第十八章 自定义拦截器

struts.xml配置拦截器：

<?xml version="1.0" encoding="UTF-8" ?><!DOCTYPE struts PUBLIC    "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"    "http://struts.apache.org/dtds/struts-2.0.dtd"><struts>    <constant name="struts.enable.DynamicMethodInvocation" value="false"/>    <constant name="struts.action.extension" value="do,action"/>    <constant name="struts.multipart.maxSize" value="10701096"/>    <package name="employee" namespace="/control/employee" extends="struts-default"><interceptors>  //拦截器配置<interceptor name="permission" class="cn.itcast.interceptor.PermissionInterceptor"/><interceptor-stack name="permissionStack"><interceptor-ref name="defaultStack"/> //必须写在前面<interceptor-ref name="permission" /></interceptor-stack></interceptors><global-results><result name="success">/WEB-INF/page/message.jsp</result></global-results><action name="list_*" class="cn.itcast.action.HelloWorldAction" method="{1}"><interceptor-ref name="permissionStack" />  //使用拦截器</action></package></struts>

拦截器文件：

package cn.itcast.interceptor;import com.opensymphony.xwork2.ActionContext;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.interceptor.Interceptor;public class PermissionInterceptor implements Interceptor {public void destroy() {}public void init() {}public String intercept(ActionInvocation invocation) throws Exception {Object user = ActionContext.getContext().getSession().get("user");if(user!=null) return invocation.invoke(); //如果user不为null,代表用户已经登录,允许执行action中的方法ActionContext.getContext().put("message", "你没有权限执行该操作");return "success";}}

当session中有user时，登陆则可以执行action

当session中没有user时，跳过action，message显示为"你没有权限执行该操作"