当用户不在 session 中时,我无法阻止用户访问“welcome.jsp”页面,请帮助我实现登录拦截器。这是我的代码。我想做的就是当用户使用他的用户 ID 登录时,检查他是否在 session 中,如果他在 session 中,让他访问其他任何资源,将用户重定向到“somePage”。 TIA
<?xml version="1.0" encoding="UTF-8" ?>
<constant name="struts.convention.default.parent.package"
value="default" />
<constant name="struts.enable.DynamicMethodInvocation" value="false" />
<constant name="struts.custom.i18n.resources" value="global" />
<constant name="struts.objectFactory"
value="org.apache.struts2.spring.StrutsSpringObjectFactory" />
<constant name="struts.i18n.reload" value="false" />
<constant name="struts.configuration.xml.reload" value="false" />
<package name="default" namespace="/default" extends="json-default,struts-default">
<interceptors>
<interceptor name="authentication"
class="com.mycompany.abc.webapp.action.AuthenticationInterceptor" />
<interceptor-stack name="authStack">
<interceptor-ref name="authentication"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
/> -->
<interceptor-stack name="acc-stack">
<!-- <interceptor-ref name="sessionCheck" /> -->
<interceptor-ref name="json">
<param name="enableSMD">true</param>
</interceptor-ref>
<interceptor-ref name="exception" />
<interceptor-ref name="alias" />
<interceptor-ref name="servletConfig" />
<interceptor-ref name="i18n" />
<interceptor-ref name="prepare" />
<interceptor-ref name="chain" />
<interceptor-ref name="debugging" />
<interceptor-ref name="scopedModelDriven" />
<interceptor-ref name="modelDriven" />
<interceptor-ref name="fileUpload" />
<interceptor-ref name="checkbox" />
<interceptor-ref name="multiselect" />
<interceptor-ref name="staticParams" />
<interceptor-ref name="actionMappingParams" />
<interceptor-ref name="params">
<param name="excludeParams">dojo\..*,^struts\..*</param>
</interceptor-ref>
<interceptor-ref name="conversionError" />
<interceptor-ref name="workflow">
<param name="excludeMethods">input,back,cancel,browse</param>
</interceptor-ref>
<interceptor-ref name="timer" />
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="authStack"></default-interceptor-ref>
<global-results>
<result name="login" type="redirect">/home.action</result>
</global-results>
<action name="home">
<interceptor-ref name="defaultStack"></interceptor-ref>
<result name="somePage">/jsp/somePage.jsp</result>
<result name="success">/jsp/xyz.jsp</result>
<result name="homePage">/jsp/homePage.jsp</result>
</action>
<!-- <action class="com.mycompany.abc.webapp.action.LoginAction" name="login">
<interceptor-ref name="defaultStack"></interceptor-ref>
<result name="success">/jsp/welcome.jsp</result>
<result name="somePage">/jsp/somePage.jsp</result>
</action>
<action name="welcome" class="com.mycompany.abc.webapp.action.WelcomeAction">
<interceptor-ref name="defaultStack"></interceptor-ref>
<result name="success">/jsp/welcome.jsp</result>
</action> -->
</package>
登录操作:
@InterceptorRef(value = "defaultStack")
@ParentPackage("struts-default")
@Results({ @Result(name = "success", location = "/jsp/xyz.jsp"),
@Result(name = "error", location = "/jsp/error.jsp"),
@Result(name = "noAccess", location = "/jsp/abc.jsp"),
@Result(name = "somePage", location = "/jsp/somePage.jsp"),
@Result(name = "input", location = "/jsp/login.jsp"), })
public class LoginAction extends ActionSupport implements SessionAware,
ModelDriven<MySession> {
private static final long serialVersionUID = -3369875299120377549L;
private String userId;
private String result = null;
@Autowired
CompService CompService;
MySession MySession = new MySession();
@Autowired
MyServices MyServices;
private Map<String, Object> sessionAttributes = null;
/*private User user = new User();*/
@Override
public String execute() {
System.out.println("inside execute");
System.out.println("userid************" + this.userid);
if (this.userid != null) {
HttpSession session = ServletActionContext.getRequest()
.getSession();
useridProfile profile = MyServices.getuseridProfile(this.userid);
if (profile != null) {
//here i am getting a collection say my Coll
if (myColl.isEmpty()) {
result = "noAcess";
}
else{
sessionAttributes.put("userId", userId);
result = "success";
}
}
return result;
} else if (sessionAttributes.get("userid") == null) {
System.out.println("Not logged in");
System.out.println("userid************" + this.userid);
result = "somePage";
}
return result;
}
@Override
public void setSession(Map<String, Object> sessionAttributes) {
this.sessionAttributes = sessionAttributes;
}
public String getuserId() {
return userid;
}
public void setuserId(String userid) {
this.userid = userid;
}
@Override
public MySession getModel() {
// TODO Auto-generated method stub
return MySession;
}
}
身份验证拦截器
public class AuthenticationInterceptor implements Interceptor{
private static final long serialVersionUID = -5011962009065225959L;
String result=null;
@Override
public void destroy() {
//release resources here
}
@Override
public void init() {
// create resources here
}
@Override
public String intercept(ActionInvocation actionInvocation)
throws Exception {
ActionContext sessionAttributes = actionInvocation.getInvocationContext();
System.out.println("inside auth interceptor");
Object sess = sessionAttributes.get("userid");
System.out.println("inside auth interceptor"+sess);
// User user = (User) sessionAttributes.get("USER");
if(sess == null){
if(sessionAttributes.get("userId") != null){
result = actionInvocation.invoke();
}
return result;
}
else{
return actionInvocation.invoke();
}
}
}
登录jsp
<%@ page language="java" contentType="text/html; charset=US-ASCII"
pageEncoding="US-ASCII"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%-- Using Struts2 Tags in JSP --%>
<%@ taglib uri="/struts-tags" prefix="s"%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
<title>Login Page</title>
</head>
<body>
<h3>Welcome User, please login below</h3>
<s:form action="login">
<s:textfield name="userId" label="userId"></s:textfield>
<s:submit value="Login"></s:submit>
</s:form>
</body>
</html>
最佳答案
您没有使用您在操作中定义的 authStack:
<action name="welcome" class="com.mycompany.abc.webapp.action.WelcomeAction">
<interceptor-ref name="authStack"></interceptor-ref>
<result name="success">/jsp/welcome.jsp</result>
</action>
如果您使用注释,那么WelcomeAction应该有@InterceptorRef(value = "authStack")。
另请注意,不需要这行代码(您没有使用 session ):
HttpSession session = ServletActionContext.getRequest().getSession();
最后(也是最重要的),你的拦截器是错误的。以下行返回 ActionContext,而不是 session :
ActionContext sessionAttributes = actionInvocation.getInvocationContext();
如果您想返回 session ,请尝试:
Map<String, Object> session = ActionContext.getContext().getSession();
关于java - Struts2登录拦截器不工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/20460758/