struts2 拦截器使用例子

今天刚学了用struts2的拦截器,就用他做了个权限控制的小例子来加深对拦截器的认识.用户经合法途径登陆后用户登陆信息会保存在session中,用户在访问其他资源时,拦截器会首先查看session中是否有用户信息.从而控制用户登陆

login.jsp系统登录页

<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
  </head>
  <body>
    <s:form name="form1" action="login">
    <s:textfield name="username" label="username"></s:textfield>
    <s:password name="password" label="password"></s:password>
    <s:submit value="submit"/>
    </s:form>
  </body>
</html>
 

package com.huan.tv.web;

import com.huan.tv.domain.User;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;

public class LoginAction extends ActionSupport {

 private static final long serialVersionUID = 7016663291573110941L;
 private String username;
 private String password;
 
 @Override
 public String execute() throws Exception {
  if("java".equals(username.trim())&&"123".equals(password.trim())){
   User user = new User(username,password);
   ActionContext.getContext().getSession().put("user", user);
  }
  return SUCCESS;
 }
 
 public String getUsername() {
  return username;
 }
 public void setUsername(String username) {
  this.username = username;
 }
 public String getPassword() {
  return password;
 }
 public void setPassword(String password) {
  this.password = password;
 }
 
}
Uer.java类封装了用户登陆的信息

package com.huan.tv.domain;

public class User {

 private String username;
 private String password;
 public User() {
  super();
 }
 public User(String username, String password) {
  super();
  this.username = username;
  this.password = password;
 }
 public String getUsername() {
  return username;
 }
 public void setUsername(String username) {
  this.username = username;
 }
 public String getPassword() {
  return password;
 }
 public void setPassword(String password) {
  this.password = password;
 }
 
}
下面就是关键的拦截器了

package com.huan.tv.web;

import javax.servlet.http.HttpServletResponse;

import org.apache.struts2.ServletActionContext;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class AuthorInterceptor extends AbstractInterceptor {

 private static final long serialVersionUID = 5359767511938232965L;

 public String intercept(ActionInvocation invocation) throws Exception {
  ActionContext ac = ActionContext.getContext();
  Object user = ac.getSession().get("user");
  if (user != null) {
   return invocation.invoke();
  } else {
   HttpServletResponse response = ServletActionContext.getResponse();
   response.setContentType("text/html;charset=UTF-8");
   response.getWriter().write(
     "<script language=\"javascript\">alert('请登录系统！');parent.location.href='"
       + ServletActionContext.getRequest()
         .getContextPath() + "/login.jsp';</script>");
  }
  return null;
 
 }

}
拦截器就是通过判断session里user是否有值,user为空说明用户没有登陆就返回首页.登陆后就invocation.invoke();将控制权转交给Action的execute方法

配置文件struts.xml

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
    "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
    "http://struts.apache.org/dtds/struts-2.0.dtd">

<struts>
 <package name="base-package" extends="struts-default">
  <interceptors>
   <interceptor name="author"
    class="com.huan.tv.web.AuthorInterceptor" />
   <interceptor-stack name="permissionStack">
    <interceptor-ref name="defaultStack" />
    <interceptor-ref name="author" />
   </interceptor-stack>
  </interceptors>
  
  <action name="login" class="com.huan.tv.web.LoginAction">
  <result>/welcome.jsp</result> 
  </action>
  <action name="view" class="com.huan.tv.web.ViewAction">
  <result>/index.jsp</result>
  <interceptor-ref name="permissionStack"/>
  </action>
 </package>
</struts>

我们定义了一个拦截器栈,它包含刚写了权限拦截器和默认拦截器.login是登陆的不用权限控制.view是登陆后查看的需要加上拦截器.如果用户不登陆直接访问view.action则系统拦截器就会起作用,提示用户登陆后才能操作.

welcome.jsp登陆后的欢迎页

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
  </head>
 
  <body>
    登陆成功! <br>
    <s:form action="view">
    <s:submit value="submit"/>
    </s:form>
  </body>
</html>
index.jsp

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
  </head>
 
  <body>
   经过view.action后访问的 <br>
  </body>
</html>
最后别忘了web.xml中添加struts2

<filter>
  <filter-name>Struts2</filter-name>
  <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
  </filter>
 
  <filter-mapping>
  <filter-name>Struts2</filter-name>
  <url-pattern>*.action</url-pattern>
  </filter-mapping>
 
  <filter-mapping>
  <filter-name>Struts2</filter-name>
  <url-pattern>*.jsp</url-pattern>
  </filter-mapping>