1

我正在使用 struts 2 MVC 框架开发一个 Web 应用程序。我目前正在研究它的登录模块。我对这些技术很陌生。我在维护会话方面遇到问题。我希望如果有人直接点击个人资料页面(成功登录时打开的页面)的 url,那么他或她会被重定向回登录页面。此外,如果有人使用错误的凭据登录,那么他会再次被重定向回登录页面。此外,如果他输入一些登录详细信息,则首先必须检查凭据,如果凭据正确,则必须设置会话变量。在呈现个人资料页面之前,会检查会话变量是否已设置。如果只设置了会话变量,则控制传递到配置文件页面。

下面是我的登录表单代码 loginPage.jsp: 此页面向用户显示登录页面:

    <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%@ taglib prefix="s" uri="/struts-tags" %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>LOGIN PAGE</title>
</head>
<body>
  <s:form action="login" method="post">
    <s:textfield name="login.username" label="Username"/>
    <s:password name="login.password" label="Password"/>
    <s:submit value="SUBMIT" align="center"/>
    <s:reset value="RESET" align="center"/>
  </s:form>
</body>
</html>

现在是我的 loginAction 类:这是我的操作类,对应于在登录表单上单击登录按钮时产生的登录操作。

package com.view;
import java.util.Map;
import org.apache.struts2.interceptor.SessionAware;
import com.controller.LoginManager;
import com.model.Login;
import com.model.UserDetails;
public class LoginAction implements SessionAware{
    private Login login;
    private LoginManager loginManager;
    private UserDetails userDetails;
    Map<String,Object> map;
    public LoginAction()
    {
        loginManager=new LoginManager();
    }
    public String loginLink()
    {
        return "loginClicked";
    }
    public String checkLogin()
    {
       try
       {
        //String loggedInUsername=null;
        System.out.println("---------"+login.getUsername());

        /*if(map.containsKey("username"))
        {
            loggedInUsername=(String)map.get("username");
        }*/
        userDetails=loginManager.check(login);
        /*if(loggedInUsername!=null && loggedInUsername==userDetails.getUsername())
        {
            return "loginSuccess";
        }*/
        if(userDetails!=null && userDetails.getUsername()!=null)
        {
            map.put("login",true);
            map.put("username",userDetails.getUsername());
            map.put("name",userDetails.getName());
            map.put("sex",userDetails.getSex());
            map.put("email",userDetails.getEmail());
            map.put("phoneno",userDetails.getPhone_no());
            System.out.println("Inside session map creation that is Successful login");
            return "loginSuccess"; 
        }
        else
        {
            System.out.println("Inside check login with invalid credentials");
            return "loginClicked";
        }
       }catch(Exception ex)
       {
           System.out.println("Inside exception of checkLogin.");
           return "loginClicked";
       }
    }
    public void setLogin(Login login)
    {
        this.login=login;
    }
    public Login getLogin()
    {
        return login;
    }
    @Override
    public void setSession(Map<String, Object> map) {
        this.map=map;
    }
}

loginManager 类:该类处理数据库部分。在此类中检查登录凭据。

package com.controller;
import org.hibernate.Query;
import org.hibernate.classic.Session;
//import java.util.List;
import com.model.Login;
import com.model.UserDetails;
import com.util.HibernateUtil;
public class LoginManager extends HibernateUtil{

        UserDetails userDetails;
        public UserDetails check(Login login)
        {
          Session session = HibernateUtil.getSessionFactory().getCurrentSession();
          session.beginTransaction();
          try
          {
            System.out.println("Inside try block to retrieve from db");
            String hql="FROM UserDetails where username='"+login.getUsername()+"' and password='"+login.getPassword()+"' and role='U'";
            Query query = session.createQuery(hql);
            System.out.println("Query Created");
            userDetails=(UserDetails)query.uniqueResult();
            //System.out.println("Returned Username"+userDetails.getUsername());
            //System.out.println("Returned Password"+userDetails.getPassword());
            session.getTransaction().commit();
          }catch(Exception ex){
              System.out.println("Exception generated is "+ex.getMessage());
              session.getTransaction().rollback();
              userDetails=null;
              ex.printStackTrace();
          }
          return userDetails;
        }
}

下面是我的 struts.xml 文件:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
   "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
   "http://struts.apache.org/dtds/struts-2.0.dtd">

<struts>
    <constant name="struts.devMode" value="true" />
    <package name="package2" extends="struts-default">

        <interceptors>
         <interceptor name="myinterceptor" class="interceptors.LoginInterceptor" />
         <interceptor-stack name="myinterceptorSt">
            <interceptor-ref name="myinterceptor" />
            <interceptor-ref name="defaultStack" />
        </interceptor-stack>
        </interceptors>



        <action name="registerLink" class="com.view.RegisterAction" method="registerLink">
            <result name="registerLinkClicked">/registerPage1.jsp</result>
        </action>

        <action name="register" class="com.view.RegisterAction" method="addUser">
            <result name="registered">/registrationSuccess.jsp</result>
        </action>

        <action name="login" class="com.view.LoginAction" method="checkLogin">
            <interceptor-ref name="myinterceptorSt" /> 
            <result name="loginSuccess" type="redirect">/profile.jsp</result>
            <result name="loginFail">/loginFail.jsp</result>
            <result name="loginClicked">/loginPage.jsp</result>
        </action>

        <action name="sessionCheck" class="com.view.SessionCheckAction">
            <result name="sessionCheckSuccess"></result>
        </action>

        <action name="loginLink" class="com.view.LoginAction" method="loginLink">
            <result name="loginClicked">/loginPage.jsp</result>
        </action>

    </package>
</struts>

任何人都可以帮助我编写应该编写的拦截器代码,以实现我上面指定的功能。

4

1 回答 1

2

我阅读了评论,正如 Dave Newton 提到的,这是拦截器代码:

public class LoginInterceptor extends AbstractInterceptor {
@Override
public String intercept(final ActionInvocation invocation) throws Exception {
    Map<String, Object> session = ActionContext.getContext().getSession();

    String username = (String) session.get("username");//getting username from session

    // If the user is already logged-in, then let the request through.
    if (username != null) {
        return invocation.invoke();
    }

    Object action = invocation.getAction();  // get which action class is called

    // for the first action LoginAction interceptor will allow request to be forwarded.
    if (action instanceof LoginAction) {
        return invocation.invoke();
    }
    else {
        return "notAuthorized";
    }
 }
}

现在,在struts.xml下面添加代码<interceptors></interceptors> 

<global-results>
    <result name="notAuthorized">/loginPage.jsp</result>
</global-results>

此答案基于您的代码。我推荐了这个最好的帖子
这里有几个链接可以帮助你

  1. 会话拦截器
  2. 包配置
  3. 拦截器
  4. 拦截器堆栈示例
    谢谢。
于 2013-09-06T17:45:39.990 回答