0

我正在使用 Struts2 + Spring + Hibernate 为 Web 应用程序开发登录模块,如果用户想浏览网站,我想强制用户登录。

我有一个 LoginInterceptor

public class LoginInterceptor implements Interceptor {

public LoginInterceptor() {
}

public void destroy() {
    System.out.println("LoginInterceptor destroy() is called...");
}

public void init() {
    System.out.println("LoginInterceptor init() is called...");
}

public String intercept(ActionInvocation actionInvocation) throws Exception {

    final ActionContext context = actionInvocation.getInvocationContext();
    HttpServletRequest request = (HttpServletRequest) context.get(ServletActionContext.HTTP_REQUEST);
    HttpSession session = request.getSession(true);

    //Code

    try {

        Users userObj = (Users) session.getAttribute("userObj");

        if (userObj == null) {
            System.out.println("if from LoginInterceptor");
            return "noLogin";
        }

    } catch (Exception e) {
        Logger.getLogger(LoginInterceptor.class.getName()).log(Level.INFO, "message", e);
    }

    //Invoke action
    String result = actionInvocation.invoke();

    return result;
}
}

我的 struts.xml

 <interceptors>

        <interceptor name="myLocale" class="com.deveto.struts.interceptors.LocaleInterceptor"/>
        <interceptor name="login" class="com.deveto.struts.interceptors.LoginInterceptor"/>
        <interceptor name="access" class="com.deveto.struts.interceptors.AccessInterceptor"/>

        <interceptor-stack name="defaultStack">
            <interceptor-ref name="myLocale"/>
            <interceptor-ref name="login"/>
            <interceptor-ref name="exception"/>
            <interceptor-ref name="alias"/>
            <interceptor-ref name="prepare"/>
            <interceptor-ref name="i18n"/>
            <interceptor-ref name="chain"/>
            <interceptor-ref name="debugging"/>
            <interceptor-ref name="profiling"/>
            <interceptor-ref name="fileUpload"/>
            <interceptor-ref name="checkbox"/>
            <interceptor-ref name="params">
                <param name="excludeParams">dojo\..*</param>
            </interceptor-ref>
            <interceptor-ref name="conversionError"/>
            <interceptor-ref name="validation">
                <param name="excludeMethods">input,back,cancel,browse</param>
            </interceptor-ref>
            <interceptor-ref name="workflow">
                <param name="excludeMethods">input,back,cancel,browse</param>
            </interceptor-ref>
        </interceptor-stack>
    </interceptors>

    <default-interceptor-ref name="defaultStack"/>

    <global-results>
        <result name="noLogin" type="redirectAction">show-login</result>
        <result name="noAccess" type="redirectAction">access-required</result>
    </global-results>

    <action
        name="show-login"
        class="com.deveto.struts.actions.UsersAction" >
        <interceptor-ref name="defaultStack"/>
        <result name="success" type="tiles">tiles.login</result>
    </action>

但是当我运行项目时,我有一个溢出异常,在堆栈跟踪中我什么都没有,但是 Mozilla 告诉我:

      The page isn't redirecting properly  

      Firefox has detected that the server is redirecting the request for this address in a way that will never complete.


  System.out.println("if from LoginInterceptor");

重复几次。我不明白为什么,但我有更多的拦截器,除此之外其他的也很好。

4

2 回答 2

3

当您LoginInterceptor返回其noLogin结果时,它会重定向,并再次被拦截,LoginInterceptor从而将其变成无限的重定向循环。

所以你必须排除你show-login被你的拦截LoginInterceptor,例如

定义两个拦截器堆栈,并将LoginInterceptor设置为默认值:

<interceptor-stack name="defaultStack">
  ... same as in your question ...
</interceptor-stack>

<interceptor-stack name="noLoginStack">
  ... same as in your question but *without* the LoginInterceptor ...
</interceptor-stack>

<default-interceptor-ref name="defaultStack"/>

然后show-login仅对于操作,使用noLoginStack

<action name="show-login"
    ... >
    <interceptor-ref name="noLoginStack"/>
    ...
</action>
于 2011-08-24T13:57:17.670 回答
1

你为什么不直接使用 Spring Security 来做到这一点?它的配置非常简单,并且可以与 Struts2 完美配合。从那里开始:http://static.springsource.org/spring-security/site/tutorial.html或那里: http: //www.mularien.com/blog/2008/07/07/5-minute-guide -to-spring-security/

于 2011-08-25T20:20:37.030 回答