Ext JS 登陆 Java权限验证 页面自动跳转

     一、登陆页面设计

   使用Ext JS4制作系统登陆页面代码如下：

Ext.define('MyApp.view.loginform', {
extend: 'Ext.form.Panel',

height: 200,
width: 462,
renderTo:'login',
bodyStyle: 'padding:20px 5px 5px 0px',
iconCls: 'user',
title: '物资采购管理系统',
url: 'login.action',//登陆请求的struts2 具体action

initComponent: function() {
var me = this;

Ext.applyIf(me, {
items: [
{
xtype: 'textfield',
fieldLabel: '用户名',
labelAlign: 'right',
anchor: '88%',
name:'username'
},
{
xtype: 'textfield',
fieldLabel: '密码',
labelAlign: 'right',
anchor: '88%',
name:'password'
},
{
xtype: 'fieldcontainer',
height: 95,
width: 371,
layout: {
type: 'absolute'
},
fieldLabel: '',
anchor: '80%',
items: [
{
xtype: 'checkboxfield',
fieldLabel: '',
hideLabel: false,
labelAlign: 'right',
labelSeparator: '  ',
boxLabel: '记住密码',
x: 104,
y: 0
},
{
xtype: 'button',
handler: function(button, event) {
this.up('form').getForm().submit({//提交页面
success: function(form, action) {
window.location=action.result.addr;//根据返回结果重新载入页面
},
failure: function(form, action) {
Ext.Msg.alert('Failed', action.result.msg);//弹出登陆错误对话框
}

});
},
width: 70,
iconCls: 'save',
text: '确        定',
x: 140,
y: 30
},
{
xtype: 'button',
width: 70,
iconCls: 'delete',
text: '取         消',
x: 260,
y: 30
}
]
}
]
});

me.callParent(arguments);
}

});

二、业务逻辑代码

        实际登陆是通过Ext JS 的AJAX方式进行的，系统的业务层使用的是Struts2框架，具体配置和代码如下：
struts.xml文件中action 配置:

<action name="login" class="com.ronganpower.drawing.LoginAction">
<result type="json"/>
</action>

       LoginAction业务代码:

public class LoginAction {
private String username;
private String password;

public String execute() throws IOException, JSONException{
ActionContext ctx = ActionContext.getContext();
HttpServletResponse response = (HttpServletResponse) ctx.get(ServletActionContext.HTTP_RESPONSE);
HttpServletRequest servletRequest = (HttpServletRequest) ctx.get(ServletActionContext.HTTP_REQUEST);
HttpSession session = servletRequest.getSession();
session.setAttribute("username", username);
JSONObject jsonobj = new JSONObject();
jsonobj.put("success", true);
jsonobj.put("msg", "登陆成功");
jsonobj.put("addr", session.getAttribute("addr"));//将上一页的地址发送到客户端
session.removeAttribute("addr");//删除保存的上一页地址

response.setCharacterEncoding("GB2312");
response.setContentType("text/html;charset=GB2312");
PrintWriter out = response.getWriter();
out.print(jsonobj.toString());

return null;
} ……

三、权限验证

         web.xml中filter配置：

<filter>
<filter-name>LoginFilter</filter-name>
<filter-class>com.ronganpower.drawing.LoginFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>LoginFilter</filter-name>
<url-pattern>*.html</url-pattern>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.action</url-pattern>
<url-pattern>*.json</url-pattern>
</filter-mapping>

       LoginFilter类doFilter方法：

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {

HttpServletRequest servletRequest = (HttpServletRequest) request;
HttpServletResponse servletResponse = (HttpServletResponse) response;
HttpSession session = servletRequest.getSession();
String path = servletRequest.getRequestURI();
if (session.getAttribute("username") != null || path.indexOf("login") > -1) {//登录后才能访问
chain.doFilter(request, response);
} else {
session.setAttribute("addr", path.substring(path.lastIndexOf("/") + 1));//如果没有登陆则将访问的地址存入session备用
servletResponse.sendRedirect("/wzcg/login.html");//请求重定向到登陆页面
}
}