struts2 实现登录拦截器和验证方法
在struts2中的拦截器的定义是先定义一个类实现Interceptor接口,重写intercept方法。下面是实现登录验证的拦截器。
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.1.7//EN"
"http://struts.apache.org/dtds/struts-2.1.7.dtd">
<struts>
<package name="mystruts" extends="struts-default">
<!-- 定义一个拦截器 -->
<interceptors>
<interceptor name="LoginInterceptors"
class="com.kaishengit.interceptors.LoginInterceptors">
<param name="excludeName">execute,login,index</param>
<param name="sessionName">currUser</param>
</interceptor>
<!-- 拦截器栈 -->
<interceptor-stack name="myInterceptors">
<interceptor-ref name="LoginInterceptors"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 使用此拦截器,也可以针对特定的action进行配置
<interceptor-ref name="myInterceptors" />
-->
<default-interceptor-ref name="myInterceptors"></default-interceptor-ref>
<!-- 定义全局Result -->
<!-- 适用于所有的action -->
<global-results>
<!-- 当返回login视图名时,转入/login.jsp页面 -->
<result name="login" type="redirect">index.jsp</result>
</global-results>
<!-- AppAction -->
<action name="index" class="com..web.AppAction">
<result>/WEB-INF/views/index.jsp</result>
</action>
<action name="login" class="com.web.AppAction" method="login">
<result type="redirectAction">main</result>
<result name="input" type="">/WEB-INF/views/index.jsp</result>
</action>
</package>
</struts>
public class LoginInterceptors extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
private String sessionName;
private String excludeName;
private List<String> list;
public List<String> strlsit(String str) {
String[] s = str.split(",");
List<String> list = new ArrayList<String>();
for (String ss : s) {
list.add(ss.trim());
}
return list;
}
@Override
public void init() {
list = strlsit(excludeName);
}
@Override
public String intercept(ActionInvocation invocation) throws Exception {
String actionName = invocation.getProxy().getActionName();
if (list.contains(actionName)) {
// 请求的是合法
return invocation.invoke();
} else {
// 查看session
Map<String, Object> session = invocation.getInvocationContext()
.getSession();
User user = (User) session.get(sessionName);
if (user == null) {
return "login";
} else {
return invocation.invoke();
}
}
}
public String getSessionName() {
return sessionName;
}
public void setSessionName(String sessionName) {
this.sessionName = sessionName;
}
public String getExcludeName() {
return excludeName;
}
public void setExcludeName(String excludeName) {
this.excludeName = excludeName;
}
public List<String> getList() {
return list;
}
public void setList(List<String> list) {
this.list = list;
}
}
当调用除了execute,login,index三个方法时,先验证是否登录,如果没有登录,调回登陆页。Action实现验证参数值,先让action继承ActionSupport,因为ActionSupport实现了Validateable接口,再重写。validateable方法。Validateable方法是空方法,当login方法调用前验证是否空值,定义方法validateLogin(),以后和业务有关的验证方法定义都是validatexxx(),xxx是执行的业务方法。
public class AppAction extends ActionSupport implements SessionAware,
ServletRequestAware {
private static final long serialVersionUID = 1L;
private Map<String, Object> session;
private HttpServletRequest request;
private User user;
private UserService userService = new UserService();
/**
*
* 去登录页面
*
* @return
*/
public String execute() {
return "success";
}
/**
*
* 登录
*
* @return
*/
public String login() {
if (user == null) {
return "login";
} else {
User loginUser = userService.login(user);
if (loginUser == null) {
return "login";
} else {
// Map<String,Object> session =
// ActionContext.getContext().getSession();
session.put("currUser", loginUser);
// = (HttpServletRequest)
// ActionContext.getContext().get(ServletActionContext.HTTP_REQUEST);
// HttpServletResponse response = (HttpServletResponse)
// ActionContext.getContext().get(ServletActionContext.HTTP_RESPONSE);
return "success";
}
}
}
public void setSession(Map<String, Object> session) {
this.session = session;
}
public void setServletRequest(HttpServletRequest request) {
this.request = request;
}
// get set
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
public void validateLogin() {
if (user == null) {
return;
}
System.out.println("================validateLogin==========");
if ("".equals(user.getUsername()) || user.getUsername() == null) {
addFieldError("userName", "名称必填");
}
if ("".equals(user.getPassword()) || user.getPassword() == null) {
addFieldError("password", "密码不能空");
}
}
public void validate() {
System.out.println("==========================");
}
}
在页面上写<s:fielderror fieldName="userName" theme="simple"/>
<s:fielderror fieldName="password" theme="simple"/>得到验证信息
参考:
http://huangronaldo.iteye.com/blog/1263831