1、http://localhost:8083/struts2/user.jsp 表示用户已登陆,存放session对象
2、http://localhost:8083/struts2/quit.jsp 表示用户已退出,移除session对象
3、http://localhost:8083/struts2/login/addUIHelloWorld.do 如果session存在则往下执行,否则提示“你没有权限执行该操作”
4、http://localhost:8083/struts2/login/executeHelloWorld.do 如果session存在则往下执行,否则提示“你没有权限执行该操作”
代码
user.jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
request.getSession().setAttribute("user", "ljq");
%>
用户已经登录
quit.jsp页面
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
request.getSession().removeAttribute("user");
%>
用户已经退出登录
Action类
package com.ljq.action;
public class HelloWorldAction {
private String message;
public String addUI() {
this.message = "addUI";
return "success";
}
public String execute() throws Exception {
this.message = "execute";
return "success";
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
}
权限类
package com.ljq.interceptor;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
/**
* 限制没有登录的用户进入访问页面
*
* @author jiqinlin
*
*/
@SuppressWarnings("serial")
public class PermissionInterceptor implements Interceptor {
public void destroy() {
}
public void init() {
}
public String intercept(ActionInvocation invocation) throws Exception {
Object user = ActionContext.getContext().getSession().get("user");
// 如果user不为null,代表用户已经登录,允许执行action中的方法
if (user != null){
return invocation.invoke();
}
ActionContext.getContext().put("message", "你没有权限执行该操作");
return "success";
}
}
struts.xml配置文件
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
<constant name="struts.i18n.encoding" value="UTF-8" />
<constant name="struts.enable.DynamicMethodInvocation" value="false" />
<constant name="struts.action.extension" value="do" />
<package name="login" namespace="/login" extends="struts-default">
<interceptors>
<!-- 自定义拦截器 -->
<interceptor name="permission" class="com.ljq.interceptor.PermissionInterceptor" />
<!-- 配制默许的拦截器到拦截器栈 -->
<interceptor-stack name="permissionStack">
<!-- 此处先后顺序好像没影响哦,我尝试过是没影响的 -->
<interceptor-ref name="permission" />
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>
<!-- 配置默认的拦截器 -->
<default-interceptor-ref name="permissionStack" />
<!-- 全局变量 -->
<global-results>
<result name="success">/WEB-INF/page/message.jsp</result>
</global-results>
<action name="*HelloWorld" class="com.ljq.action.HelloWorldAction"
method="{1}">
<!-- <interceptor-ref name="permissionStack" /> -->
</action>
</package>
</struts>