《struts2权威指南》学习笔记之使用拦截器完成权限控制
2008-02-29 15:23
423 查看
本例的功能是,必须指定用户名 scott/tiger 登陆的用户,方能查看系统中viewBook的这个资源,否则直接跳回登陆页面
登陆Action
package auth;
import com.opensymphony.xwork2.ActionSupport;
import com.opensymphony.xwork2.ActionContext;
import java.util.*;
public class LoginAction extends ActionSupport
...{
private String username;
private String password;
public void setUsername(String username)
...{
this.username = username;
}
public String getUsername()
...{
return username;
}
public void setPassword(String password)
...{
this.password = password;
}
public String getPassword()
...{
return password;
}
public String execute() throws Exception
...{
System.out.println("进入execute方法执行体..........");
Thread.sleep(1500);
if (getUsername().equals("scott")
&& getPassword().equals("tiger") )
...{
ActionContext ctx = ActionContext.getContext();
Map session = ctx.getSession();
session.put("user" , getUsername());
return SUCCESS;
}
else
...{
return ERROR;
}
}
}
权限检测拦截器
package auth;
import java.util.Map;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
public class AuthorityInterceptor extends AbstractInterceptor ...{
public String intercept(ActionInvocation invocation) throws Exception ...{
ActionContext ctx=invocation.getInvocationContext();
Map session=ctx.getSession();
String user=(String)session.get("user");
if(user!=null&&user.equals("scott"))...{
return invocation.invoke();
}else...{
ctx.put("tip", "您还没有登录");
return Action.LOGIN;
}
}
}
配置action (struts.xml)
<?xml version="1.0" encoding="GBK"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.custom.i18n.resources" value="globalMessages"/>
<constant name="struts.i18n.encoding" value="GBK"/>
<package name="lee" extends="struts-default">
<interceptors>
<interceptor name="authority" class="auth.AuthorityInterceptor"></interceptor>
</interceptors>
<global-results>
<result name="login">/login.jsp</result>
</global-results>
<!-- 将viewBook.jsp放在web-inf下,防止直接用url访问 -->
<action name="viewBook">
<result>/WEB-INF/viewBook.jsp</result>
<!-- 拦截器一般配置在result之后 -->
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="authority"></interceptor-ref>
</action>
<action name="login" class="auth.LoginAction">
<result name="error">/error.jsp</result>
<result name="success">/welcome.jsp</result>
</action>
</package>
</struts>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>struts-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter-mapping>
<filter-name>struts-cleanup</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
viewBook.jsp 放到web-inf下
<%...@ page contentType="text/html; charset=GBK"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=GBK"/>
<title>作者李刚已经出版的图书:</title>
</head>
<body>
作者已经出版的图书:<p>
Spring2.0宝典<br>
轻量级J2EE企业实战<br>
基于J2EE的Ajax宝典<br>
</body>
</html>
login.jsp
<%...@ page language="java" contentType="text/html; charset=GBK"%>
<%...@taglib prefix="s" uri="/struts-tags"%>
<%...@ page isELIgnored="false" %>
<%...@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>登录页面</title>
</head>
<body>
<div style="color:red" align="center">${requestScope.tip}<div>
<form action="login.action" method="post">
<table align="center">
<caption><h3>用户登录</h3></caption>
<tr>
<td>用户名:<input type="text" name="username"/></td>
</tr>
<tr>
<td>密 码:<input type="text" name="password"/></td>
</tr>
<tr align="center">
<td><input type="submit" value="登录"/><input type="reset" value="重填" /></td>
</tr>
</table>
</form>
<div align="center"><a href="viewBook.action">查看作者出版的图书</a><div>
</body>
</html>
error.jsp
<%...@ page language="java" contentType="text/html; charset=GBK"%>
<html>
<head>
<title>错误页面</title>
</head>
<body>
您不能登录!<br>
<a href="viewBook.action">查看作者出版的图书</a>
</body>
</html>
<%...@ page language="java" contentType="text/html; charset=GBK"%>
<html>
<head>
<title>成功页面</title>
</head>
<body>
您已经登录!<br>
<a href="viewBook.action">查看作者出版的图书</a>
</body>
</html>
运行login.jsp 用scott和tiger登陆,方能浏览viewBook.jsp
登陆Action
package auth;
import com.opensymphony.xwork2.ActionSupport;
import com.opensymphony.xwork2.ActionContext;
import java.util.*;
public class LoginAction extends ActionSupport
...{
private String username;
private String password;
public void setUsername(String username)
