7.11--SSH学习之Struts拦截器

拦截器：

1. 访问Action的时候才能启动拦截器，访问其他资源不行
2. 在Action访问过程中，必须使用拦截器
3. 拦截器分为系统拦截器和用户自定义拦截器
   
   
   

访问ServletAPI：

1. 解耦合的方式访问ServletAP（2种）
2. 耦合的方式访问ServletAP（2种）
   
   
   

示例解耦合:

1. 解耦合一，Action继承ActionSupport

public class FirstAction extends ActionSupport {    private Map<String,Object> request;    private Map<String,Object> session;    private Map<String,Object> application;    public String execute() throws Exception{        System.out.println("in FirstAction method execute()");        ActionContext ac = ActionContext.getContext();         request = (Map<String,Object>)ac.get("request");        request.put("one","11");        session = ac.getSession();        session.put("two", "小青");        application = ac.getApplication();        application.put("three", "老大");        return "success";    }}

2. 解耦合二,Action继承ActionSupport并实现RequestAware,SessionAware，ApplicationAware

public class SecondAction extends ActionSupport implements RequestAware,SessionAware,ApplicationAware{    private Map<String,Object> request;    private Map<String,Object> session;    private Map<String,Object> application;    @Override    public void setApplication(Map<String, Object> application) {        // TODO Auto-generated method stub        this.application=application;    }    @Override    public void setSession(Map<String, Object> session) {        // TODO Auto-generated method stub        this.session=session;    }    @Override    public void setRequest(Map<String, Object> request) {        // TODO Auto-generated method stub        this.request=request;    }    //解耦合的方式    public String execute() throws Exception{        System.out.println("in SecondAction method execute()");        request.put("one", "苹果");        session.put("two", "橘子");        application.put("three", "西瓜");        return "success";    }}

示例耦合:

1. 耦合一，Action继承ActionSupport

public class ThreeAction extends ActionSupport {    private HttpServletRequest request;    private HttpSession session;    private ServletContext application;    public String execute() throws Exception{        System.out.println("in ThreeAction method: execute()");        request = ServletActionContext.getRequest();        String userName = request.getParameter("userName");        System.out.println(userName);        request.setAttribute("one", userName);        session = request.getSession();        session.setAttribute("two", "雪碧");        application = ServletActionContext.getServletContext();        application.setAttribute("three", "可乐");        return "success";    }}

2. 耦合二，Action继承ActionSupport,并实现ServletRequestAware,ServletContextAware

public class FourAction extends ActionSupport implements ServletRequestAware,ServletContextAware {    private HttpServletRequest request;    private HttpSession session;    private ServletContext application;    @Override    public void setServletContext(ServletContext application) {        // TODO Auto-generated method stub        this.application=application;    }    @Override    public void setServletRequest(HttpServletRequest request) {        // TODO Auto-generated method stub        this.request=request;    }    public String execute() throws Exception{        System.out.println("in ThreeAction method: execute()");        request.setAttribute("one", "红酒");        session = request.getSession();        session.setAttribute("two", "白酒");        application.setAttribute("three", "黄酒");        return "success";    }}

---

学习拦截器和访问ServletAPI后，做了一个demo
描述：
1. 管理员登录系统可以查看机密信息
2. 查看机密信息必须先登录
3. 普通用户不能进入系统
4. 黑名单中的人不能进入系统

管理员：susu
黑名单：Tom
普通用户：初susu之外的用户

示例代码：

1. UserLoginAction用来检测是否为管理员

**UserLoginAction.java**public class UserLoginAction extends ActionSupport {    private String userName;    private String userPwd;    public String getUserName() {        return userName;    }    public void setUserName(String userName) {        this.userName = userName;    }    public String getUserPwd() {        return userPwd;    }    public void setUserPwd(String userPwd) {        this.userPwd = userPwd;    }    public String execute() throws Exception{        System.out.println("in execute()!!!");        String flag = "input";        if(userName.equals("susu")&&userPwd.equals("1111")){            ActionContext.getContext().getSession().put("userName", userName);            flag = "success";        }else{            ActionContext.getContext().getSession().put("message", "用户名或密码错误！");        }        return flag;    }    public String checkInter() throws Exception{        System.out.println("in checkInter()");        return "success";    }}

