struts2登陆拦截器

1、拦截器代码如下：

package ssh.security;

import java.util.Map;

import model.login.LoginVo;

import org.apache.log4j.Logger;

import ssh.web.action.LoginPerson;
import ssh.web.action.login.LoginAction;
import ssh.web.action.logout.LogoutAction;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;

@SuppressWarnings("serial")
public class LoginInterceptor implements Interceptor {

    public static final String LOGIN_PAGE = "login";

    //public static Student student;
    public static LoginVo loginVo;
   
    /**
* 初始化日志引擎
*/
private final Logger logger = Logger.getLogger("s2shLogger");

public void destroy() {

}

public void init() {

}

@SuppressWarnings("unchecked")
public String intercept(ActionInvocation actionInvocation) throws Exception {

        Object action = actionInvocation.getAction();
       
        logger.info(LoginInterceptor.class + "拦截到的action为:"+action);
        // 对LoginAction不做该项拦截 LoginPerson
        if (action instanceof LoginPerson || action instanceof LoginAction) {
            System.out.println("exit check login, because this is login action.");
            return actionInvocation.invoke();
        }
        if(action instanceof LogoutAction){
        System.out.println("exit check logout, because this is logout action.");
        return actionInvocation.invoke();
        }
       
        // 确认Session中是否存在Student
        Map session = actionInvocation.getInvocationContext().getSession();
        if(session !=null){
        loginVo = (LoginVo) session.get("seStudent");
            if (loginVo != null ) {
                // 存在的情况下进行后续操作。
                System.out.println("already login!"+action.toString());
                return actionInvocation.invoke();
            } else {
                // 否则终止后续操作，返回LOGIN
                System.out.println("no login, forward login page!");
                ActionContext.getContext().put("info", "请先登录系统后再进行操作");
                return LOGIN_PAGE;
            }
        }else {
            // 否则终止后续操作，返回LOGIN
            System.out.println("no login, forward login page!");
            ActionContext.getContext().put("info", "请先登录系统后再进行操作");
            logger.warn("非法账号登录");
            return LOGIN_PAGE;
        }
       
}

}


2.struts配置文件中，有关拦截器的配置内容如下：
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
    "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
    "http://struts.apache.org/dtds/struts-2.0.dtd">

<struts>
<constant name="struts.devMode" value="true" />
<constant name="struts.objectFactory" value="spring"></constant>
<constant name="struts.i18n.encoding" value="utf-8"/>
    <include file="/actions/struts_student.xml"></include>
    <include file="/actions/struts_login.xml"></include>
    <include file="/actions/struts_page.xml"></include>
    <include file="/actions/struts_ajax.xml"></include>
   
    <package name="struts-comm" extends="struts-default">
    <!-- 拦截器配置 -->
    <interceptors>
<interceptor name="loginInterceptor" class="ssh.security.LoginInterceptor"></interceptor>

<interceptor-stack name="teamwareStack">
            <interceptor-ref name="loginInterceptor"/>
            <interceptor-ref name="defaultStack"/>
        </interceptor-stack>
</interceptors>
   
<default-interceptor-ref name="teamwareStack"/>

<global-results>
   <result name="login">/main/webapp/pub/index.jsp</result>
   </global-results>
   
    </package>
</struts>

3.接受登录请求的Action设置session信息的代码片段：
package ssh.web.action.login;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import model.login.LoginVo;

import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;

import ssh.comm.util.Tools;
import ssh.service.login.LoginFacade;
import ssh.web.action.LoginPerson;

import com.opensymphony.xwork2.ActionSupport;

@SuppressWarnings("serial")
public class LoginAction extends ActionSupport { 
private String account;
private String password;
private String verifyCode;

private LoginFacade loginFacade;
private LoginVo loginVo;

private final Logger logger = Logger.getLogger(LoginPerson.class);
@SuppressWarnings("deprecation")
@Override
public String execute() throws Exception {

logger.info(LoginAction.class + "[method：login() 登录账号验证] in ...");

HttpServletRequest request = ServletActionContext.getRequest();
HttpSession session = request.getSession();
/**
* 验证码校验
* */
String icp = (String) session.getAttribute("piccode");
if (icp==null && !Tools.isEmpty(verifyCode)){
icp = verifyCode;
}
if(Tools.isEmpty(verifyCode)|| !icp.equalsIgnoreCase(verifyCode)){
request.setAttribute("errMessage","验证码错误，请重新输入");
return LOGIN;
}
if (!Tools.isEmpty(icp) && !Tools.isEmpty(verifyCode)) {
if (!verifyCode.equalsIgnoreCase(icp)) {
request.setAttribute("errMessage","验证码错误，请重新输入");
return LOGIN;
}
}

/**
* 获取当前登录对象
* 用于判断系统是否已登录
* */
loginVo = this.loginFacade.login(account, password);

if(loginVo != null ){
session.setAttribute("seStudent", loginVo);
return SUCCESS;
}else{
request.setAttribute("err", "用户名或密码错误，请重新输入后登陆");
return LOGIN;
}

}

public String getAccount() {
return account;
}

public void setAccount(String account) {
this.account = account;
}

public String getPassword() {
return password;
}

public void setPassword(String password) {
this.password = password;
}

public String getVerifyCode() {
return verifyCode;
}

public void setVerifyCode(String verifyCode) {
this.verifyCode = verifyCode;
}

public LoginFacade getLoginFacade() {
return loginFacade;
}

public void setLoginFacade(LoginFacade loginFacade) {
this.loginFacade = loginFacade;
}

public LoginVo getLoginVo() {
return loginVo;
}

public void setLoginVo(LoginVo loginVo) {
this.loginVo = loginVo;
}



}