test.jsp
<%@ page contentType="text/html;charset=GB2312"%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
AJAX提交请求测试页面
$(document).ready(function(){ $("#btn").click(function(){ $.ajax({ url: "Essa", type: "POST", data: {"AppCode":"51601","DataSets":"1","Datas":"[{'name':'fsg','pwd':'1'}]"}, dataType: "json", success:function(data) { var jsonStr = eval("("+data+")"); alert(data); //document.getElementById("info").innerHTML = "retAppCode: [ "+jsonStr.retAppCode+" ] DataSets: [ "+jsonStr.retDataSets+" ] 信息:[ "+jsonStr.retDatas[0].info+" ] "; //alert("success:OperCode="+jsonStr.OperCode); //alert("success:DataSets="+jsonStr.DataSets); //alert("success:Datas[0].name="+jsonStr.Datas[0].name); //alert("success:Datas[0].age="+jsonStr.Datas[0].age); }, error:function(data) { alert("error:"); } }); }); });
<s:submit value="%{getText('test')}" id="btn"/>
struts.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "http://struts.apache.org/dtds/struts-2.1.dtd">
<package name="essa" extends="json-default">
<interceptors>
<interceptor name="myInterceptor" class="com.essa.Interceptor.MyInterceptor">
<param name="filterURISwitch">/welcome.html;/login;/html/help;</param></interceptor>
<interceptor-stack name="myDefaultStack">
<interceptor-ref name="myInterceptor" />
<interceptor-ref name="json" />
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="myDefaultStack" />
<default-action-ref name="index"></default-action-ref>
<global-results>
<result name="failPage" type="redirect">/login.jsp</result>
</global-results>
<action name="index">
<result type="redirect">/welcome.html</result>
</action>
<action name="Essa" class="com.essa.action.EssaAction">
<result type="json"><param name="root">result</param></result>
</action>
<action name="LoginAction" class="com.essa.action.LoginAction">
<result name="LoginOK" type="dispatcher">/website/home.jsp</result>
<result name="LoginFail" type="redirect">/loginFail.html</result>
<result name="Normal" type="redirect">/welcome.html</result>
<result name="Help" type="dispatcher">/html/help/help.html</result>
</action>
</package>
拦截器
package com.essa.Interceptor;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
/**
- @name MyInterceptor
- @time 2015-06-20
- @version 1.0.0
-
@author ZhangDongxu
*/
public class MyInterceptor implements Interceptor {
private static Logger logger = Logger.getLogger(MyInterceptor.class
.getName());private HttpServletRequest request;
private HttpSession session;
private ServletContext application;
private ActionContext context;
private String filterURISwitch ;
private String sessionUID;
private String sessionPASS;/**
- 自定义拦截器执行的代码 作用:拦截请求
- */ private static final long serialVersionUID = 1L;
public String getFilterURISwitch() {
return filterURISwitch;
}public void setFilterURISwitch(String filterURISwitch) {
this.filterURISwitch = filterURISwitch;
}public void destroy() {
}public void init() {
}public String intercept(ActionInvocation invocation) throws Exception {
logger.info(">>>>>> [请求信息:执行了自定义拦截器的代码!!!!=============================]");System.out.println("===================================================="); System.out.println(this.filterURISwitch); System.out.println("===================================================="); String filterURISwitch = this.filterURISwitch;// 分号分隔的过滤器路径,即哪些不需要进行资源过滤拦截:例如/essa/welcome.html;/essa/html/help.html操作手册 String[] noFilterURIs;// 临时数组 System.out.println("过滤前提示"); System.out.println("===================================="); System.out.println("+++++++++++++++++++++++++++++++++++++++++++++"); System.out.println("获取不需要进行过滤URI的初始化参数值: " + filterURISwitch); noFilterURIs = filterURISwitch.split(";"); int pathFilterLength = filterURISwitch.split(";").length; int filesFilterLength = filterURISwitch.split("\\.").length - 1; int pathsSize = pathFilterLength - filesFilterLength; // 不需要过滤的具体请求的页面,带扩展名 String[] noDealURIPages = new String[filesFilterLength]; // 不需要过滤的路径 // 控制用户访问权限 context = invocation.getInvocationContext(); request = (HttpServletRequest) context.get(ServletActionContext.HTTP_REQUEST); session = request.getSession(); String[] noDealURIPaths = new String[pathFilterLength]; String currentURI = request.getRequestURI();// 当前请求的页面URI String ctx = request.getContextPath(); currentURI = currentURI.substring(ctx.length()); System.out.println("currentURI = " + currentURI); // 提取不需要过滤的页面及路径数组,便于进行过滤 int j = 0; int k = 0; for (int i = 0; i < pathFilterLength; i++) { if (noFilterURIs[i].split("\\.").length == 2) { noDealURIPages[j] = noFilterURIs[i]; j++; } else { noDealURIPaths[k] = noFilterURIs[i]; k++; } } System.out.println("1、不需要进行过滤安全保护的静态资源路径数量 = " + pathsSize); for (int i = 0; i < k; i++) { System.out.println("paths = " + noDealURIPaths[i]); } System.out.println("2、不需要进行过滤安全保护的访问页面资源数量 = " + filesFilterLength); for (int i = 0; i < j; i++) { System.out.println("pages = " + noDealURIPages[i]); } System.out.println("+++++++++++++++++++++++++++++++++++++++++++++"); // 基于实际请求的情况,判断session中UID和具体的PASS是否存在,进行业务操作。所有的判断安全均在ACTION中完成。过滤器不进行业务方面的操作 if (currentURI.equalsIgnoreCase("/LoginAction.action")) { // 获取JSON结构中的data:UID,PASS值 sessionUID = request.getParameter("name"); sessionPASS = request.getParameter("pwd"); session.setAttribute("sessionUID", sessionUID); session.setAttribute("sessionPASS", sessionPASS); // 放行。让其走到下个链或目标资源中 return "LoginOK"; } // 判断是否是配置不进行过滤的页面 for (int i = 0; i < noDealURIPages.length; i++) { if (currentURI.equalsIgnoreCase(noDealURIPages[i]) && (session.getAttribute("sessionUID") != null || session.getAttribute("sessionPASS") != null)) { System.out.println("noDealURIPages=" + noDealURIPages[i]); // 放行。让其走到下个链或目标资源中 return "Normal"; } } // 判断是否是配置不进行过滤的路径 for (int i = 0; i < noDealURIPaths.length; i++) { if (currentURI.substring(0, currentURI.lastIndexOf("/")) .equalsIgnoreCase(noDealURIPaths[i]) || currentURI.equalsIgnoreCase(noDealURIPaths[i]) && (session.getAttribute("sessionUID") != null || session.getAttribute("sessionPASS") != null)) { System.out.println("noDealURIPaths=" + noDealURIPaths[i]); // 放行。让其走到下个链或目标资源中 return "Help"; } } // 如果不是上述情况,则判断是否存在UID和PASS,并进行逻辑操作链 if (session.getAttribute("sessionUID") == null || session.getAttribute("sessionPASS") == null) { session.invalidate(); //res.sendRedirect("http://localhost/login/login.html"); return "failPage"; } return invocation.invoke();// "failPage"
}
}
不进拦截器,test.jsp直接返回error