2. BlackListInterceptor黑名单拦截器，拦截黑名单中的人进入系统

**BlackListInterceptor.java**public class BlackListInterceptor extends AbstractInterceptor {    private HttpServletRequest request;    @Override    public String intercept(ActionInvocation invo) throws Exception {        // TODO Auto-generated method stub        System.out.println("in BlackListInterceptor");        request = ServletActionContext.getRequest();        String strName = request.getParameter("userName");        if(strName.equals("Tom")){            return "error";        }else{            return invo.invoke();        }    }}

3. CheckSecretInterceptor机密信息拦截器，判断登录用户是否为管理员

**CheckSecretInterceptor.java**public class CheckSecretInterceptor extends AbstractInterceptor {    @Override    public String intercept(ActionInvocation acvo) throws Exception {        // TODO Auto-generated method stub        System.out.println("拦截器开始执行");        Object obj = ActionContext.getContext().getSession().get("userName");        String strName = obj != null ?obj.toString():"";        if(strName.equals("susu")){            String result = acvo.invoke();            System.out.println("拦截器结束执行");            return result;        }else{            System.out.println("拦截器结束执行");            ActionContext.getContext().getSession().put("message", "还未登录，不能访问机密信息");            return "input";        }    }}

4. struts.xml中的配置

        <interceptors>            <interceptor name="checklogin" class="com.su.web.interceptor.CheckSecretInterceptor"></interceptor>            <interceptor name="errorInter" class="com.su.web.interceptor.BlackListInterceptor"></interceptor>        </interceptors>        <!-- *************黑名单拒绝进入，只有特定用户才能查看机密信息************** -->        <action name="login" class="com.su.web.action.UserLoginAction">            <interceptor-ref name="defaultStack"></interceptor-ref>            <interceptor-ref name="errorInter"></interceptor-ref>            <result type="dispatcher" name="input">/login.jsp</result>            <result type="dispatcher" name="success">/success.jsp</result>            <result type="redirect" name="error">/errorname.jsp</result>        </action>        <action name="secret" class="com.su.web.action.UserLoginAction" method="checkInter">            <interceptor-ref name="checklogin"></interceptor-ref>            <!-- defaultStack把表单元素提交到get，set,方法 -->            <interceptor-ref name="defaultStack"></interceptor-ref>            <result type="dispatcher" name="success">/secret.jsp</result>            <result type="dispatcher" name="input">/login.jsp</result>        </action>        <!-- **************************************************************-->        <!-- 先执行拦截器，在拦截器中再判断是否需要执行action中的方法，最后根据返回结果，跳转指定页面 -->

5. 登录界面，填写登录信息，用户名和密码login.jsp

<body>    <form action="login" method="post">        用户名：<input type="text" name="userName"><br>        密码：<input type="password" name="userPwd"><br>        <span style="color: red">${message }</span>        <input type="submit" value="提交">    </form>  </body>

6. 登陆成功页面显示管理员姓名和机密信息超链接success.jsp

 <body>      User:${userName}<br>    You are successful! <br>    So,you can look <a href="secret.action">The Sercet Message</a>  </body>

7. 机密信息页面secret.jsp

<body>    This is a secret Page! <br>    But,you must keep secret!!!  </body>

8. `黑名单中的人登陆，显示的页面errorname.jsp

 <body>    Sorry！you are in the BlackList!  </body>

运行结果：

1. 管理员登录：
   
   
   
   
2. 管理员登录成功：
   
   
   
   
3. 管理员查看机密信息
   
   
   
   
4. 非管理员登陆，提示错误信息
   
   
   
   
5. 黑名单中的人登录，显示errorname.jsp页面
   
   
   
   

到此完结！O(∩_∩)O谢谢

---

Author：su1573