本文共 6140 字,大约阅读时间需要 20 分钟。
package cn.sigangjun.action;import java.lang.annotation.ElementType;import java.lang.annotation.Retention;import java.lang.annotation.RetentionPolicy;import java.lang.annotation.Target;/** * 用于识别在进行action调用的时候,标注该方法调用是否需要权限控制,需要什么样的权限的注解类。 * * 该注解类一般会包括两个属性,一个是需要的权限,一个是对应的action。 * * @author sigangjun * */// 表示在什么级别保存该注解信息@Retention(RetentionPolicy.RUNTIME)// 表示该注解用于什么地方@Target(ElementType.METHOD)public @interface Authority { String actionName(); String privilege();}
package cn.sigangjun.action;import java.lang.reflect.Method;import java.util.Date;import org.apache.struts2.ServletActionContext;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.interceptor.Interceptor;/** * 用于拦截请求判断是否拥有权限的拦截器 * * @author sigangjun * */@SuppressWarnings("serial")public class AuthorityInterceptor implements Interceptor { public void destroy() {} public void init() {} public String intercept(ActionInvocation actionInvocation) throws Exception { String methodName = actionInvocation.getProxy().getMethod(); Method currentMethod = actionInvocation.getAction().getClass().getMethod(methodName, null); // 如果该请求方法是需要进行验证的则需执行以下逻辑 if (currentMethod.isAnnotationPresent(Authority.class)) { // 获取权限校验的注解 Authority authority = currentMethod.getAnnotation(Authority.class); // 获取当前请求的注解的actionName String actionName = authority.actionName(); // 获取当前请求需要的权限 String privilege = authority.privilege(); //1、判断客户是否登陆 Employee employee = (Employee) ServletActionContext.getRequest().getSession().getAttribute("employee"); if (employee == null) { System.out.println("++++++++++++++++++++++++++++++++++++++++++++++++++++++"); System.out.println("客户还没登陆或登陆已超时!!!无权限访问!"); System.out.println("++++++++++++++++++++++++++++++++++++++++++++++++++++++"); System.out.println(); return "index"; } System.out.println("++++++++++++++++++++++++++++++++++++++++++++++++++++++"); System.out.println("客户" + employee.getUserName() + "在" + new Date() + "执行了" + actionName + "方法,拥有" + privilege + "权限!!"); System.out.println("++++++++++++++++++++++++++++++++++++++++++++++++++++++"); } return actionInvocation.invoke(); }}
package cn.sigangjun.action;import java.io.Serializable;/** * @author sigangjun * */@SuppressWarnings("serial")public class Employee implements Serializable { private Integer id; private String userName; private String pwd; public Employee() { } public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getUserName() { return userName; } public void setUserName(String userName) { this.userName = userName; } public String getPwd() { return pwd; } public void setPwd(String pwd) { this.pwd = pwd; }}
package cn.sigangjun.action;import com.opensymphony.xwork2.ActionSupport;/** * @author sigangjun * */@SuppressWarnings("serial")public class EmployeeAction extends ActionSupport { /** * 请求该方法需要拥有对test的add权限,会通过拦截器拦截 */ @Authority(actionName = "test", privilege = "add") public String add() { System.out.println("执行了add方法!!!"); return SUCCESS; } /** * 请求该方法的时候需要拥有对test的find权限,会通过拦截器拦截 */ @Authority(actionName = "test", privilege = "find") public String find() throws Exception { System.out.println("执行了find方法!!!"); return SUCCESS; } /** * 不会通过拦截器拦截,因为没对actionName进行权限配置 */ public String delete() throws Exception { System.out.println("执行了delete方法!!!"); return SUCCESS; }}
/index.jsp /login.jsp
struts2 org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter struts2 /*
4.0.0 cn.sigangjun 03struts2 war 0.0.1-SNAPSHOT 03struts2 Maven Webapp http://maven.apache.org org.apache.struts struts2-core 2.3.4.1 org.apache.struts struts2-convention-plugin 2.3.4.1 junit junit 4.10 test log4j log4j 1.2.17 03struts2
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%@page import="cn.sigangjun.action.*"%><% Employee employee=new Employee(); employee.setId(1); employee.setUserName("sigangjun"); employee.setPwd("123456"); request.getSession().setAttribute("employee", employee);%>客户已经登录
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%@taglib uri="/struts-tags" prefix="s"%><%String path = request.getContextPath();String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";%>My JSP 'index.jsp' starting page 欢迎您的到来....