java struts2模拟百度百科图片中的防盗链设置

工作原理

利用strust2的action通配对保护的图片得到后返回流文件,如果目录下没有找到图片,则返回未找到图片提示;对请求的IP进行对比,如果不在允许的IP列表时则返回没有权限的图片。


首先在struts.properties文件中添加查询后缀,struts的默认为action,可以添加多个,中间用“,”隔开

struts.i18n.encoding = UTF-8
struts.action.extension = html,jpg
struts.devMode=true
struts.custom.i18n.resources=messageResource
struts.locale=zh_CN
struts.multipart.saveDir=javax.servlet.context.tempdir
struts.ui.theme=simple
struts.enable.DynamicMethodInvocation=true

添加action类Test,其中有两个属性:String contentType,InputStream bis,前者是制定输出的流文件类型,后一个是文件流

package test.com.eca.service;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.servlet.http.HttpServletRequest;

import main.com.eca.util.JsonUtil;

import org.apache.struts2.ServletActionContext;
import org.nail.common.BaseAction;

import com.opensymphony.xwork2.Action;

public class Test extends BaseAction {
	private BufferedOutputStream bos = null;
	private BufferedInputStream bis = null;
	private String imgPath;
	private String contentType;

	public String testImg() throws Exception {
		HttpServletRequest request = ServletActionContext.getRequest();

		System.out.println("request.getHeader(\"user-agent\")"
				+ request.getHeader("user-agent"));
		System.out.println("请求来源于浏览器 :"+BrowseTool.checkBrowse(request.getHeader("user-agent")));

		// 访问图片后缀
		StringBuffer requestUrl = request.getRequestURL();
		String fileType = requestUrl.substring(requestUrl.lastIndexOf("."));

		// 得到访问的IP
		String reqIp = IpUtils.getIpAddr(request);
		System.out.println("img : " + imgPath + fileType);
		System.out.println("ip : " + reqIp);
		// 的到允许的IP的Map
		if ("127.0.0.1".equals(reqIp)) {
			bis = new BufferedInputStream(new FileInputStream(
					"D:/images/no_acc_image.jpg"));
			return Action.SUCCESS;
		}
		// 判断是否有权限

		try {
			try {
				bis = new BufferedInputStream(new FileInputStream("D:/images/"
						+ imgPath + fileType));
			} catch (Exception e) {
				// e.printStackTrace();
				bis = new BufferedInputStream(new FileInputStream(
						"D:/images/no_image.jpg"));
			}

		} catch (final IOException e) {
			e.printStackTrace();
		} catch (Exception e) {
			e.printStackTrace();
		}
		return Action.SUCCESS;
	}

	public static void main(String[] args) throws Exception {
		System.out.println("abcds".substring("abcds".indexOf("c")));
	}

	public BufferedOutputStream getBos() {
		return bos;
	}

	public void setBos(BufferedOutputStream bos) {
		this.bos = bos;
	}

	public BufferedInputStream getBis() {
		return bis;
	}

	public void setBis(BufferedInputStream bis) {
		this.bis = bis;
	}

	public String getImgPath() {
		return imgPath;
	}

	public String getContentType() {
		return contentType;
	}

	public void setContentType(String contentType) {
		this.contentType = contentType;
	}

	public void setImgPath(String imgPath) {
		this.imgPath = imgPath;
	}

}

/**
 * 
 * @author cc 20120307
 */
class BrowseTool {
	private final static String IE5_5 = "MSIE 5.5";
	private final static String IE9 = "MSIE 9.0";
	private final static String IE8 = "MSIE 8.0";
	private final static String IE7 = "MSIE 7.0";
	private final static String IE6 = "MSIE 6.0";
	private final static String MAXTHON = "Maxthon";
	private final static String QQ = "QQBrowser";
	private final static String GREEN = "GreenBrowser";
	private final static String SE360 = "360SE";
	private final static String FIREFOX = "Firefox";
	private final static String OPERA = "Opera";
	private final static String CHROME = "Chrome";
	private final static String SAFARI = "Safari";
	private final static String OTHER = "其它";

	public static String checkBrowse(String userAgent) {
		if (regex(OPERA, userAgent)) {
			return OPERA;
		} else if (regex(CHROME, userAgent)) {
			return CHROME;
		} else if (regex(FIREFOX, userAgent)) {
			return FIREFOX;
		} else if (regex(SAFARI, userAgent)) {
			return SAFARI;
		} else if (regex(SE360, userAgent)) {
			return SE360;
		} else if (regex(GREEN, userAgent)) {
			return GREEN;
		} else if (regex(QQ, userAgent)) {
			return QQ;
		} else if (regex(MAXTHON, userAgent)) {
			return MAXTHON;
		} else if (regex(IE9, userAgent)) {
			return IE9;
		} else if (regex(IE8, userAgent)) {
			return IE8;
		} else if (regex(IE7, userAgent)) {
			return IE7;
		} else if (regex(IE6, userAgent)) {
			return IE6;
		} else if (regex(IE5_5, userAgent)) {
			return IE5_5;
		}
		return OTHER;
	}

	private static boolean regex(String regex, String str) {
		Pattern p = Pattern.compile(regex, Pattern.MULTILINE);
		Matcher m = p.matcher(str);
		return m.find();
	}
}

class IpUtils {
	public static String getIpAddr(HttpServletRequest request) {
		String ip = request.getHeader("X-Forwarded-For");
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("Proxy-Client-IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("WL-Proxy-Client-IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("HTTP_CLIENT_IP");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getHeader("HTTP_X_FORWARDED_FOR");
		}
		if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
			ip = request.getRemoteAddr();
		}
		return ip;
	}
}

在actionContext.xml文件中加入bean配置:

<bean id="test" class="test.com.eca.service.Test"
		parent="baseAction" scope="prototype">
	</bean>


之后配置action配置

<package name="test" extends="struts-default" namespace="/images">
	<!-- 测试图片权限管理 -->
    <action name="*" class="test" method="testImg">
    	<param name="imgPath">{1}</param>
    	<result type="stream">   
	        <param name="contentType">image/jpeg</param>   
	        <param name="inputName">bis</param>
	        <!-- 指定下载的文件名   -->
	        <!--<param name="contentDisposition">filename="wjc_lgo.jpg"</param>-->
	        <!-- 指定下载文件时的缓冲大小   -->
	        <!--<param name="bufferSize">1024</param>-->
       </result>
    </action>
</package>

其中注意,namespace要加入“/”,否则输入地址“http://xxx/images/abc.jpg”则无法找到,平配置意思为地址路径为“http://xxx/images/”开头的,已“.jpg”结尾的所有的请求都转为处理。

例如:“http://xxx/images/abc.jpg”并将“imgPath”作为参数调用action的方法

inputName指定为action的文件流的名称

下载的文件名、缓冲区大小在此不配置也可以

完成后地址栏输入“http://192.168.2.15:5050/ecs/images/tomcat.jpg”后就可以看到成果了




你可能感兴趣的:(struts2)