关于webwork session登陆验证
我使用的webwork和spring.各个action在spring中使用scope="prototype"模式.
BaseAction如下:
import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.apache.commons.logging.Log;import org.apache.commons.logging.LogFactory;import org.apache.commons.lang.*;import com.opensymphony.webwork.ServletActionContext;import com.opensymphony.xwork.ActionSupport;public class BaseAction extends ActionSupport { protected transient final Log log = LogFactory.getLog(getClass()); private String loginId=""; public String getLoginId() {return loginId;} protected boolean checkNoLogin(){ //getSession().setMaxInactiveInterval(1); HttpSession session = getSession(); loginId = (String)session.getAttribute("userSession"); System.out.println("loginId:"+loginId); if(StringUtils.isBlank(loginId)) { return true; } return false; } /** * Convenience method to get the request * @return current request */ protected HttpServletRequest getRequest() { return ServletActionContext.getRequest(); } /** * Convenience method to get the response * @return current response */ protected HttpServletResponse getResponse() { return ServletActionContext.getResponse(); } /** * Convenience method to get the session */ protected HttpSession getSession() { return getRequest().getSession(); } public String login() throws Exception {System.out.println("loginId:"+loginId);System.out.println("password:"+password);if (loginDao.checkUserExists(loginId,password) == false) {addFieldError("loginIdNoExists", "用户名不存在!");return ERROR;} else if (loginDao.checkUserSuccess(loginId,password) == false) {addFieldError("passwordNoMatch", "用户密码错误!");return ERROR;} else {System.out.println("login success!");HttpSession session = getSession();session.setAttribute("userSession", loginId);System.out.println("成功登录!");}return SUCCESS;}public String condition() throws Exception {if(checkNoLogin())return "login";return SUCCESS; }