struts2登录拦截
用户没有登录的情况下,如果要进行操作,则直接跳到登录页面先进行登录,想问一下各位大牛要怎么写?求代码
[解决办法]
1.创建拦截器类,需要继承AbstractInterceptor,需要重写intercept方法。在intercept方法里面判断用户是否已登录(主要是在session里面取用户信息),然后做相应的页面导向。
2.在struts中配置刚才的拦截器类,然后与default拦截器组成拦截器组,然后设置该拦截器组为默认拦截器。搞定!
[解决办法]
public class CheckLoginInterceptor implements Interceptor {
private String sessionAttribute;
private String reloginResult;
public void setSessionAttribute(String sessionAttribute) {
this.sessionAttribute = sessionAttribute;
}
public void setReloginResult(String reloginResult) {
this.reloginResult = reloginResult;
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
@Override
public void init() {
// TODO Auto-generated method stub
}
@SuppressWarnings("rawtypes")
@Override
public String intercept(ActionInvocation invocation) throws Exception {
// 读取session
Map session = invocation.getInvocationContext().getSession();
// 判断session中是否有相应的attribute
if (session.containsKey(sessionAttribute)) {
String resultCode = invocation.invoke();
return resultCode;
} else {
return reloginResult;
}
}
}
package org.ohshit.common.interceptors;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import org.springframework.stereotype.Component;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
/**
* 权限控制拦截器 对用户信息 进行查看 或者修改的操作 都将被拦截
* @author Tone
*
*/
@Component("OhShitPowerInterceptor")
public class OhShitPowerInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
@Override
public String intercept(ActionInvocation actioninvocation) throws Exception {
HttpServletRequest request = ServletActionContext.getRequest();
String url = request.getRequestURI();
//System.out.println("url:"+url);
Map<String,Object> session = actioninvocation.getInvocationContext().getSession();
if (url.indexOf("UserInfoAction")!=-1) {
if (session.get("LOGIN_USER")==null) {
request.setAttribute("nomsg", "请先登录");
return "login";
}
}
return actioninvocation.invoke();
}
}
package com.abacus.pace.web.action;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.abacus.pace.common.Constants;
public class SecurityFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
String excludeList = httpRequest.getSession().getServletContext()
.getInitParameter(Constants.EXCLUDEURL);
String currentURL = httpRequest.getRequestURI();
String targetURL = currentURL.substring(
currentURL.lastIndexOf('/') + 1, currentURL.indexOf(';')==-1?currentURL.length():currentURL.indexOf(';')-1);
HttpSession session = httpRequest.getSession(false);
if (!excludeList.contains(targetURL)) {
if (session == null
------解决方案--------------------
session.getAttribute("user")==null ) {
httpResponse.sendRedirect(httpRequest.getContextPath()
+ Constants.LOGIN);
return;
}
}
filterChain.doFilter(httpRequest, httpResponse);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
