struts2，登录功能模块实现

功能：

·UserLogin作为控制登录的Action，校验密码成功后记录session，可以选择记住登陆状态，登陆成功后自动跳转到登陆前的URL；

·UserLogout作为控制登录推出的Action，移除session，删除cookie；

·MainInfo和HeadInfo模拟了两个相对独立的Action用于展示页面内容；

·LoginInterceptor作为检查登录状态的拦截器，先检查session，后检查本地cookie；

·mainInfo.action和headInfo.action被配置通过LoginInterceptor拦截器检查。

struts.xml配置文件

<struts>
<package name="common-web" extends="struts-default">
<interceptors>
<interceptor name="loginInterceptor" class="loginInterceptor" />

<interceptor-stack name="loginDefaultStack">
<interceptor-ref name="loginInterceptor" />
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>

<default-interceptor-ref name="loginDefaultStack" />

<global-results>
<result name="login" type="redirect">userLogin.action</result>
</global-results>

<action name="userLogin" class="userLoginAction">
<result type="redirect">${goingToURL}</result>
<result name="input">/page/user_login.jsp</result>
<interceptor-ref name="defaultStack" />
</action>

<action name="userLogout" class="userLogoutAction"></action>

<action name="mainInfo" class="mainInfoAction">
<result name="success">/page/main.jsp</result>
</action>

<action name="headInfo" class="headInfoAction">
<result name="success">/page/head.jsp</result>
</action>
</package>
</struts>

struts.xml遇到的问题：

1、拦截器与Action必须配置在一个package下，否则拦截器不会对其他package下的Action生效。

2、暂无。

UserLogin.java主要源码

public class UserLogin extends ActionSupport implements ServletResponseAware, SessionAware { private String name; private String password; private boolean rememberMe; private HttpServletResponse response; private Map<String, Object> session; private String              goingToURL;//登录前的URL

public String execute() throws Exception { //...

if (isLoginSucc) { //成功登录后记录session和cookie
if (rememberMe) { String t = name + "," + password; Cookie cookie = new Cookie(CommonConstants.COOKIE_KEY_REMEMBER_LOGIN, t); cookie.setMaxAge(CommonConstants.COOKIE_AGE);//设置cookie存活时间
response.addCookie(cookie); } //设置session中的登录用户信息
session.put(CommonConstants.SESSION_KEY_USER_NAME, name); //从session中获取登陆前URL，获取后移除session中的这个值
String goingToURL = (String) session.get(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN); setGoingToURL(goingToURL); session.remove(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN); logger.info("登录成功[" + name + "]"); return SUCCESS; } else { logger.error("登录失败[" + name + "][" + password + "]"); return INPUT; } } //... getter & setter methods
}

UserLogin.java遇到的问题：

1、cookie.setDomain()，cookie.setPath()设置错误会导致cookie写入失败；

2、cookie.Value中有分号“;”时，会导致cookie写入失败，改为逗号解决；

LoginInterceptor.java主要源码

public class LoginInterceptor extends AbstractInterceptor { /* (non-Javadoc) * @see com.opensymphony.xwork2.interceptor.AbstractInterceptor#intercept(com.opensymphony.xwork2.ActionInvocation) */ @Override public String intercept(ActionInvocation invocation) throws Exception { ActionContext actionContext = invocation.getInvocationContext(); HttpServletRequest request = (HttpServletRequest) actionContext .get(StrutsStatics.HTTP_REQUEST); Map<String, Object> session = actionContext.getSession(); //首先判断session，查找是否登录成功，通过拦截器
if (session != null && session.get(CommonConstants.SESSION_KEY_USER_NAME) != null) { logger.info("通过拦截器,session中有记录[" + session.get(CommonConstants.SESSION_KEY_USER_NAME) + "]"); return invocation.invoke(); } //其次cookie验证，是否有记住的登录状态
Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if (logger.isDebugEnabled()) logger.debug("读取cookie项[" + cookie.getName() + "]"); if (CommonConstants.COOKIE_KEY_REMEMBER_LOGIN.equals(cookie.getName())) { String value = cookie.getValue(); if (StringUtils.isNotBlank(value)) { String[] split = value.split(","); String name = split[0]; String password = split[1]; if (userLoginManager.checkLogin(name, password)) { //check name/password from cookie success
logger.info("通过拦截器,cookie中有记录[" + name + "]"); session.put(CommonConstants.SESSION_KEY_USER_NAME, name); return invocation.invoke(); } else { //check name/password from cookie failure
setGoingToURL(session, invocation); return Action.LOGIN; } } else { setGoingToURL(session, invocation); return Action.LOGIN; } } } } setGoingToURL(session, invocation); return Action.LOGIN; } private void setGoingToURL(Map<String, Object> session, ActionInvocation invocation) { String url = ""; String namespace = invocation.getProxy().getNamespace(); if (StringUtils.isNotBlank(namespace) && !namespace.equals("/")) { url = url + namespace; } String actionName = invocation.getProxy().getActionName(); if (StringUtils.isNotBlank(actionName)) { url = url + "/" + actionName + ".action"; } if (logger.isDebugEnabled()) logger.debug("拼接登录前URL，结果:" + CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN + "[" + url + "]"); session.put(CommonConstants.SESSION_KEY_URL_BEFORE_LOGIN, url); } //... getter & setter methods
}

LoginInterceptor.java遇到的问题：

转载：http://blog.csdn.net/welken/article/details/5587068