...{
this.username = username;
}
public String getUsername()
...{
return username;
}
public void setPassword(String password)
...{
this.password = password;
}
public String getPassword()
...{
return password;
}
public String execute() throws Exception
...{
System.out.println("进入execute方法执行体..........");
Thread.sleep(1500);
if (getUsername().equals("scott")
&& getPassword().equals("tiger") )
...{
ActionContext ctx = ActionContext.getContext();
Map session = ctx.getSession();
session.put("user" , getUsername());
return SUCCESS;
}
else
...{
return ERROR;
}
}
}
权限检测拦截器
package auth;
import java.util.Map;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
public class AuthorityInterceptor extends AbstractInterceptor ...{
public String intercept(ActionInvocation invocation) throws Exception ...{
ActionContext ctx=invocation.getInvocationContext();
Map session=ctx.getSession();
String user=(String)session.get("user");
if(user!=null&&user.equals("scott"))...{
return invocation.invoke();
}else...{
ctx.put("tip", "您还没有登录");
return Action.LOGIN;
}
}
}
配置action (struts.xml)
<?xml version="1.0" encoding="GBK"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.custom.i18n.resources" value="globalMessages"/>
<constant name="struts.i18n.encoding" value="GBK"/>
<package name="lee" extends="struts-default">
<interceptors>
<interceptor name="authority" class="auth.AuthorityInterceptor"></interceptor>
</interceptors>
<global-results>
<result name="login">/login.jsp</result>
</global-results>
<!-- 将viewBook.jsp放在web-inf下,防止直接用url访问 -->
<action name="viewBook">
<result>/WEB-INF/viewBook.jsp</result>
<!-- 拦截器一般配置在result之后 -->
<interceptor-ref name="defaultStack"></interceptor-ref>
<interceptor-ref name="authority"></interceptor-ref>
</action>
<action name="login" class="auth.LoginAction">
<result name="error">/error.jsp</result>
<result name="success">/welcome.jsp</result>
</action>
</package>
</struts>
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5"
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>struts-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter-mapping>
<filter-name>struts-cleanup</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
viewBook.jsp 放到web-inf下
<%...@ page contentType="text/html; charset=GBK"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=GBK"/>
<title>作者李刚已经出版的图书:</title>
</head>
<body>
作者已经出版的图书:<p>
Spring2.0宝典<br>
轻量级J2EE企业实战<br>
基于J2EE的Ajax宝典<br>
</body>
</html>
login.jsp
<%...@ page language="java" contentType="text/html; charset=GBK"%>
<%...@taglib prefix="s" uri="/struts-tags"%>
<%...@ page isELIgnored="false" %>
<%...@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>登录页面</title>
</head>
<body>
<div style="color:red" align="center">${requestScope.tip}<div>
<form action="login.action" method="post">
<table align="center">
<caption><h3>用户登录</h3></caption>
<tr>
<td>用户名:<input type="text" name="username"/></td>
</tr>
<tr>
<td>密 码:<input type="text" name="password"/></td>
</tr>
<tr align="center">
<td><input type="submit" value="登录"/><input type="reset" value="重填" /></td>
</tr>
</table>
</form>
<div align="center"><a href="viewBook.action">查看作者出版的图书</a><div>
</body>
</html>
error.jsp
<%...@ page language="java" contentType="text/html; charset=GBK"%>
<html>
<head>
<title>错误页面</title>
</head>
<body>
您不能登录!<br>
<a href="viewBook.action">查看作者出版的图书</a>
</body>
</html>
<%...@ page language="java" contentType="text/html; charset=GBK"%>
<html>
<head>
<title>成功页面</title>
</head>
<body>
您已经登录!<br>
<a href="viewBook.action">查看作者出版的图书</a>
</body>
</html>
运行login.jsp 用scott和tiger登陆,方能浏览viewBook.jsp
相关文章推荐
- Struts 2读书笔记-----拦截器之示例:使用拦截器完成权限控制
- java struts 2 使用拦截器完成权限控制
- Struts2使用拦截器完成权限控制示例
- Struts 2读书笔记-----拦截器之示例:使用拦截器完成权限控制
- 使用拦截器完成权限控制
- 4.5.12: Struts2的拦截器机制---使用拦截器完成权限控制
- 拦截器最后一讲-使用拦截器完成权限控制
- Struts2使用拦截器完成权限控制示例
- Struts2使用拦截器完成权限控制示例
- Struts2使用拦截器完成权限控制示例
- Struts 2读书笔记-----拦截器之示例:使用拦截器完成权限控制
- Struts2中使用拦截器进行权限控制
- 使用拦截器进行权限的控制
- 在struts中使用拦截器(Interceptor)控制登录和权限
- 在struts2中使用拦截器(Interceptor)控制登录和权限
- Struts之使用拦截器实现的登录权限的控制
- struts2中使用拦截器(Interceptor)控制登录和权限
- 【Spring MVC】教程——使用拦截器实现权限控制
- 使用SpringMVC拦截器做一个简单的权限控制
- struts2中使用session和拦截器控制权限