package com.anxin.struts.interceptor;import javax.servlet.http.HttpServletResponse;import org.apache.struts2.ServletActionContext;import com.anxin.bean.User;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.interceptor.AbstractInterceptor;/** session过期、登录有效性及操作的权限验证拦截器 */public class LoginedCheckInterceptor extends AbstractInterceptor { /** 拦截请求并进行登录有效性验证 */ public String intercept(ActionInvocation ai) throws Exception { //取得请求的URL String url = ServletActionContext.getRequest().getRequestURL().toString(); HttpServletResponse response=ServletActionContext.getResponse(); response.setHeader("Pragma","No-cache"); response.setHeader("Cache-Control","no-cache"); response.setHeader("Cache-Control", "no-store"); response.setDateHeader("Expires",0); User user = null; //对登录与注销请求直接放行,不予拦截 if (url.indexOf("user_login.action")!=-1 || url.indexOf("logout.action")!=-1){ return ai.invoke(); } else{ //验证Session是否过期 if(!ServletActionContext.getRequest().isRequestedSessionIdValid()){ //session过期,转向session过期提示页,最终跳转至登录页面 return "tologin"; } else{ user = (User)ServletActionContext.getRequest().getSession().getAttribute("user"); //验证是否已经登录 if (user==null){ //尚未登录,跳转至登录页面 return "tologin"; }else{ return ai.invoke(); } } } }}
<?xml version="1.0" encoding="gbk"?><!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd"><struts> <package name="anxin" extends="struts-default"> <!-- 配置自定义拦截器LoginedCheckInterceptor --> <interceptors> <interceptor name="loginedCheck" class="com.anxin.struts.interceptor.LoginedCheckInterceptor"/> <interceptor-stack name="mystack"> <interceptor-ref name="loginedCheck" /> <interceptor-ref name="defaultStack" /> </interceptor-stack> </interceptors> <!-- 定义全局result --> <global-results> <!-- 定义名为exception的全局result --> <result name="exception">exception.jsp</result> <result name="tologin">login.jsp</result> </global-results> <!-- 定义全局异常映射 --> <global-exception-mappings> <!-- 捕捉到Exception异常(所有异常)时跳转到exception所命名的视图上 --> <exception-mapping exception="java.lang.Exception" result="exception"/> </global-exception-mappings> <action name="user_*" class="userAction" method="{1}"> <result name="input">login.jsp</result> <result name="success" type="redirect">student_query.action</result> <interceptor-ref name="mystack" /> </action> <action name="student_*" class="studentAction" method="{1}"> <result name="add">jsp/studentAdd.jsp</result> <result name="update">jsp/studentEdit.jsp</result> <result name="query">jsp/studentList.jsp</result> <result name="success" type="redirect">student_query.action</result> <interceptor-ref name="mystack" /> </action> </package> </struts>
联系客服