这几天按照书上的案例对bbs的搭建多少学了点儿东西。其他的倒是没有什么,书上的编程规习惯很好,值得学习,类的划分和接口的定义对功能扩展提供了很大的方便。
在程序中,用到了验证拦截器 AuthenticationInterceptor 。具体代码如下:
1 import java.util.Map; 2 3 import org.model.User; 4 5 import com.opensymphony.xwork2.Action; 6 import com.opensymphony.xwork2.ActionInvocation; 7 import com.opensymphony.xwork2.interceptor.Interceptor; 8 9 10 public class AuthenticationInterceptor implements Interceptor { 11 12 private static final long serialVersionUID = 1L; 13 14 private String message; 15 16 public static final String USER_SESSION_KEY = "UserSessionKey"; 17 18 public void destroy() {} 19 20 public void init() {} 21 22 public String intercept(ActionInvocation actionInvocation) throws Exception { 23 //取得Session 24 Map session = actionInvocation.getInvocationContext().getSession(); 25 //从Session里获得登录时保存进session的User类 26 User user = (User) session.get(USER_SESSION_KEY); 27 //如果用户为空,返回登录页面 28 if (user==null||!user.getGrade().equals("2")) { 29 this.setMessage("您没登陆或不是管理员"); 30 return Action.INPUT; 31 } 32 return actionInvocation.invoke();//返回验证通过 33 } 34 35 public String getMessage() { 36 return message; 37 } 38 39 public void setMessage(String message) { 40 this.message = message; 41 } 42 }
用户登录的 action 类代码如下:
1 import java.util.Map; 2 3 import org.apache.struts2.interceptor.SessionAware; 4 import org.dao.impl.UserDaoImpl; 5 import org.model.User; 6 import org.web.interceptor.AuthenticationInterceptor; 7 8 import com.opensymphony.xwork2.ActionSupport; 9 10 public class UserLoginAction extends ActionSupport implements SessionAware{ 11 private UserDaoImpl dao = new UserDaoImpl(); 12 13 private String username; 14 private String password; 15 private Map session; 16 17 @Override 18 public String execute() throws Exception { 19 User user = dao.isValidUser(username, password); 20 if (null != user) { 21 session.put(AuthenticationInterceptor.USER_SESSION_KEY, user); 22 return SUCCESS; 23 } else { 24 addActionError("用户名与密码不匹配"); 25 return INPUT; 26 } 27 } 28 29 public String getUsername() { 30 return username; 31 } 32 33 public void setUsername(String username) { 34 this.username = username; 35 } 36 37 public String getPassword() { 38 return password; 39 } 40 41 public void setPassword(String password) { 42 this.password = password; 43 } 44 45 public Map getSession() { 46 return session; 47 } 48 49 public void setSession(Map session) { 50 this.session = session; 51 } 52 }
这样就把登录用户以 User 类的实例形式存储起来。每次要取出来使用的时候,只需实现 SessionAware 借口,并通过 Map session; session.get(...)的方式即可。如注销用户登录时的代码如下:
1 import java.util.Map; 2 3 import org.apache.struts2.interceptor.SessionAware; 4 import org.model.User; 5 import org.web.interceptor.AuthenticationInterceptor; 6 7 import com.opensymphony.xwork2.ActionSupport; 8 9 public class UserLogoutAction extends ActionSupport implements SessionAware{ 10 11 private Map session; 12 13 public String execute()throws Exception{ 14 15 //从session取出登陆用户 16 System.out.println("******************session====" + session); 17 User user =(User)session.get(AuthenticationInterceptor.USER_SESSION_KEY); 18 if(user!=null){ 19 //从session删除用户 20 session.remove(AuthenticationInterceptor.USER_SESSION_KEY); 21 addActionError("已注销"); 22 } 23 return INPUT; 24 } 25 26 public Map getSession() { 27 return session; 28 } 29 30 public void setSession(Map session) { 31 this.session = session; 32 } 33 }