Home > Developer > Web Develop
Struts custom Interceptor-logon permission control and struts permission Control
Note: The Custom interceptor allows you to control the logon permissions.
Login. jsp ---> LoginAction -- redirection --> MainAction ---> main. jsp
I. 1. Overall steps:
(1). Define the interceptor class. LoginInterceptor (complete logon interception)</Action>
However, after Step 3 is completed, the request parameters cannot be obtained in the Action.
<Default-interceptor-ref name = "defaultStack"/> Configure
<Action> all have default interceptors. Once other interceptors are referenced in the display, the default interceptor is canceled.
Solution: first reference defastack stack and then reference loginInterceptor.
<Action name = "login" class = "cn. wwh. www. web. interceptor. LoginAction">
<! -- Reference the default Interceptor (accepting Request Parameters and other functions), -->
<Interceptor-ref name = "defaultStack"/>
<! -- This Action references the loginInterceptor interceptor -->
<Interceptor-ref name = "loginInterceptor"/>
<Result type = "redirectAction">
<Param name = "actionName"> main. action </param>
</Result>
</Action>
The two interceptors referenced above are defined in one <action> element. If the two interceptors are referenced in the same <package> as multiple <actions>.
Copy the two lines of code.
Solution: We also define the interceptor stack.
<! -- Tell the current <package> default interceptor Stack -->
<Default-interceptor-ref name = "myStack"/>
Ii. Code practice:
1. LoginInterceptor. java:
<strong></strong>
<Strong> package cn. wwh. www. web. interceptor; import java. util. arrays; import java. util. list; import com. opensymphony. xwork2.Action; import com. opensymphony. xwork2.ActionContext; import com. opensymphony. xwork2.ActionInvocation; import com. opensymphony. xwork2.interceptor. abstractInterceptor;/*** class: defines the interceptor class, inherits AbstractInterceptor, *** @ author @ * @ version 1.0 * @ Creation Time: 05:10:23 */public class L OginInterceptor extends actinterceptor {private static final long serialVersionUID = 1L; private List <String> actionNames; // the value of public void setActionNames (String actionNames) {System. out. println ("--->" + actionNames); // remove the parameters in the configuration file using the Arrays tool. <span style = "color: # ff0000;"> this. actionNames = Arrays. asList (actionNames. split (","); </span >}// method of interception @ Overridepublic String interc Ept (ActionInvocation invocation) throws Exception {// if the Session contains an object whose key is USER_IN_SESSION, The ActionContext ctx = invocation should be released. getInvocationContext (); Object user = ctx. getSession (). get ("USER_IN_SESSION"); // get from the Session // if the current Action name is login, the String actionName = invocation should be allowed. getProxy (). getActionName (); // get the name of the current Action System. out. println (actionName); System. out. println ("LoginInterceptor:" + user); // The current Action is login, or when a correct user logs on, the program is allowed. However, it is not included in actionNames in main, and // cannot be passed, therefore, the if condition should be | instead of & if <span style = "color: # 3333ff;"> (user! = Null </span> <span style = "color: # ff0000;" >||</span> <span style = "color: # 3333ff;"> this. actionNames. contains (actionName) </span> {// log on to the System. out. println ("passed, enter the main interface of the program! "); Return invocation. invoke (); // allow} System. out. println (" You have not logged on yet. Please log on! "); // Otherwise return Action. LOGIN; //" login "}}</strong>
2. logon interface: login. jsp
<% @ Page language = "java" contentType = "text/html; charset = UTF-8" %> <! DOCTYPE html PUBLIC "-// W3C // dtd html 4.01 Transitional // EN" "http://www.w3.org/TR/html4/loose.dtd">
3. action class:
Package cn. wwh. www. web. interceptor; import com. opensymphony. xwork2.ActionContext; import com. opensymphony. xwork2.ActionSupport; import com. opensymphony. xwork2.ModelDriven;/*** function: ***** @ author yiye banzhou * @ version 1.0 * @ Creation Time: 05:17:12 */public class LoginAction extends ActionSupport implements ModelDriven <User> {private static final long serialVersionUID = 1L; private User user = new User (); public String execute () throws Exception {System. out. println (user); // you can store data in the session and put the User object in the Session // ServletActionContext. getRequest (). getSession (). setAttribute (name, value) <span style = "color: # ff0000;"> ActionContext. getContext (). getSession (). put ("USER_IN_SESSION", user); </span> return SUCCESS;} public User getModel () {return user ;}}
4. entity class: User. java
