在Struts1.1-1.2中如果不想没有登录的用户访问一些action,可以扩展RequestProcessor,并重载processProprocess方法,在其中进行验证
public class CustomRequestProcessor
extends RequestProcessor {
protected boolean processPreprocess (
HttpServletRequest request,
HttpServletResponse response) {
HttpSession session = request.getSession(false);
//If user is trying to access login page
// then don't check
if( request.getServletPath().equals("/loginInput.do")
|| request.getServletPath().equals("/login.do") )
return true;
//Check if userName attribute is there is session.
//If so, it means user has allready logged in
if( session != null &&
session.getAttribute("userName") != null)
return true;
else{
try{
//If no redirect user to login Page
request.getRequestDispatcher
("/Login.jsp").forward(request,response);
}catch(Exception ex){
}
}
return false;
}
}
相应的,在struts-config.xml中加入controller元素
<controller>
<set-property property="processorClass"
value="com.sample.util.CustomRequestProcessor"/>
</controller>
但刚才看到在Struts1.3中,已经不再使用RequestProcessor,而是用ComposableRequestProcessor 来实现自定义的request响应。
posted @
2007-04-09 18:52 hijeff 阅读(436) |
评论 (0) |
编辑 收藏