6Struts2拦截器实现权限控制

Posted 2020-07-11 红酒人生

tags:

篇首语：本文由小常识网(cha138.com)小编为大家整理，主要介绍了6Struts2拦截器实现权限控制相关的知识，希望对你有一定的参考价值。

1、创建如下项目结果

2、在com.entity包下创建

 1 package com.entity;
 2 
 3 public class User {
 4     private String name;
 5     private String pwd;
 6     
 7     public User() {
 8     }
 9 
10     public User(String name, String pwd) {
11         this.name = name;
12         this.pwd = pwd;
13     }
14 
15     public String getName() {
16         return name;
17     }
18 
19     public void setName(String name) {
20         this.name = name;
21     }
22 
23     public String getPwd() {
24         return pwd;
25     }
26 
27     public void setPwd(String pwd) {
28         this.pwd = pwd;
29     }
30 
31     @Override
32     public String toString() {
33         return "User [name=" + name + ", pwd=" + pwd + "]";
34     }
35     
36     
37 
38 }

User.java

3、在com.action包下创建LoginAction.java

 1 package com.action;
 2 
 3 import javax.servlet.http.HttpSession;
 4 
 5 import org.apache.struts2.ServletActionContext;
 6 
 7 import com.entity.User;
 8 import com.opensymphony.xwork2.ActionContext;
 9 import com.opensymphony.xwork2.ActionSupport;
10 /**
11  * 登录的Action
12  * @author pc
13  *
14  */
15 public class LoginAction extends ActionSupport {
16     private User user;
17     public String login(){
18         HttpSession session=ServletActionContext.getRequest().getSession();
19         
20         //登录成功,将用户放入session作用域中
21         if(user!=null){
22             System.out.println("user:"+user);
23             //保存用户信息到Session中
24             session.setAttribute("user", user);
25             return SUCCESS;
26         }else{
27             return ERROR;
28         }     
29         
30     }
31     public User getUser() {
32         return user;
33     }
34     public void setUser(User user) {
35         this.user = user;
36     }
37 
38 
39 }

LoginAction.java

4、在com.interceptor包下创建LoginInteceptor.java

 1 package com.interceptor;
 2 
 3 import java.util.Map;
 4 
 5 import javax.servlet.http.HttpSession;
 6 
 7 import org.apache.struts2.ServletActionContext;
 8 
 9 import com.entity.User;
10 import com.opensymphony.xwork2.Action;
11 import com.opensymphony.xwork2.ActionInvocation;
12 import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
13 /**
14  * 权限验证检查拦截器
15  * @author pc
16  *
17  */
18 public class LoginInteceptor extends AbstractInterceptor {
19 
20      @Override
21         public String intercept(ActionInvocation invocation) throws Exception {
22             //Map<String, Object> session=invocation.getInvocationContext().getSession();
23           HttpSession session=ServletActionContext.getRequest().getSession();    
24            User user=(User)session.getAttribute("user");
25             System.out.println("loginInte:"+user);
26             
27             if(user==null){
28                 //请求的Action
29                 return invocation.invoke();
30             }else{
31                 return Action.LOGIN;
32                 
33             }
34         }
35 
36 }

