struts2,登录功能模块实现
功能:
·UserLogin作为控制登录的Action,校验密码成功后记录session,可以选择记住登陆状态,登陆成功后自动跳转到登陆前的URL;
·UserLogout作为控制登录推出的Action,移除session,删除cookie;
·MainInfo和HeadInfo模拟了两个相对独立的Action用于展示页面内容;
·LoginInterceptor作为检查登录状态的拦截器,先检查session,后检查本地cookie;
·mainInfo.action和headInfo.action被配置通过LoginInterceptor拦截器检查。
struts.xml配置文件
<struts>
<package name="common-web" extends="struts-default">
<interceptors>
<interceptor name="loginInterceptor" class="loginInterceptor" />
<interceptor-stack name="loginDefaultStack">
<interceptor-ref name="loginInterceptor" />
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="loginDefaultStack" />
<global-results>
<result name="login" type="redirect">userLogin.action</result>
</global-results>
<action name="userLogin" class="userLoginAction">
<result type="redirect">${goingToURL}</result>
<result name="input">/page/user_login.jsp</result>
<interceptor-ref name="defaultStack" />
</action>
<action name="userLogout" class="userLogoutAction"></action>
<action name="mainInfo" class="mainInfoAction">
<result name="success">/page/main.jsp</result>
</action>
<action name="headInfo" class="headInfoAction">
<result name="success">/page/head.jsp</result>
</action>
</package>
</struts>
struts.xml遇到的问题:
1、拦截器与Action必须配置在一个package下,否则拦截器不会对其他package下的Action生效。
2、暂无。
UserLogin.java主要源码
public class UserLogin extends ActionSupport implements ServletResponseAware, SessionAware { private String name; private String password; private boolean rememberMe; private HttpServletResponse response; private Map<String, Object> session; private String goingToURL;//登录前的URL public String execute() throws Exception { //... if (isLoginSucc) { //成功登录后记录session和cookie if (rememberMe) { String t = name + "," + password; Cookie cookie = new Cookie(CommonConstants.COOKIE_KEY_REMEMBER_LOGIN, t); cookie.setMaxAge(CommonConstants.COOKIE_AGE);//设置cookie存活时间 response.addCookie(cookie); } //设置session中的登录用户信息 session.put(CommonConstants.SESSION_KEY_USER_NAME, name); //从session中获取登陆前URL,获取后移除session中的这个值 String goingToURL = (String) session.get(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN); setGoingToURL(goingToURL); session.remove(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN); logger.info("登录成功[" + name + "]"); return SUCCESS; } else { logger.error("登录失败[" + name + "][" + password + "]"); return INPUT; } } //... getter & setter methods }
UserLogin.java遇到的问题:
1、cookie.setDomain(),cookie.setPath()设置错误会导致cookie写入失败;
2、cookie.Value中有分号“;”时,会导致cookie写入失败,改为逗号解决;
LoginInterceptor.java主要源码
public class LoginInterceptor extends AbstractInterceptor { /* (non-Javadoc) * @see com.opensymphony.xwork2.interceptor.AbstractInterceptor#intercept(com.opensymphony.xwork2.ActionInvocation) */ @Override public String intercept(ActionInvocation invocation) throws Exception { ActionContext actionContext = invocation.getInvocationContext(); HttpServletRequest request = (HttpServletRequest) actionContext .get(StrutsStatics.HTTP_REQUEST); Map<String, Object> session = actionContext.getSession(); //首先判断session,查找是否登录成功,通过拦截器 if (session != null && session.get(CommonConstants.SESSION_KEY_USER_NAME) != null) { logger.info("通过拦截器,session中有记录[" + session.get(CommonConstants.SESSION_KEY_USER_NAME) + "]"); return invocation.invoke(); } //其次cookie验证,是否有记住的登录状态 Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (logger.isDebugEnabled()) logger.debug("读取cookie项[" + cookie.getName() + "]"); if (CommonConstants.COOKIE_KEY_REMEMBER_LOGIN.equals(cookie.getName())) { String value = cookie.getValue(); if (StringUtils.isNotBlank(value)) { String[] split = value.split(","); String name = split[0]; String password = split[1]; if (userLoginManager.checkLogin(name, password)) { //check name/password from cookie success logger.info("通过拦截器,cookie中有记录[" + name + "]"); session.put(CommonConstants.SESSION_KEY_USER_NAME, name); return invocation.invoke(); } else { //check name/password from cookie failure setGoingToURL(session, invocation); return Action.LOGIN; } } else { setGoingToURL(session, invocation); return Action.LOGIN; } } } } setGoingToURL(session, invocation); return Action.LOGIN; } private void setGoingToURL(Map<String, Object> session, ActionInvocation invocation) { String url = ""; String namespace = invocation.getProxy().getNamespace(); if (StringUtils.isNotBlank(namespace) && !namespace.equals("/")) { url = url + namespace; } String actionName = invocation.getProxy().getActionName(); if (StringUtils.isNotBlank(actionName)) { url = url + "/" + actionName + ".action"; } if (logger.isDebugEnabled()) logger.debug("拼接登录前URL,结果:" + CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN + "[" + url + "]"); session.put(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN, url); } //... getter & setter methods }
LoginInterceptor.java遇到的问题:
转载:http://blog.csdn.net/welken/article/details/5587068
