0

I am using struts2.1.6 + Spring 2.5 I have four modules in my application.

  1. Registration Module
  2. Admin Module
  3. Quote Module
  4. Location Module.

In registration module the customer can register himself and only after registering he is supposed to have access of the remaining three modules.

I want to implement something like if the action being called belongs to the registration module it will work as normal but if the action being called belongs to the rest of those three modules it first should check if the user is logged-in and session has not timed-out. if yes it should proceed normally otherwise it should redirect to the login page.

Through research I have found out that interceptors could be used for this purpose but before proceeding I thought its better to get some feedback on it from experts.

Please suggest how it should be done and If possible put some code suggestions.

Here is my struts.xml file(The struts.xml contains four different config files belonging to each module):

    <struts>
    <include file="struts-default.xml" />
    <constant name="struts.i18n.reload" value="false" />
    <constant name="struts.objectFactory" value="spring" />
    <constant name="struts.devMode" value="false" />
    <constant name="struts.serve.static.browserCache" value="false" />
    <constant name="struts.enable.DynamicMethodInvocation" value="true" />
    <constant name="struts.multipart.maxSize" value="10000000" />
    <constant name="struts.multipart.saveDir" value="C:/Temporary_image_location" />

    <include file="/com/action/mappingFiles/registration_config.xml" />
    <include file="/com/action/mappingFiles/admin_config.xml" />
    <include file="/com/action/mappingFiles/quote.xml" />
    <include file="/com/action/mappingFiles/location_config.xml" />

</struts>

The sample registration_config.xml file is:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd">
<struts>
    <package name="registration" extends="struts-default"
        namespace="/my_company">

        <action name="LoginView" class="registration" method="showLoginView">
            <result>....</result>
            <result name="input">...</result>
        </action>
         </package>
</struts>

The sample admin_config.xml file is:

<?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd">
    <struts>
        <package name="admin" extends="struts-default"
            namespace="/my_company">

            <action name="viewAdmin" class="admin" method="showAdminView">
                <result>....</result>
                <result name="input">...</result>
            </action>
             </package>
    </struts>

Same code is there in the rest of two struts2 xml config files. I have used the same namespace in all the four config files with the different package names(As you can see)

4

1 回答 1

0

注意:标准做法是为每个包使用不同的命名空间,例如“/my_company/admin”用于管理包等。

使用拦截器是正确的方法:它将身份验证与操作本身分离。您可以定义两种不同的拦截器堆栈,一种要求用户登录,另一种不需要。首先从 struts-default.xml 复制拦截器堆栈,然后根据您的要求进行自定义。这些定义可以放在一个抽象的基础包中:

<package name="my-base" abstract="true" extends="struts-default">
    <interceptors>
        <interceptor-stack name="login-required">
            <interceptor-ref name="exception"/>
            <interceptor-ref name="alias"/>
            <!-- etc -->
        </interceptor-stack>
        <interceptor-stack name="login-not-required">
            <!-- etc -->
        </interceptor-stack>
    </interceptors>
</package>

然后你的其他包只需要扩展这个基础包:

<package name="admin" extends="my-base" namespace="/my_company/admin">
    <default-interceptor-ref name="login-required"/>

    <!-- actions defined here -->
</package>
于 2010-06-10T01:26:50.030 回答