作為“框架(framework)”,可擴展性是不可或缺的,因為世上沒有放之四海而皆準(zhǔn)的東西。雖然,Struts 2為我們提供如此豐富的攔截器實現(xiàn),但是這并不意味我們失去創(chuàng)建自定義攔截器的能力,恰恰相反,在Struts 2自定義攔截器是相當(dāng)容易的一件事。
|
| 大家在開始著手創(chuàng)建自定義攔截器前,切記以下原則:
攔截器必須是無狀態(tài)的,不要使用在API提供的ActionInvocation之外的任何東西。 |
要求攔截器是無狀態(tài)的原因是Struts 2不能保證為每一個請求或者action創(chuàng)建一個實例,所以如果攔截器帶有狀態(tài),會引發(fā)并發(fā)問題。
所有的Struts 2的攔截器都直接或間接實現(xiàn)接口com.opensymphony.xwork2.interceptor.Interceptor。除此之外,大家可能更喜歡繼承類com.opensymphony.xwork2.interceptor.AbstractInterceptor。
以下例子演示通過繼承AbstractInterceptor,實現(xiàn)授權(quán)攔截器。
首先,創(chuàng)建授權(quán)攔截器類tutorial.AuthorizationInterceptor,代碼如下:
package tutorial;
import java.util.Map;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
public class AuthorizationInterceptor extends AbstractInterceptor {
@Override
public String intercept(ActionInvocation ai) throws Exception {
Map session = ai.getInvocationContext().getSession();
String role = (String) session.get( " ROLE " );
if ( null != role) {
Object o = ai.getAction();
if (o instanceof RoleAware) {
RoleAware action = (RoleAware) o;
action.setRole(role);
}
return ai.invoke();
} else {
return Action.LOGIN;
}
}
}
以上代碼相當(dāng)簡單,我們通過檢查session是否存在鍵為“ROLE”的字符串,判斷用戶是否登陸。如果用戶已經(jīng)登陸,將角色放到Action中,調(diào)用Action;否則,攔截直接返回Action.LOGIN字段。為了方便將角色放入Action,我定義了接口tutorial.RoleAware,代碼如下:
package tutorial;
public interface RoleAware {
void setRole(String role);
}
接著,創(chuàng)建Action類tutorial.AuthorizatedAccess模擬訪問受限資源,它作用就是通過實現(xiàn)RoleAware獲取角色,并將其顯示到ShowUser.jsp中,代碼如下:
package tutorial;
import com.opensymphony.xwork2.ActionSupport;
public class AuthorizatedAccess extends ActionSupport implements RoleAware {
private String role;
public void setRole(String role) {
this .role = role;
}
public String getRole() {
return role;
}
@Override
public String execute() {
return SUCCESS;
}
}
以下是ShowUser.jsp的代碼:
<% @ page contentType = " text/html; charset=UTF-8 " %>
<% @taglib prefix = " s " uri = " /struts-tags " %>
< html >
< head >
< title > Authorizated User </ title >
</ head >
< body >
< h1 > Your role is: < s:property value ="role" /></ h1 >
</ body >
</ html >
然后,創(chuàng)建tutorial.Roles初始化角色列表,代碼如下:
package tutorial;
import java.util.Hashtable;
import java.util.Map;
public class Roles {
public Map < String, String > getRoles() {
Map < String, String > roles = new Hashtable < String, String > ( 2 );
roles.put( " EMPLOYEE " , " Employee " );
roles.put( " MANAGER " , " Manager " );
return roles;
}
}
接下來,新建Login.jsp實例化tutorial.Roles,并將其roles屬性賦予<s:radio>標(biāo)志,代碼如下:
<% @ page contentType = " text/html; charset=UTF-8 " %>
<% @taglib prefix = " s " uri = " /struts-tags " %>
< html >
< head >
< title > Login </ title >
</ head >
< body >
< h1 > Login </ h1 >
Please select a role below:
< s:bean id ="roles" name ="tutorial.Roles" />
< s:form action ="Login" >
< s:radio list ="#roles.roles" value ="EMPLOYEE" name ="role" label ="Role" />
< s:submit />
</ s:form >
</ body >
</ html >
創(chuàng)建Action類tutorial.Login將role放到session中,并轉(zhuǎn)到Action類tutorial.AuthorizatedAccess,代碼如下:
package tutorial;
import java.util.Map;
import org.apache.struts2.interceptor.SessionAware;
import com.opensymphony.xwork2.ActionSupport;
public class Login extends ActionSupport implements SessionAware {
private String role;
private Map session;
public String getRole() {
return role;
}
public void setRole(String role) {
this .role = role;
}
public void setSession(Map session) {
this .session = session;
}
@Override
public String execute() {
session.put( " ROLE " , role);
return SUCCESS;
}
}
最后,配置struts.xml文件,內(nèi)容如下:
<! DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.0//EN"
"http://struts.apache.org/dtds/struts-2.0.dtd" >
< struts >
< include file ="struts-default.xml" />
< package name ="InterceptorDemo" extends ="struts-default" >
< interceptors >
< interceptor name ="auth" class ="tutorial.AuthorizationInterceptor" />
</ interceptors >
< action name ="Timer" class ="tutorial.TimerInterceptorAction" >
< interceptor-ref name ="timer" />
< result > /Timer.jsp </ result >
</ action >
< action name ="Login" class ="tutorial.Login" >
< result type ="chain" > AuthorizatedAccess </ result >
</ action >
< action name ="AuthorizatedAccess" class ="tutorial.AuthorizatedAccess" >
< interceptor-ref name ="auth" />
< result name ="login" > /Login.jsp </ result >
< result name ="success" > /ShowRole.jsp </ result >
</ action >
</ package >
</ struts >
發(fā)布運行應(yīng)用程序,在瀏覽器地址欄中輸入:http://localhost:8080/Struts2_Interceptor/AuthorizatedAccess.action。由于此時,session還沒有鍵為“ROLE”的值,所以返回Login.jsp頁面,如圖2所示:
圖2 Login.jsp
選中Employee,點擊Submit,出現(xiàn)圖3所示頁面:
圖3 ShowRole.jsp
總結(jié)
攔截器是Struts 2比較重要的一個功能。通過正確地使用攔截器,我們可以編寫高可復(fù)用的代碼。