使用struts2的MethodFilterInterceptor出了点问题...设置includeMethods后把其他方法也拦截了
今天使用struts2的方法拦截功能 对action里的某些方法进行登录权限判定
我成功实现了拦截功能,管理员未登录时跳转到提示页面,但后来我发现,我在includeMethods方法中只是设置了几个方法需要拦截,但实际上这个action里的方法都被拦截限制了...郁闷啊,难道还要我显示的把所有不想拦截的方法都配置在excludeMethods中么,这很麻烦....
我想了解一下,一个action中有多个方法,如a1,a2,a3,a4,现在我需要拦截a1,a2,即
<param name="includeMethods">a1,a2</param>
而a3,a4我不想拦截,这里一定要显示的写下面这句么
<param name="excludeMethods">a3,a4</param>
部分代码如下:
AdminLogInteceptor.java
import java.util.Map;
import org.model.Admin;
import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;
public class AdminLogInteceptor extends MethodFilterInterceptor{
private static final long serialVersionUID = 1L;
protected String doIntercept(ActionInvocation invocation) throws Exception {
ActionContext ctx=invocation.getInvocationContext();
Map session=ctx.getSession();
Admin admin=(Admin)session.get("admin");
if(admin!=null){
return invocation.invoke();
}
return Action.LOGIN;
}
}
struts.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "http://struts.apache.org/dtds/struts-2.1.dtd">
<struts>
<package name="default" extends="struts-default" namespace="/" >
<!-- 下面的result-types是为了防止使用struts2下载时,用户取消后tomcati报错,而且加了struts2-sunspoter-stream-1.0.jar -->
<result-types>
<result-type name="streamx" class="com.sunspoter.lib.web.struts2.dispatcher.StreamResultX"/>
</result-types>
<interceptors>
<!-- 自定义管理员拦截器 -->
<interceptor name="adminLog" class="org.tool.AdminLogInteceptor" />
<!-- 配制默许的拦截器到拦截器栈 -->
<interceptor-stack name="adminPermission">
<interceptor-ref name="adminLog"></interceptor-ref>
<interceptor-ref name="defaultStack"></interceptor-ref>
</interceptor-stack>
</interceptors>
<!-- 全局变量 -->
<global-results>
<result name="login">/admin/donotLogin.jsp</result>
</global-results>
<action name="userAction" class="userAction" >
<result name="success">/alert/reg_success.jsp</result>
<result name="error">/alert/reg_error.jsp</result>
<result name="emailSendFail">/emailSendFail.jsp</result>
<result name="login">/index.jsp</result>
<result name="loginFail">/alert/loginFail.jsp</result>
<result name="exit">/index.jsp</result>
<result name="getAllSuccess">/admin/userList.jsp</result>
<result name="deleteSuccess" type="redirectAction">userAction!getAllUser</result>
<!-- 设置需要拦截的方法,多个以逗号隔开 -->
<interceptor-ref name="adminPermission">
<param name="includeMethods">getAllUser,deleteUser</param>
</interceptor-ref>
</action>
.......
这个userAction.java中定义的方法有getAllUser,deleteUser,register,login,userExit,checkUser
现在我只想拦截getAlluser,deleteUser,但是设置includMethods后该拦截器把我的
register,login,userExit,checkUser方法都拦截了.....