Detailed description of Struts2 to implement Interception Function for jsp pages not logged on, struts2jsp

Detailed description of Struts2 to implement Interception Function for jsp pages not logged on, struts2jsp

In Struts2, interceptors are often used, but they can only intercept actions and cannot intercept jsp pages. This is a bit embarrassing. In principle, users who have not logged on can only view the login interface and cannot jump to the interface by entering a URL. This is obviously unreasonable. This section describes how to implement jsp page interception by filters in Struts2. (If you are interested, you can study other usage of the Filter, because the Filter can also implement the action blocking function)

The following code is used to analyze the implementation steps and principles.

1. configuration information in web. xml:

<Filter> <filter-name> SessionInvalidate </filter-name> <filter-class> com. tp. action. sessionCheckFilter </filter-class> // class address of the filter core class <init-param> <param-name> checkSessionKey </param-name> // key to be checked in the session <param-value> users </param-value> </init-param> <param-name> redirectURL </param-name> // filter the redirected address <param-value>/login. jsp </param-value> </init-param> <param-name> notCheckURLList </param-name> // jsp that does not need to be filtered <param- value>/login. jsp </param-value> </init-param> </filter> <filter-mapping> <filter-name> SessionInvalidate </filter-name> // file to be filtered <url-pattern> *. jsp </url-pattern> </filter-mapping>

Note the following points:

1. Try to place the filter on the Struts2 configuration code.

2. In SessionInvalidate, <url-pattern> *. jsp </url-pattern> configuration is very important. *. Jsp indicates that css, js, and action are not filtered out on the jsp-only interface. If it is written as/*, all the items will be filtered together. Including css, js, and action. So this place must be carefully checked.

3. SessionCheckFilter:

Package com. tp. action; import java. io. IOException; import java. util. hashSet; import java. util. set; import javax. servlet. filter; import javax. servlet. filterChain; import javax. servlet. filterConfig; import javax. servlet. servletException; import javax. servlet. servletRequest; import javax. servlet. servletResponse; import javax. servlet. http. httpServletRequest; import javax. servlet. http. httpServletRespons E; import javax. servlet. http. httpSession;/*** the filter used to check whether a user logs in. If not, redirect to the keyword * redirectURL saved in the Session to be checked when the checkSessionKey parameter is configured on the logon page. If the user is not logged on, redirect to the specified page, the URL does not include the list of URLs whose ContextPath notCheckURLList * does not check. It is separated by semicolons. The URL does not include ContextPath */public class SessionCheckFilter implements Filter {protected FilterConfig filterConfig = null; private String redirectURL = null; private Set <String> notCheckURL List = new HashSet <String> (); private String sessionKey = null; @ Override public void destroy () {notCheckURLList. clear () ;}@ Override public void doFilter (ServletRequest servletRequest, Zookeeper, FilterChain filterChain) throws IOException, ServletException {HttpServletRequest request = (HttpServletRequest) servletRequest; response = (response E) servletResponse; HttpSession session = request. getSession (); if (sessionKey = null) {filterChain. doFilter (request, response); return;} if ((! CheckRequestURIIntNotFilterList (request) & session. getAttribute ("users") = null) {response. sendRedirect (request. getContextPath () + redirectURL); return;} filterChain. doFilter (servletRequest, servletResponse);} private boolean checkRequestURIIntNotFilterList (HttpServletRequest request) {String uri = request. getServletPath () + (request. getPathInfo () = null? "": Request. getPathInfo (); String temp = request. getRequestURI (); temp = temp. substring (request. getContextPath (). length () + 1); // System. out. println ("include:" + uri + ";" + notCheckURLList + "=" + notCheckURLList. contains (uri); return notCheckURLList. contains (uri) ;}@ Override public void init (FilterConfig filterConfig) throws ServletException {this. filterConfig = filterConfig; redirectURL = filterConfi G. getInitParameter ("redirectURL"); sessionKey = filterConfig. getInitParameter ("checkSessionKey"); String Signature = filterConfig. getInitParameter ("notCheckURLList"); if (notCheckURLListStr! = Null) {System. out. println (notCheckURLListStr); String [] params = notCheckURLListStr. split (","); for (int I = 0; I <params. length; I ++) {notCheckURLList. add (params [I]. trim ());}}}}

The filter function is implemented here. Repeat the information configured in web. xml and check whether the filter is successful.

Summary

This article describes how to implement the Interception Function on the Unlogged jsp page in Struts2. Welcome to refer to: struts2 development process and detailed configuration of Struts2 to modify the size limit of uploaded files. If you have any questions, you can leave a message at any time. The editor will reply to you in a timely manner. Thank you for your support.