LoginInteceptor.java

5、在src下创建struts.xml文件

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "struts-2.1.dtd" >
 3 <struts>
 4      <!--1. 中文乱码处理 -->
 5      <constant name="struts.i18n.encoding" value="UTF-8"/>
 6       
 7     <package name="default" namespace="/" extends="struts-default">
 8     <!--2. 配置所有拦截器的节点 -->
 9      <interceptors>
10        <!-- 定义权限验证拦截器 -->
11        <interceptor name="myLogin" class="com.interceptor.LoginInteceptor"></interceptor>
12        
13        <!-- 定义拦截器栈 -->
14        <interceptor-stack name="myStack">
15         
16          <!-- 引用自定义拦截器 -->
17          <interceptor-ref name="myLogin"/>
18          
19          <!-- 引用系统默认拦截器 -->
20          <interceptor-ref name="defaultStack"/>
21        </interceptor-stack> 
22      </interceptors> 
23      
24      <!-- 3.定义默认拦截器 -->
25      <default-interceptor-ref name="myStack"/>
26      
27      <!-- 4.定义全局结果 -->
28      <global-results>
29             <result name="login" type="redirect">/login.jsp</result>
30         </global-results>
31      <!-- 5.配置Action=明星 -->
32       <action name="login" class="com.action.LoginAction" method="login">
33         <result name="success">/index.jsp</result>
34         <result name="error">/error.jsp</result>
35         <!-- 引用拦截器==小工 -->
36         <interceptor-ref name="myStack"/>
37       </action>  
38     </package>
39 </struts>

struts.xml

6、在WebRoot下创建login.jsp文件

 1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
 2 <%
 3 String path = request.getContextPath();
 4 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
 5 %>
 6 
 7 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 8 <html>
 9   <head>
10     <base href="<%=basePath%>">
11     
12     <title>My JSP \'index.jsp\' starting page</title>
13     <meta http-equiv="pragma" content="no-cache">
14     <meta http-equiv="cache-control" content="no-cache">
15     <meta http-equiv="expires" content="0">    
16     <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
17     <meta http-equiv="description" content="This is my page">
18     <!--
19     <link rel="stylesheet" type="text/css" href="styles.css">
20     -->
21   </head>
22   
23   <body>
24      <center>
25        <fieldset style="width:300px;">
26          <legend>登录</legend>
27         <!-- 在浏览器直接请求页面，拦截器不会发生任何作用，
28                    拦截器只针对于Action的请求发生作用 
29    也就是login.action走拦截器，直接请求index.jsp不会走拦截器-->
30          <form action="login.action" method="post">
31             <table>
32               <tr>
33                 <td>用户名：</td>
34                 <td><input type="text" name="user.name"/></td>
35               </tr>
36               <tr>
37                 <td>密码：</td>
38                 <td><input type="password" name="user.pwd"/></td>
39               </tr>
40               <tr>
41                 <td><input type="submit" value="提交"/></td>
42                 <td><input type="reset" value="重置"/></td>
43               </tr>
44             </table>
45          </form>
46        </fieldset>
47      </center>
48   </body>
49 </html>

7、在WebRoot下创建index.jsp文件

 1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
 2 <%@taglib uri="/struts-tags" prefix="s"%>
 3 <%
 4 String path = request.getContextPath();
 5 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
 6 %>
 7 
 8 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 9 <html>
10   <head>
11     <base href="<%=basePath%>">
12     
13     <title>My JSP \'index.jsp\' starting page</title>
14     <meta http-equiv="pragma" content="no-cache">
15     <meta http-equiv="cache-control" content="no-cache">
16     <meta http-equiv="expires" content="0">    
17     <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
18     <meta http-equiv="description" content="This is my page">
19     <!--
20     <link rel="stylesheet" type="text/css" href="styles.css">
21     -->
22   </head>
23   
24   <body>
25    <h1>操作成功</h1>
26    <s:if test="user.name eq \'holly\'">
27       holly你来啦?
28    </s:if>
29    <s:else>
30       我不认识你?你是谁?
31    </s:else>       
32   </body>
33 </html>

index.jsp

8、在WebRoot下创建error.jsp文件

 1 <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
 2 <%
 3 String path = request.getContextPath();
 4 String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
 5 %>
 6 
 7 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
 8 <html>
 9   <head>
10     <base href基于url拦截实现权限控制
 struts2拦截器加自定义注解实现权限控制
 036 权限控制介绍 - bos
 项目一:第十二天 1常见权限控制方式 2基于shiro提供url拦截方式验证权限 3在realm中授权 5总结验证权限方式（四种） 6用户注销7基于treegrid实现菜单展示
 权限控制方案之——基于URL拦截
 权限控制方案之——基于URL拦截