Package cn. wwh. www. web. interceptor; import java. io. serializable;/*** class function: *** @ author a boat * @ version 1.0 * @ Creation Time: 05:03:09 */public class User implements Serializable {private static final long serialVersionUID = 1L; private String username; private String password; public String getUsername () {return username ;} public void setUsername (String username) {this. username = username;} public String getPassword () {return password;} public void setPassword (String password) {this. password = password;} @ Overridepublic String toString () {return "User ---> \ n username =" + username + "\ n password =" + password ;}}5. Page after successful user verification: main. jsp
<% @ Page language = "java" contentType = "text/html; charset = UTF-8" %> <! DOCTYPE html PUBLIC "-// W3C // dtd html 4.01 Transitional // EN" "http://www.w3.org/TR/html4/loose.dtd">
6. main action class:
Package cn. wwh. www. web. interceptor; import com. opensymphony. the role of the xwork2.ActionSupport;/*** class: *** @ author yiye banzhou * @ version 1.0 * @ Creation Time: 05:18:16 */public class MainAction extends ActionSupport {private static final long serialVersionUID = 1L; public String execute () throws Exception {return SUCCESS ;}}
7. interceptor. xml configuration file (this should be included in the struts. xml file with include)
<? Xml version = "1.0" encoding = "UTF-8"?> <! DOCTYPE struts PUBLIC "-// Apache Software Foundation // DTD Struts Configuration 2.3 // EN" "http://struts.apache.org/dtds/struts-2.3.dtd"> <struts> <package name = "interceptor" extends = "struts-default "namespace ="/interceptor "> <span style =" color: # 3333ff; "> <interceptors> <! -- Register an interceptor and the interceptor must be before the action --> <interceptor name = "loginInterceptor" class = "cn. wwh. www. web. interceptor. LoginInterceptor"> <! -- Set LoginInterceptor. name of the action that does not need to be intercepted --> <param name = "actionNames"> login, userLogin, xxAction, ooAction </param> </interceptor> <! -- Define an interceptor stack --> <interceptor-stack name = "myStack"> <! -- Reference the default interceptor (accepting Request Parameters and other functions), --> <interceptor-ref name = "defaultStack"/> <! -- This Action references the loginInterceptor interceptor --> <interceptor-ref name = "loginInterceptor"/> </interceptor-stack> </interceptors> </span> <span style = "color: # ff0000; "> <! -- Tell the current <package> default interceptor Stack --> <default-interceptor-ref name = "myStack"/> </span> <! -- Configure the global result View --> <global-results> <result name = "login">/views/interceptor/login. jsp </result> </global-results> <action name = "login" class = "cn. wwh. www. web. interceptor. loginAction "> <result type =" redirectAction "> <! -- Because it is the Action jump of the same namespace, you do not need to configure namespace: <paramname = "namespace">/interceptor </param> --> <param name = "actionName"> main. action </param> </result> </action> <action name = "main" class = "cn. wwh. www. web. interceptor. mainAction "> <result>/views/interceptor/main. jsp </result> </action> </package> </struts>
Note: Only one default interceptor can be specified for each package. In addition, once an interceptor is explicitly specified for an action in the package,
The default interceptor does not work.
How to Use the STRUTS2 Interceptor to implement different logon interfaces with different Permissions<! -- Actions that can only be accessed by admin users -->
<Package name = "onlyadmin" extends = "struts-default">
<Interceptors>
<! -- Define an interceptor named admin -->
<Interceptor class = "edu. cuit. course. interceptor. AdminInterceptor"
Name = "admin"/>
<! -- Define an interceptor stack containing permission check -->
<Interceptor-stack name = "adminInterceptor">
<! -- Configure the built-in default interceptor -->
<Interceptor-ref name = "defaultStack"/>
<! -- Configure a custom interceptor -->
<Interceptor-ref name = "admin">
<Param name = "excludeMethods"> list </param>
</Interceptor-ref>
</Interceptor-stack>
</Interceptors>
<Default-interceptor-ref name = "adminInterceptor"/>
<Global-results>
<Result name = "login">/user/userLogin. jsp </result>
</Global-results>
<Action name = "admin" class = "edu. cuit. course. action. AdminAction">
</Action>
<Action name = "module" class = "edu. cuit. course. action. ModuleAction">
<Result name = "addModule">/module/moduleadd. jsp </result>
<Result name = "addSuccess">/module/suc. jsp </result>
<Result name = "listByPageSuccess">/page/modulelist. jsp </result>
<Result name = "update">/module/moduil-pd ...... remaining full text>
For the interceptor permission control problem in struts2, the logon page is not skipped when no logon occurs.The custom interceptor is not configured in xml. Only the built-in interceptor is configured.
I started to learn about your fuel tank or contact information. Hope to make progress together ·!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
