這是本文件的舊版!
攔截HTML或JSP
Problem
許多人都會有在Struts中如何攔截過濾HTML或JSP的需求。使用者想連結至某一個網頁,並不一定會登入才連結。他可能會將有興趣的網頁直接存到我的最愛,下次就直接連過去了。假如他是處於session過期或沒登入的情況呢?也許這個網頁就無法正常顯示了。在Struts中該如何在存取某些網頁前,先做狀態的檢查呢?
How to?
透過Filter
web.xml
如果使用Struts範例中的設定,通常會將所有的URL請求讓struts2處理。在這我們可以增加一個DelegatingFilterProxy,當使用者請求*.html的頁面時,會經過我所實作的DelegatingFilterProxy去確認session狀態。
<filter> <filter-name>struts2</filter-name> <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class> </filter> <filter> <filter-name>DelegatingFilterProxy</filter-name> <filter-class>org.tonylin.funny.web.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>struts2</filter-name> <url-pattern>*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>DelegatingFilterProxy</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping>
DelegatingFilterProxy
DelegatingFilterProxy繼承struts的StrutsPrepareAndExecuteFilter。根據我的範例,除了login.html的頁面外,其它的html都必須檢查session中是否有User登入的資料,如果沒有就會將頁面導向login.html。
public class DelegatingFilterProxy extends StrutsPrepareAndExecuteFilter { private Logger logger = LoggerFactory.getLogger(DelegatingFilterProxy.class); final static private List<String> IGNORE_SESSION_CHECKING_LIST = Arrays.asList("/login.html"); @Override public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest)req; HttpServletResponse response = (HttpServletResponse)res; String servletPath = request.getServletPath(); logger.debug("doFilter: {},{}", servletPath, IGNORE_SESSION_CHECKING_LIST.indexOf(servletPath)); if( SessionUtil.getAttribute(request, SessionKeys.ACCOUNT) == null && IGNORE_SESSION_CHECKING_LIST.indexOf(servletPath) == -1 ){ response.sendRedirect("login.html"); } else { super.doFilter(req, res, chain); } } }
友藏內心獨白: 下次會透過interceptor試看看!
Reference