struts2登录 权限验证问题
struts.xml文件
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.0//EN" "http://struts.apache.org/dtds/struts-2.0.dtd"> <struts> <package name="main" extends="struts-default"> <interceptors> <interceptor name="authentication" class="interceptor.AuthorizationInterceptor"/> <interceptor-stack name="myStack"> <interceptor-ref name="defaultStack"/> <interceptor-ref name="authentication"/> </interceptor-stack> </interceptors> <action name="adminAction" class="action.AdminAction"> <result name="admin">admin.jsp</result> <result name="login">login.jsp</result> <interceptor-ref name="myStack" /> </action> </package></struts>
package interceptor;import com.opensymphony.xwork2.*;import com.opensymphony.xwork2.interceptor.AbstractInterceptor;import java.util.*;public class AuthorizationInterceptor extends AbstractInterceptor { @Override public String intercept(ActionInvocation invocation) throws Exception { // TODO Auto-generated method stub ActionContext ctx = invocation.getInvocationContext(); Map session = ctx.getSession(); String user = (String)session.get("username"); if(user!=null && "admin".equals(user)) return invocation.invoke(); else return Action.LOGIN; }}package action;import com.opensymphony.xwork2.ModelDriven;import com.opensymphony.xwork2.ActionSupport;import com.opensymphony.xwork2.ActionContext;import java.util.*;import dao.AdminDAO;import java.io.IOException;import java.io.PrintWriter;import java.sql.Connection;import java.sql.DriverManager;import java.sql.SQLException;import java.sql.Statement;import java.lang.*;public class AdminAction extends ActionSupport{ private String name; private String password; public String getName() { return name; } public void setName(String name) { this.name = name; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } public String execute() throws Exception { String adminname=null; String adminpassword=null; String driverClass = "com.mysql.jdbc.Driver"; String dburl = "jdbc:mysql://localhost:3306/cms_lawyer?characterEncoding=UTF-8"; String dbuser = "root"; String dbpassword = "12345678"; Connection conn=null; System.out.println("before"); try { Class.forName(driverClass); } catch(ClassNotFoundException ce) { System.out.println("faild"); } try { conn=DriverManager.getConnection(dburl,dbuser,dbpassword); } catch(SQLException se) { } AdminDAO admindao = new AdminDAO(); System.out.println("jdfhj12345"); try { adminpassword = admindao.getPassword(conn, name); } catch(Exception e) { } System.out.println("dsfh"+password); if(adminpassword.equals(password)) { Map session = ActionContext.getContext().getSession(); if(session != null) session.put("username", name); return "admin"; } else { return "login"; } }}
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%><%@ taglib prefix="struts" uri="/struts-tags"%><html> <head> <title>alsdkfj</title> <struts:head theme="ajax" /> </head> <body> <struts:form action="adminAction"> <struts:textfield label="用户名" name="name"/> <struts:password label="密码" name="password"/> <struts:submit value="denglu"/> </struts:form> </body></html>
package dao;import java.sql.Connection;import java.sql.PreparedStatement;import java.sql.ResultSet;import java.sql.SQLException;import java.sql.Statement;public class AdminDAO { public String getPassword(Connection conn,String name) throws SQLException { PreparedStatement preStmt = null; ResultSet rs = null; String getpassword = "select user_password from admin where user_name = ? "; try { preStmt = conn.prepareStatement(getpassword); int index=1; preStmt.setString(index, name); rs = preStmt.executeQuery(); if (rs.next()) { String pw = rs.getString("user_password"); return pw; } else { return null; } } finally { if(rs != null) rs.close(); if(preStmt != null)preStmt.close(); if(conn != null) conn.close(); } }}