鉴于以下代码:
index.jsp
<s:form action="login">
<s:textfield name="userID" label="User ID"></s:textfield>
<s:textfield name="password" label="Password" type="password"></s:textfield>
<s:submit value="Login"></s:submit>
</s:form>
web.xml
<display-name>Struts 2</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>struts2</filter-name>
<filter-class>
org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- How long the sessions will stick around for -->
<session-config>
<session-timeout>30</session-timeout> <!-- for checking purposes only. session timeout is not official -->
</session-config>
struts.xml
<struts>
<constant name="struts.devMode" value="false" />
<package name="order" extends="struts-default">
<interceptors>
<interceptor name="session" class="com.eaylportal.session.SessionInterceptor"/>
<interceptor-stack name="sessionExpireStack">
<interceptor-ref name="session"/>
</interceptor-stack>
</interceptors>
<action name="login" class="com.eaylportal.action.LoginAction">
<interceptor-ref name="sessionExpireStack"/>
<result name="input">/error.jsp</result>
<!-- <result name="success" type="redirectAction">/secure/home</result>-->
<result name="session">/session.jsp</result>
<result name="success">/welcome.jsp</result>
<result name="error">/error.jsp</result>
<result name="disabled">/disabled.jsp</result>
</action>
</package>
</struts>
我对这个 SessionInterceptor 没有任何想法。
SessionInterceptor.java
public class SessionInterceptor extends AbstractInterceptor {
private static final long serialVersionUID = 1L;
@Override
public String intercept(ActionInvocation invocation) throws Exception {
Map<String,Object> session = invocation.getInvocationContext().getSession();
if(session.isEmpty()){
System.out.println(session.containsKey("logged-in"));
return "success"; // session is empty/expired
}
return invocation.invoke();
}
}
最后是我的 ActionClass。
LoginAction.java
public class LoginAction extends ActionSupport implements SessionAware{
private static final long serialVersionUID = 1L;
private String password;
private String username;
Map<String, Object> session;
public String login(){
try {
String sql = "SELECT UAFUSERID, UAFUSERTYPE, UAFACCNTSTATUS from USERACCOUNTFILE WHERE UAFUSERID='"+getUsername()+"' AND UAFPASSWORD='"+getPassword()+"'";
Class.forName("com.mysql.jdbc.Driver");
Connection connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/ibmeaylportaldb", "root", "passw0rd");
Statement statement = connection.createStatement();
ResultSet rs = statement.executeQuery(sql);
System.out.println((rs!=null));
while(rs.next()){
if(rs.getString("UAFACCNTSTATUS").equals("DIS")){
return "disabled";
}
sql = "SELECT * from USERDETAILFILE WHERE UAFUSERID='"+getUsername()+"'";
statement = connection.createStatement();
ResultSet rsUser = statement.executeQuery(sql);
session.put("logged-in", new UserBean(rsUser.getString(1),rsUser.getString(2),rsUser.getString(3),
rsUser.getString(4),rsUser.getString(5),rsUser.getString(6),rs.getString("UAFUSERTYPE")));
if(rs.getString("UAFUSERTYPE").equals("TRNEE")){
return SUCCESS;
}
}
return ERROR;
} catch (Exception e) {
System.out.println(e.getMessage());
}
return ERROR;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
@Override
public void setSession(Map<String, Object> session) {
this.session = session;
}
}
我想到的问题是,我是否必须创建一个保存所有用户 session 的 map 来跟踪他们?我还希望当用户意外关闭浏览器时,在一定时间内,用户仍然可以访问该应用程序而无需再次登录。
最佳答案
在LoginAction中更改
String username;
与
String userID; //variable should match with tag name attribute
并为 userID 创建新的 setter 和 getter。
关于java - 使用 Stuts2 进行 session 跟踪,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/27183050/