Background permission verification and background Permissions
We usually encounter this situation. When we click on a URL resource of the website to obtain it, the interface that reminds you to log on is displayed, A possible implementation is shown here.
Framework: Struts
Design Concept: 1. login. jsp implements the logon interface and submits the form to the background Action.
2. Verify the account and password in Aciton. If the verification passes session. put ("loginInfo", username );
3. When a resource needs to be obtained (for example, auth), the url is submitted to the background interceptor, And the request is null through session. get ("loginInfo"), and different values are returned.
4. In struts <action name = "auth">, the result tag maps the returned value to physical resources. The login. jsp page is displayed.
Implementation Details: 1. Configure StrutsPreparedAndExcuteFilter in web. xml.
2. Configure two actions and related results in struts. xml, register an interceptor, and form an interceptor Stack Based on the default intercrptor, and bind it to the action configuration.
3. Implementation of two java classes: loginAction and Interceptor.
Discussion: 1. Why did I not perform the operation for a long time after login. Will remind you to re-remind you to log on?
-------- Session expired
2. Why have you logged on to a website. It is logged on again
-------- This is not a session, but when you log in, the browser saves the account and password locally through cookies. When you log in again, the browser automatically logs in through cookies.