struts2 自定义拦截,防止非法操作

<package name="defaults" extends="struts-default">
    
        <interceptors>
            <interceptor name="login"
                class="com.zqgame.interceptor.CheckLoginInterceptor" />
            <interceptor-stack name="myinterceptor">
                <interceptor-ref name="login">
                    <param name="excludeMethods">validateLogin</param>
                </interceptor-ref>
                <interceptor-ref name="defaultStack" /> 
            </interceptor-stack>
        </interceptors>
        <!-- 设置所有Action自动调用的拦截器堆栈 -->
        <default-interceptor-ref name="myinterceptor"></default-interceptor-ref>
        <global-results>
            <result name="error">/err/exception.jsp</result>
            <result name="message">/err/message.jsp</result>
        </global-results>
        
        <global-exception-mappings>
            <exception-mapping exception="java.lang.NullPointerException" result="error" />
            <exception-mapping exception="java.lang.Exception" result="error" />
        </global-exception-mappings>
    </package>

 

action配置里面继承defaults:

<package name="login" namespace="/login" extends="defaults">
        <action name="login_*" class="loginAction" method="{1}">
        
        </action>
    </package>

 

拦截器类实现:

public class CheckLoginInterceptor extends MethodFilterInterceptor {
    
    private Logger log = LoggerFactory.getLogger(CheckLoginInterceptor.class);

    private static final long serialVersionUID = 1L;

    @Override
    protected String doIntercept(ActionInvocation actionInvocation) throws Exception {
        // 确认Session中是否存在LOGIN
        Map<String,Object> session = actionInvocation.getInvocationContext().getSession();
        String login = (String) session.get(SysKey.Login_Key);
        if (login != null && login.length() > 0) {
            // login不为null,登录session有效。
            return actionInvocation.invoke();
        } else {
            // 否则非法操作,返回LOGIN
            log.debug("no login, forward login page!");
            return PageCode.Login;
        }
    }
 }
posted @ 2014-07-16 10:49  独行码夫  阅读(227)  评论(0编辑  收藏  举报