant name="struts.ui.theme" value="simple" /> 16 17 <include file="com/chinawaf/intercepter/config/intercepter-struts.xml"></include> 18 <include file="com/chinawaf/backLogin/conf/backLogin-struts.xml"></include> 19 <include file="com/chinawaf/home/conf/home-struts.xml"></include> 20 <include file="com/chinawaf/rtmp/log/conf/rtmpLog-struts.xml"></include> 21 <include file="com/chinawaf/rtmp/video/conf/rtmpVideo-struts.xml"></include> 22 <include file="com/chinawaf/rtmp/pvw/conf/rtmpPvw-struts.xml"></include> 23 <include file="com/chinawaf/rtmp/waf/conf/rtmpWaf-struts.xml"></include> 24 <include file="com/chinawaf/login/conf/login-struts.xml"></include> 25 <include file="com/chinawaf/backstage/user/conf/user-struts.xml"></include> 26 <include file="com/chinawaf/backstage/servicePage/conf/serve-struts.xml"></include> 27 <include file="com/chinawaf/rtmp/video/conf/rtmpVideo-struts.xml"></include> 28 <include file="com/chinawaf/backstage/api/conf/api-struts.xml"></include> 29 <include file="com/chinawaf/rtmp/monitoring/conf/rtmpMonitoring-struts.xml"></include> 30 <include file="com/chinawaf/cdn/cdn/conf/cdnCdn-struts.xml"></include> 31 <include file="com/chinawaf/cdn/list/conf/cdnList-struts.xml"></include> 32 <include file="com/chinawaf/cdn/cache/conf/cdnCache-struts.xml"></include> 33 <include file="com/chinawaf/cdn/flow/conf/cdnFlow-struts.xml"></include> 34 <include file="com/chinawaf/cdn/manage/conf/cdnManage-struts.xml"></include> 35 <include file="com/chinawaf/cdn/waf/conf/cdnWaf-struts.xml"></include> 36 <include file="com/chinawaf/cdn/visit/conf/cdnVisit-struts.xml"></include> 37 <include file="com/chinawaf/cdn/visitor/conf/cdnVisitor-struts.xml"></include> 38 </struts>
其他的配置文件进行继承,例如登录的xml:
1 <?xml version="1.0" encoding="UTF-8" ?> 2 <!DOCTYPE struts PUBLIC 3 "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN" 4 "http://struts.apache.org/dtds/struts-2.3.dtd"> 5 6 <struts> 7 8 <package name="sysLoginAction" namespace="/" extends="intercepter"> 9 <action name="randPic" class="com.chinawaf.login.action.RandomAction" method="getVerriCode"> 10 <result type="stream"> 11 <param name="contentType">image/jpeg</param> 12 <param name="inputName">inputStream</param> 13 </result> 14 </action> 15 16 <action name="login_*" class="com.chinawaf.login.action.LoginAction" method="{1}"> 17 <result name="loginUI">/WEB-INF/jsp/client/login.jsp</result> 18 <result name="home" type="redirectAction"> 19 <param name="actionName">home</param> 20 </result> 21 </action> 22 </package> 23 24 </struts>
最后,struts 还可有其他的拦截器类,如:AbstractInterceptor ,可以继承此类进行url地址的拦截。
关于 struts2 拦截器的详细介绍,可以参考这篇文章:http://wenku.baidu.com/link?url=GPQkMm2UkyFeRPMWH7RMTqJD1xVV2DWU90b5FwuNzDQjuAnx300jMePNb1IVgxMkM3dek3Irixm-kuTOmClbSQ8vdyEjRPwmAdXqZOlG_GK
