1、拦截器代码如下:
package ssh.security;
import java.util.Map;
import model.login.LoginVo;
import org.apache.log4j.Logger;
import ssh.web.action.LoginPerson;
import ssh.web.action.login.LoginAction;
import ssh.web.action.logout.LogoutAction;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
@SuppressWarnings(serial)
public class LoginInterceptor implements Interceptor {
public static final String LOGIN_PAGE = login;
//public static Student student;
public static LoginVo loginVo;
/**
* 初始化日志引擎
*/
private final Logger logger = Logger.getLogger(s2shLogger);
public void destroy() {
}
public void init() {
}
@SuppressWarnings(unchecked)
public String intercept(ActionInvocation actionInvocation) throws Exception {
Object action = actionInvocation.getAction();
logger.info(LoginInterceptor.class + 拦截到的action为:+action);
// 对LoginAction不做该项拦截 LoginPerson
if (action instanceof LoginPerson || action instanceof LoginAction) {
System.out.println(exit check login, because this is login action.);
return actionInvocation.invoke();
}
if(action instanceof LogoutAction){
System.out.println(exit check logout, because this is logout action.);
return actionInvocation.invoke();
}
// 确认Session中是否存在Student
Map session = actionInvocation.getInvocationContext().getSession();
if(session !=null){
loginVo = (LoginVo) session.get(seStudent);
if (loginVo != null ) {
// 存在的情况下进行后续操作。
System.out.println(already login!+action.toString());
return actionInvocation.invoke();
} else {
// 否则终止后续操作,返回LOGIN
System.out.println(no login, forward login page!);
ActionContext.getContext().put(info, 请先登录系统后再进行操作);
return LOGIN_PAGE;
}
}else {
// 否则终止后续操作,返回LOGIN
System.out.println(no login, forward login page!);
ActionContext.getContext().put(info, 请先登录系统后再进行操作);
logger.warn(非法账号登录);
return LOGIN_PAGE;
}
}
}
2.struts配置文件中,有关拦截器的配置内容如下:
<?xml version=1.0 encoding=UTF-8?>
<!DOCTYPE struts PUBLIC
-//Apache Software Foundation//DTD Struts Configuration 2.0//EN
http://struts.apache.org/dtds/struts-2.0.dtd>
<struts>
<constant name=struts.devMode value=true />
<constant name=struts.objectFactory value=spring></constant>
<constant name=struts.i18n.encoding value=utf-8/>
<include file=/actions/struts_student.xml></include>
<include file=/actions/struts_login.xml></include>
<include file=/actions/struts_page.xml></include>
<include file=/actions/struts_ajax.xml></include>
<package name=struts-comm extends=struts-default>
<!-- 拦截器配置 -->
<interceptors>
<interceptor name=loginInterceptor class=ssh.security.LoginInterceptor></interceptor>
<interceptor-stack name=teamwareStack>
<interceptor-ref name=loginInterceptor/>
<interceptor-ref name=defaultStack/>
</interceptor-stack>
</interceptors>
<default-interceptor-ref name=teamwareStack/>
<global-results>
<result name=login>/main/webapp/pub/index.jsp</result>
</global-results>
</package>
</struts>
3.接受登录请求的Action设置session信息的代码片段:
package ssh.web.action.login;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import model.login.LoginVo;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;
import ssh.comm.util.Tools;
import ssh.service.login.LoginFacade;
import ssh.web.action.LoginPerson;
import com.opensymphony.xwork2.ActionSupport;
@SuppressWarnings(serial)
public class LoginAction extends ActionSupport {
private String account;
private String password;
private String verifyCode;
private LoginFacade loginFacade;
private LoginVo loginVo;
private final Logger logger = Logger.getLogger(LoginPerson.class);
@SuppressWarnings(deprecation)
@Override
public String execute() throws Exception {
logger.info(LoginAction.class + [method:login() 登录账号验证] in ...);
HttpServletRequest request = ServletActionContext.getRequest();
HttpSession session = request.getSession();
/**
* 验证码校验
* */
String icp = (String) session.getAttribute(piccode);
if (icp==null && !Tools.isEmpty(verifyCode)){
icp = verifyCode;
}
if(Tools.isEmpty(verifyCode)|| !icp.equalsIgnoreCase(verifyCode)){
request.setAttribute(errMessage,验证码错误,请重新输入);
return LOGIN;
}
if (!Tools.isEmpty(icp) && !Tools.isEmpty(verifyCode)) {
if (!verifyCode.equalsIgnoreCase(icp)) {
request.setAttribute(errMessage,验证码错误,请重新输入);
return LOGIN;
}
}
/**
* 获取当前登录对象
* 用于判断系统是否已登录
* */
loginVo = this.loginFacade.login(account, password);
if(loginVo != null ){
session.setAttribute(seStudent, loginVo);
return SUCCESS;
}else{
request.setAttribute(err, 用户名或密码错误,请重新输入后登陆);
return LOGIN;
}
}
public String getAccount() {
return account;
}
public void setAccount(String account) {
this.account = account;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getVerifyCode() {
return verifyCode;
}
public void setVerifyCode(String verifyCode) {
this.verifyCode = verifyCode;
}
public LoginFacade getLoginFacade() {
return loginFacade;
}
public void setLoginFacade(LoginFacade loginFacade) {
this.loginFacade = loginFacade;
}
public LoginVo getLoginVo() {
return loginVo;
}
public void setLoginVo(LoginVo loginVo) {
this.loginVo = loginVo;
}
该贴由koei转至本版2014-5-2 16:07:36
当前位置:
论坛首页 »
自由讨论区 »
Tomcat, WebLogic及J2EE讨论区
»
发起投票
技术讨论
加好友
发消息
2013-3-19 17:47:45 |
赞(
操作
