使用Struts2拦截器进行权限控制
拦截器的作用:1.在action执行前后对请求进行处理;
实现过程:
1.从http://struts.apache.org网页中下载Struts2.3.16类包
2.创建web项目
3.将Struts2类包中的以下jar文件加入到工程的构建路径中或拷贝到项目的lib目录下
4.在web.xml文件中设置核心控制器
5.创建一个动作类
6.创建login.jsp和index.jsp文件,保存目录为WebRoot,addUser.jsp页面保存为WebRoot/resource
7.创建struts.xml,在其中定义拦截器动作包、动作等内容,保存目录为src
8.创建拦截器类
代码:
web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <filter> <filter-name>struts2</filter-name> <filter-class> org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter </filter-class> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>
LoginAction.java
package com.sise.lab3.action; /* * 项目名称:javaII * 包名:com.sise.lab3.action * 类名:LoginAction * 创建人:叶晓东 * 创建时间:2014.3.13 * 类描述:第三周企级javaII的实验。登陆页面的动作类。 * 备注: * @version 1.0 * */ import java.util.Map; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionSupport; public class LoginAction extends ActionSupport{ private String userName;//用户名 private String password;//密码 public String getUserName() { return userName; } public void setUserName(String userName) { this.userName = userName; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } //============================================== public String execute()throws Exception{ Map session=ActionContext.getContext().getSession(); if(userName!=null && userName.equals("叶晓东") && password!=null && password.equals("1")){ session.put("userName", userName); return SUCCESS; } else{ addFieldError("userName","用户名或密码不对"); return LOGIN; } } //======================================== public String addUser()throws Exception{ return SUCCESS; } }
struts.xml
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN" "http://struts.apache.org/dtds/struts-2.3.dtd"> <struts> <package name="javaII" extends="struts-default" > <!-- lab3过滤器 --> <interceptors> <interceptor name="authority" class="com.sise.lab3.interceptor.AuthorityInterceptor"/> <interceptor-stack name="myStack"> <interceptor-ref name="defaultStack"/> <interceptor-ref name="authority"/> </interceptor-stack> </interceptors> <!-- lab3全局result --> <global-results> <result name="login">/lab3/login.jsp</result> </global-results> <!-- lab3 action --> <action name="login3" class="com.sise.lab3.action.LoginAction"> <result name="success" type="redirectAction">addUser</result> </action> <action name="addUser" class="com.sise.lab3.action.LoginAction" method="addUser"> <result name="success">lab3/resource/addUser.jsp</result> <interceptor-ref name="myStack"/> </action> </package> <!-- Add packages here --> </struts>
AuthorityInterceptor.java
package com.sise.lab3.interceptor; import java.util.Map; import com.opensymphony.xwork2.Action; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.interceptor.AbstractInterceptor; //import com.opensymphony.xwork2.ActionContext; //import com.opensymphony.xwork2.ActionInvocation; //import com.opensymphony.xwork2.interceptor.AbstractInterceptor; /* * 项目名称:javaII * 包名:com.sise.lab3.interceptor * 类名:AuthorityInterceptor * 创建人:叶晓东 * 创建时间:2014.3.13 * 类描述:第三周企级javaII的实验。拦截器类。 * 备注: * @version 1.0 * */ public class AuthorityInterceptor extends AbstractInterceptor{ public String intercept(ActionInvocation ai)throws Exception{ ActionContext ctx=ai.getInvocationContext();//创建上下文对象 Map session=ctx.getSession();//创建回话对象 String userName=(String)session.get("userName");//获取回话信息 if(userName!=null){ System.out.println("用户已登录"); return ai.invoke();//跳到下一个拦截器 } else{ ctx.put("tip", "您还没有登陆,亲登录"); return Action.LOGIN; } } }
login.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <%@ taglib prefix="s" uri="/struts-tags" %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!-- 项目名:javaII 文件夹名:lab3 页面名称:login.jsp 页面描述:登陆页面 创建人:叶晓东 创建时间:2014.3.13 备注: @version 1.0 --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>登陆</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <s:property value="tip"/><br><br> <s:form method="post" action="login3.action"> <s:textfield label="userName" name="userName" key="userName"/> <s:password label="password" name="password" key="password"/> <s:submit value="登陆"/> </s:form> </body> </html>
index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!-- 项目名:javaII 文件夹名:lab3 页面名称:index.jsp 页面描述:添加用户 创建人:叶晓东 创建时间:2014.3.13 备注: @version 1.0 --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'index.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <a href="addUser.action">添加用户</a> </body> </html>
addUser.jsp
<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!-- 项目名:javaII 路径:lab3/resource 页面名称:addUser.jsp 页面描述:添加用户 创建人:叶晓东 创建时间:2014.3.13 备注: @version 1.0 --> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'addUser.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <%=session.getAttribute("userName") %>您好, 添加成功 </body> </html>
结果图:
分析:用户还没有登录,就单击index.jsp页面的“添加用户”时,就会跳转到登陆页面。
当用户在登录页面登录后,页面自动跳转到单击index.jsp页面的“添加用户”之后的页面,
无需用户再次点击"添加用户"。