在Struts1.1-1.2中如果不想沒有登錄的用戶訪問一些action,可以擴展RequestProcessor,并重載processProprocess方法,在其中進行驗證
public class CustomRequestProcessor
extends RequestProcessor {
protected boolean processPreprocess (
HttpServletRequest request,
HttpServletResponse response) {
HttpSession session = request.getSession(false);
//If user is trying to access login page
// then don't check
if( request.getServletPath().equals("/loginInput.do")
|| request.getServletPath().equals("/login.do") )
return true;
//Check if userName attribute is there is session.
//If so, it means user has allready logged in
if( session != null &&
session.getAttribute("userName") != null)
return true;
else{
try{
//If no redirect user to login Page
request.getRequestDispatcher
("/Login.jsp").forward(request,response);
}catch(Exception ex){
}
}
return false;
}
}
相應(yīng)的,在struts-config.xml中加入controller元素
<controller>
<set-property property="processorClass"
value="com.sample.util.CustomRequestProcessor"/>
</controller>
但剛才看到在Struts1.3中,已經(jīng)不再使用RequestProcessor,而是用ComposableRequestProcessor 來實現(xiàn)自定義的request響應(yīng)。
posted on 2007-04-09 18:52
hijeff 閱讀(440)
評論(0) 編輯 收藏 所屬分類:
Struts