第19講 struts2攔截器-登陸驗證
阿新 • • 發佈:2018-11-11
1在HeadFirstStruts2chapter03中,新建com.cruise.model包,新建User類,屬性userName,password,
package com.cruise.model;
public class User {
private String userName;
private String password;
public String getUserName() {
return
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getPassword() {
return
}
public void setPassword(String password) {
this.password = password;
}
}
2新建com.cruise.service包,新建類:UserService類,模擬業務層,寫登陸驗證邏輯
package com.cruise.service;
import
public class UserService {
public boolean login(User user){
if ("cruise".equals(user.getUserName())&& "123456".equals(user.getPassword())) {
return true;
}else{
return false;
}
}
}
3新建UserAction,User屬性(通過JavaBean的屬性注入),UserService屬性,error屬性,在execute方法中邏輯判斷,放在session中
package com.cruise.action;
import java.util.Map;
import com.cruise.model.User;
import com.cruise.service.UserService;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionSupport;
public class UserAction extends ActionSupport{
private User user;
private UserService userService =new UserService();
private String error;
public User getUser() {
return user;
}
public void setUser(User user) {
this.user = user;
}
public String getError() {
return error;
}
public void setError(String error) {
this.error = error;
}
@Override
public String execute() throws Exception {
ActionContext actionContext = ActionContext.getContext();
Map<String, Object> session = actionContext.getSession();
boolean login2 = userService.login(user);
if(login2){
session.put("currentUser", user);
return SUCCESS;
}else{
this.error="使用者名稱和密碼錯誤";
return "error";
}
}
}
5新建ZiYuanAction,只有登陸的時候才能訪問
package com.cruise.action;
import com.opensymphony.xwork2.ActionSupport;
public class ZiYuanAction extends ActionSupport{
@Override
public String execute() throws Exception {
System.out.println("當您登陸成功的時候才可以檢視本資源。。。");
return "ziyuan";
6struts.xml中繼續定義ZiYuanAction,
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<package name="manage" namespace="/" extends="struts-default">
<interceptors>
<interceptor name="LoginInterceptor"class="com.cruise.interceptor.LoginInterceptor"></interceptor>
</interceptors>
<action name="user" class="com.cruise.action.UserAction" >
<result name="success" >success.jsp</result>
<result name="error" >error.jsp</result>
</action>
<action name="ziyuan" class="com.cruise.action.ZiYuanAction" >
<result name="error" >error.jsp</result>
<result name="ziyuan" >ziyuan.jsp</result>
<interceptor-ref name="LoginInterceptor"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</action>
</package>
</struts>
7定義LoginInterceptor,獲取session,判斷session是否有值,如果有值,繼續呼叫;如果沒有值,建立request。將錯誤資訊放在request域中。同時返回字串"error",攔截器中的"error"也能對映到struts.xml檔案中的ZiYuanAction中的<result>標籤。
package com.cruise.interceptor;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import com.cruise.model.User;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
public class LoginInterceptor implements Interceptor{
@Override
public void destroy() {
System.out.println("LoginInterceptor銷燬");
}
@Override
public void init() {
System.out.println("LoginInterceptor初始化");
}
@Override
public String intercept(ActionInvocation invocation) throws Exception {
System.out.println("在Action執行之前。。。");
ActionContext actionContext = invocation.getInvocationContext();
Map<String, Object> session = actionContext.getSession();
Object object = session.get("currentUser");
String result=null;
if(object!=null){
invocation.invoke();
}else{
ActionContext actionContext2 = invocation.getInvocationContext();
HttpServletRequest request = (HttpServletRequest)actionContext2.get(ServletActionContext.HTTP_REQUEST);
request.setAttribute("error", "未登陸,不能檢視資源");
result= "error";
}
System.out.println("在Action執行之後。。。");
return result;
}
}
8login.jsp檔案,
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<form action="user" method="post">
登陸<br>
使用者名稱:<input type="text" name="user.userName"/><br>
密碼:<input type="password" name="user.password" /><br>
<input type="submit" value="登陸" />
</form>
如果您已經登陸,請點選檢視資源:<a href="ziyuan">資源</a>
</body>
</html>
9error.jsp檔案,
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
錯誤訊息提示:${error}
<a href="login.jsp">登入</a>
</body>
</html>
success.jsp檔案,這裡的使用者資訊是從值棧中獲取
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
使用者:${user.userName},登入成功!!!
現在可以檢視資源了<a href="ziyuan">資源</a>
</body>
</html>
ziyuan.jsp檔案,這裡的使用者資訊是從session獲取
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
您好:${currentUser.userName }<br>
這裡是您要檢視的資源
</body>
</html>
10struts.xml優化:修改預設的攔截器棧的方式,把自己的攔截器放到預設的攔截器中,因為自己的攔截器有驗證功能,但是當我們傳送登陸請求的時候就不能有驗證,否則永遠登陸不了。
ps:本例中,error的內容有兩個,一個是在登陸失敗的時候在UserAction中設定的“使用者名稱或密碼錯誤”,這個資訊是通過session設定的;還有一個是被攔截的時候的錯誤資訊,提示“請先登入”,這個資訊是通過request方式設定的。說明request和session在本例總作用是相同的。
登陸成功後,回顯的使用者名稱也是從session中獲取的。
struts.xml優化:
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<package name="manage" namespace="/" extends="struts-default">
<interceptors>
<interceptor name="LoginInterceptor"class="com.cruise.interceptor.LoginInterceptor"></interceptor>
<interceptor-stack name="myStack">
<interceptor-ref name="LoginInterceptor"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="myStack"></default-interceptor-ref>
<global-results>
<result name="error" >error.jsp</result>
</global-results>
<action name="user" class="com.cruise.action.UserAction" >
<result name="success" >success.jsp</result>
<interceptor-ref name="defaultStack"></interceptor-ref>
</action>
<action name="ziyuan" class="com.cruise.action.ZiYuanAction" >
<result name="ziyuan" >ziyuan.jsp</result>
</action>
</package>
</struts>