Strut2使用拦截器过滤权限问题

JSP请求(login.jsp)
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'login.jsp' starting page</title>
    
	<meta http-equiv="pragma" content="no-cache">
	<meta http-equiv="cache-control" content="no-cache">
	<meta http-equiv="expires" content="0">    
	<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
	<meta http-equiv="description" content="This is my page">
	
	<script type="text/javascript">
		function abc(id){
			var buttonObj = document.getElementById(id);
			buttonObj.style.color="red";
		}
		function efg(id){
			var buttonObj = document.getElementById(id);
			buttonObj.style.color="black";
		}
	</script>
	
  </head>
  
  <body>
  	<div style="color:red" align="center">${requestScope.tip}</div>
    <form action="login.action" method="post">
    	<table align="center">
    		<caption><h2>用户登录</h2></caption>
    		<tr>
    			<td style="font-style: inherit;color: green">用户名:<input type="text" name="username" style="color: red;background: #fffddd" /></td>
    		</tr>
			<tr>
				<td style="font-style: inherit;color: green">密&nbsp;&nbsp;码:<input type="password" name="password" style="color: red;background: #fffddd"/></td>
			</tr>
			<tr align="center">
				<td colspan="2"><input id="1" onmouseover="javascript:abc(this.id)" onmouseout="javascript:efg(this.id)" style="color: black" type="submit" value="登录"/>
				<input type="reset" id="2" onmouseover="javascript:abc(this.id)" onmouseout="javascript:efg(this.id)" style="color: black" value="重填" /></td>
			</tr>
    	</table>
    </form>
    <div align="center"><a href="viewBook.action">
	查看图书</a><div>
  </body>
</html>
 

struts.xml文件 
<?xml version="1.0" encoding="GBK"?>
<!-- 指定Struts 2配置文件的DTD信息 -->
<!DOCTYPE struts PUBLIC
	"-//Apache Software Foundation//DTD Struts Configuration 2.1//EN"
	"http://struts.apache.org/dtds/struts-2.1.dtd">
<!-- struts是Struts 2配置文件的根元素 -->
<struts>
	
	<package name="login" namespace="/" extends="struts-default">
		<interceptors>
			<interceptor name="authority" class="com.lbx.interceptor.AuthorityInterceptor" />
		</interceptors>
		
		<global-results>
			<result name="login">/login.jsp</result>
		</global-results>
		
		<action name="login" class="com.lbx.action.LoginAction">
			<result>/success.jsp</result>
			<result name="error">/error.jsp</result>
		</action>
		
		<action name="viewBook">
			<!-- 返回success视图名时,转入/WEB-INF/jsp/viewBook.jsp页面 -->
			<result>/viewBook.jsp</result>
			<!-- 拦截器一般配置在result元素之后! -->
			<interceptor-ref name="defaultStack"/>
			<!-- 应用自定义拦截器 -->
			<interceptor-ref name="authority"/>
		</action>
		
	</package>

</struts>
 

User类 
package com.lbx.model;

public class User {
	private String username;
	private String password;
	public String getUsername() {
		return username;
	}
	public void setUsername(String username) {
		this.username = username;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}
	
}
 

过滤器(实现AbstractInterceptor接口) 
package com.lbx.interceptor;
import java.util.Map;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

@SuppressWarnings("serial")
public class AuthorityInterceptor extends AbstractInterceptor {

	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		//取得相关的ActionContext实例
		ActionContext ctx = invocation.getInvocationContext();
		Map session = ctx.getSession();
		
		String user = (String)session.get("user");
		if(user!=null && user.equals("libinxuan")){
			return invocation.invoke();
		}
		ctx.put("tip", "你还没有登录,请输入libinxuan登录系统");
		return Action.LOGIN;
	}

}
 

Action 
package com.lbx.action;

import java.util.Map;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;

@SuppressWarnings("serial")
public class LoginAction extends ActionSupport {

	private String username;
	private String password;

	// 封装处理结果的tip属性
	public String getUsername() {
		return username;
	}
	public void setUsername(String username) {
		this.username = username;
	}
	public String getPassword() {
		return password;
	}
	public void setPassword(String password) {
		this.password = password;
	}
	@Override
	public String execute() throws Exception {
		Thread.sleep(1500);
		if (getUsername().equals("libinxuan")) {
			ActionContext ctx = ActionContext.getContext();
			Map session = ctx.getSession();
			session.put("user", getUsername());
			return SUCCESS;
		} else {
			return ERROR;
		}
	}

}
 
error.jsp部分代码
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@taglib prefix="s" uri="/struts-tags"  %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'success.jsp' starting page</title>
    
	<meta http-equiv="pragma" content="no-cache">
	<meta http-equiv="cache-control" content="no-cache">
	<meta http-equiv="expires" content="0">    
	<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
	<meta http-equiv="description" content="This is my page">
	<!--
	<link rel="stylesheet" type="text/css" href="styles.css">
	-->

  </head>
  
  <body>
    <s:debug></s:debug>
   	您不能登录!<br />
	<a href="viewBook.action">查看图书</a>
  </body>
</html>
 

success.jsp部分代码 
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@taglib prefix="ss" uri="/struts-tags" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'success.jsp' starting page</title>
    
	<meta http-equiv="pragma" content="no-cache">
	<meta http-equiv="cache-control" content="no-cache">
	<meta http-equiv="expires" content="0">    
	<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
	<meta http-equiv="description" content="This is my page">
	<!--
	<link rel="stylesheet" type="text/css" href="styles.css">
	-->

  </head>
  
  <body>
    <ss:debug></ss:debug>
  	 您已经登录!<br />
	<a href="viewBook.action">查看图书</a>
  </body>
</html>
 

viewBook.jsp部分代码
<%@ page contentType="text/html; charset=UTF-8" language="java" errorPage="" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<title>作者的图书:</title>
</head>
<body>
	<h3>作者的图书:</h3>
	Java<br />
	Java EE<br />
	Ajax<br />
</body>
</html>
 



 

你可能感兴趣的:(JavaScript,jsp,struts,css,cache)