这做的是后台管理员登录的功能,如果不登录,无法访问,登录后的页面,防止非管理员的非法登录,但是我写得拦截器为什么不起作用,我访问登录后的页面依然可以访问,我要的效果是,如果访问登录后的页面,就回到登录的页面。这问题搞了5天了还是没有解决,求高手,帮忙?非常的感谢!!!!
//action类
//管理员登录
public String execute(){
try{
LoginDao dao = new LoginDao();
info = dao.loginAll(this.loginId);
if(info == null){
this.getRequest().setAttribute("msg","用户名不存在!");
return this.INPUT; //INPUT 为 ActionSupport类里面的一个标准字符串常量
}
if(!info.getLoginPwd().trim().equals(this.loginPwd.trim())){
this.getRequest().setAttribute("msg","密码错误");
return this.INPUT;
}
}catch (Exception e) {
e.printStackTrace();
}
//将用户的信息放入session中,在用户登录后显示用户的登录名
this.getSession().setAttribute("info",info);
return this.SUCCESS; //SUCCESS 为 ActionSupport类里面的一个标准字符串常量
}
//拦截器类
//登录后台的拦截器
public class CheckLoginInceptor implements Interceptor{
public void destroy() {
}
public void init() {
}
public String intercept(ActionInvocation arg) throws Exception {
HttpServletRequest request = ServletActionContext.getRequest();
LoginInfo login = (LoginInfo)request.getSession().getAttribute("info");
//System.out.println("拦截所有请求"+request.getRequestURI());
//System.out.println(request.getCharacterEncoding()+"====>requeest");
//System.out.println(ServletActionContext.getResponse().getCharacterEncoding()+"=====>response");
ServletActionContext.getResponse().setCharacterEncoding("GBK");
request.setCharacterEncoding("GBK");
if(request.getRequestURI().indexOf("/admin/")!=-1){
System.out.println("执行后台登录拦截器");
//System.out.println(login);
if(login==null){
if(request.getRequestURI().indexOf("admin/login!execute")!=-1){
return arg.invoke();
}
return "loginerror";
}
}
return arg.invoke();
}
}
//strus2.xml
<!-- 用户登录拦截器 -->
<interceptors>
<interceptor name="checklogin" class="com.jy.interceptor.CheckLoginInceptor"></interceptor>
<interceptor-stack name="default">
<interceptor-ref name="checklogin"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 设置默认拦截器 -->
<default-interceptor-ref name="default"></default-interceptor-ref>
<!-- 全局跳转 -->
<global-results>
<result name="loginerror">/admin/login.jsp</result>
</global-results>
<!-- 管理员登录 -->
<action name="login" class="com.jy.action.LoginAction">
<result name="success">/admin/main.jsp</result>
<result name="input">/admin/login.jsp</result>
</action>
------解决方案--------------------------------------------------------
楼主 sturts2提供的拦截器 只能拦截action,不知道你发现没有???所以我建议你还是写个Filter过滤器 ,给你看个例子。
- Java code
package com.chenghui.common.util;import java.io.IOException;import java.util.ArrayList;import java.util.List;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;public class SessionFilter implements Filter { private FilterConfig config; private List<String> excludedUrls = new ArrayList<String>(); /** * 销毁 */ @Override public void destroy() { // TODO Auto-generated method stub } /** * 执行 */ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { // TODO Auto-generated method stub boolean flag = true; HttpServletRequest req = (HttpServletRequest) request; String url = req.getRequestURI(); for (String one : excludedUrls) { if (url.indexOf(one) != -1) { flag = false; break; } } if (flag) { Object obj = req.getSession().getAttribute("loginuser"); if (obj == null) { HttpServletResponse res = (HttpServletResponse) response; res.sendRedirect(PropertyManager.getProperty("contextPath") + "/common/validate-session.jsp"); } else { chain.doFilter(request, response); } } else { chain.doFilter(request, response); } } /** * 初始 */ @Override public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub config = arg0; String s = config.getInitParameter("excludedUrls"); if (s != null) { excludedUrls = StrUtils.split(s, ","); } }}