1。。
final HttpServletRequest request = ServletActionContext.getRequest();
HttpSession session = request.getSession();
String verifyCode = (String) session.getAttribute("verifyCode");
String clientVerifyCode = request.getParameter("verifyCode");
if (session.getAttribute("verifyPic") != null) {
if (!(StringUtils.hasText(verifyCode) && StringUtils.hasText(clientVerifyCode) && clientVerifyCode
.equalsIgnoreCase(verifyCode))) {
this.addActionError("验证码输入错误!");
return "login";
}
}
String k = PasswordHash.encrypt(this.getPassword());
final CustomerAccess access = this.customerAccessService.login(username, k);
if (access == null) {
this.addActionError("登录失败,请重新登录!");
session.setAttribute("verifyPic", "true");
return LOGIN;
}
对session中去到的verifycode运用完后,删除属性。
session.removeAttribute("verifyPic");
2。。JSP页面中:
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
ActionContext.getContext().put("basePath",basePath);
CustomerUserBean user = (CustomerUserBean) session.getAttribute("User");
ActionContext.getContext().put("isAdmin",user.getUserRecord().getIsadmin());
%>
<s:property value="#basePath" />
<s:property value="#session.User.userRecord.unit.orgId" />
<s:property value="#isAdmin" />