struts2,登录功能模块实现

功能:

·UserLogin作为控制登录的Action,校验密码成功后记录session,可以选择记住登陆状态,登陆成功后自动跳转到登陆前的URL;

·UserLogout作为控制登录推出的Action,移除session,删除cookie;

·MainInfo和HeadInfo模拟了两个相对独立的Action用于展示页面内容;

·LoginInterceptor作为检查登录状态的拦截器,先检查session,后检查本地cookie;

·mainInfo.action和headInfo.action被配置通过LoginInterceptor拦截器检查。

 struts.xml配置文件

 

<struts>
    <package name="common-web" extends="struts-default">
        <interceptors>
            <interceptor name="loginInterceptor" class="loginInterceptor" />

            <interceptor-stack name="loginDefaultStack">
                <interceptor-ref name="loginInterceptor" />
                <interceptor-ref name="defaultStack" />
            </interceptor-stack>
        </interceptors>

        <default-interceptor-ref name="loginDefaultStack" />

        <global-results>
            <result name="login" type="redirect">userLogin.action</result>
        </global-results>

        <action name="userLogin" class="userLoginAction">
            <result type="redirect">${goingToURL}</result> 
            <result name="input">/page/user_login.jsp</result>
            <interceptor-ref name="defaultStack" />
        </action>
        
        <action name="userLogout" class="userLogoutAction"></action>

        <action name="mainInfo" class="mainInfoAction">
            <result name="success">/page/main.jsp</result>
        </action>

        <action name="headInfo" class="headInfoAction">
            <result name="success">/page/head.jsp</result>
        </action>
    </package>
</struts>

 

struts.xml遇到的问题:

1、拦截器与Action必须配置在一个package下,否则拦截器不会对其他package下的Action生效。

2、暂无。

UserLogin.java主要源码

 

public class UserLogin extends ActionSupport implements ServletResponseAware, SessionAware {

    private String              name;
    private String              password;
    private boolean             rememberMe;

    private HttpServletResponse response;
    private Map<String, Object> session;

    private String              goingToURL;//登录前的URL

    public String execute() throws Exception {

        //...

        if (isLoginSucc) {

            //成功登录后记录session和cookie
            if (rememberMe) {
                String t = name + "," + password;

                Cookie cookie = new Cookie(CommonConstants.COOKIE_KEY_REMEMBER_LOGIN, t);

                cookie.setMaxAge(CommonConstants.COOKIE_AGE);//设置cookie存活时间
                response.addCookie(cookie);

            }

            //设置session中的登录用户信息                    
            session.put(CommonConstants.SESSION_KEY_USER_NAME, name);

            //从session中获取登陆前URL,获取后移除session中的这个值
            String goingToURL = (String) session.get(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN);
            setGoingToURL(goingToURL);
            session.remove(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN);

            logger.info("登录成功[" + name + "]");
            return SUCCESS;
        } else {
            logger.error("登录失败[" + name + "][" + password + "]");
            return INPUT;
        }
    }
    
    //... getter & setter methods
}

 

 

UserLogin.java遇到的问题:

1、cookie.setDomain(),cookie.setPath()设置错误会导致cookie写入失败;

2、cookie.Value中有分号“;”时,会导致cookie写入失败,改为逗号解决;

LoginInterceptor.java主要源码

 

public class LoginInterceptor extends AbstractInterceptor {

    /* (non-Javadoc)
     * @see com.opensymphony.xwork2.interceptor.AbstractInterceptor#intercept(com.opensymphony.xwork2.ActionInvocation)
     */
    @Override
    public String intercept(ActionInvocation invocation) throws Exception {

        ActionContext actionContext = invocation.getInvocationContext();
        HttpServletRequest request = (HttpServletRequest) actionContext
            .get(StrutsStatics.HTTP_REQUEST);
        Map<String, Object> session = actionContext.getSession();

        //首先判断session,查找是否登录成功,通过拦截器
        if (session != null && session.get(CommonConstants.SESSION_KEY_USER_NAME) != null) {
            logger.info("通过拦截器,session中有记录[" + session.get(CommonConstants.SESSION_KEY_USER_NAME)
                        + "]");
            return invocation.invoke();
        }

        //其次cookie验证,是否有记住的登录状态
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (logger.isDebugEnabled())
                    logger.debug("读取cookie项[" + cookie.getName() + "]");

                if (CommonConstants.COOKIE_KEY_REMEMBER_LOGIN.equals(cookie.getName())) {
                    String value = cookie.getValue();
                    if (StringUtils.isNotBlank(value)) {
                        String[] split = value.split(",");
                        String name = split[0];
                        String password = split[1];

                        if (userLoginManager.checkLogin(name, password)) {
                            //check name/password from cookie success
                            logger.info("通过拦截器,cookie中有记录[" + name + "]");
                            session.put(CommonConstants.SESSION_KEY_USER_NAME, name);
                            return invocation.invoke();
                        } else {
                            //check name/password from cookie failure
                            setGoingToURL(session, invocation);
                            return Action.LOGIN;
                        }
                    } else {
                        setGoingToURL(session, invocation);
                        return Action.LOGIN;
                    }
                }
            }
        }

        setGoingToURL(session, invocation);
        return Action.LOGIN;
    }

    private void setGoingToURL(Map<String, Object> session, ActionInvocation invocation) {
        String url = "";
        String namespace = invocation.getProxy().getNamespace();

        if (StringUtils.isNotBlank(namespace) && !namespace.equals("/")) {
            url = url + namespace;
        }

        String actionName = invocation.getProxy().getActionName();
        if (StringUtils.isNotBlank(actionName)) {
            url = url + "/" + actionName + ".action";
        }

        if (logger.isDebugEnabled())
            logger.debug("拼接登录前URL,结果:" + CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN + "[" + url
                         + "]");
        session.put(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN, url);
    }

    //... getter & setter methods
}

 

LoginInterceptor.java遇到的问题:

转载:http://blog.csdn.net/welken/article/details/5587068

 

你可能感兴趣的:(struts2,登录功能模块实现)