struts2应用程序中的会话 [英] Sessions in struts2 application

问题描述

我创建了一个Web应用程序，如果有用户会话，我需要维护会话
，然后只有这样才能让用户看到jsp。

I have created a web application in which I need to maintain the session if a user session is there, and then and only then will it allow the user to see the jsp.

之前我曾经使用过jsp servlets，但我是struts2的新手。

I have worked with jsp servlets before, but I'm new to struts2.

我在这里在我的操作类中设置用户名：

修改后的代码

private HttpSession session;

public void setSession(HttpSession session) {
    // TODO Auto-generated method stub0
    this.session = session;
}

public HttpSession getSession() {
    return session;
}

public String getLoginStatus(){     
    session = request.getSession();
    session.setAttribute("userName", loginBean.getUsername());
    return SUCCESS;
}

现在，当我在行动后被重定向到下一页时，它会显示会话值一次。之后，在每个页面上，我在会话中找到空值。

Now, when I am redirected to next page after an action, it shows the session value once. After that, on every page, I am finding null values in session.

<%
    String userName = (String)session.getAttribute("userName");             
    System.out.println(userName);                        

    if(userName == null || userName.equals("") ){
        response.sendRedirect("login.jsp");
    }

%>

我在某处读到动作类会话的范围仅限于一页 - 我怎么能解决这个问题？

I read somewhere that the scope of an action class session is limited to one page - how could I solve this problem?

任何一个例子对我都非常有用。

Any example will be very helpful to me.

推荐答案

您目前的代码存在一些问题。

There are a few problems with the code you currently have.

• 您应该使用Interceptor强制用户登录，而不是试图在JSP中强制执行它。 JSP应仅用于表示，而不是用于流控制。


• 您应该避免在JSP中使用scriptlet（代码块）。很久以前就被弃用了，并且在MVC应用程序中被广泛认为是一种非常糟糕的做法。


• 您可以直接访问JSP中的会话值。您不需要在操作中实现 SessionAware 界面，除非您需要访问操作本身内部的会话。


• 您应该将用户重定向到登录操作，而不是直接转到JSP页面，否则你绕过Struts2框架并失去使用框架的好处。

• You should use an Interceptor to enforce that the user is logged in, rather than trying to enforce it in the JSP. JSP should only be for presentation, not for flow control.
• You should avoid scriptlets (blocks of code) in JSP. That was deprecated a really long time ago and is widely considered to be a very poor practice in an MVC application.
• You can access session values in your JSP directly. You do not need to implement the SessionAware interface in your action unless you need access to the session inside of the action itself.
• You should redirect the user to a login action, not directly to a JSP page, otherwise you are bypassing the Struts2 framework and losing out on the benefits of using the framework.

下面是一些使用Struts2框架创建基本登录系统的示例代码。

Below is some example code for creating a basic login system using the Struts2 framework.

这部分是可选的，但一般而言，并非Web应用程序中的所有页面都需要用户登录。因此，让我们来看看创建一个名为 LoginRequired 的接口。如果用户尚未登录，任何实现此标记界面的操作都将重定向到登录页面。

This part is optional, but in general, not all pages in a web application will require the user to be logged in. Therefore, let's create an interface called LoginRequired. Any action that implements this marker interface will redirect to the login page if the user is not already logged in.

注意：如果您愿意，可以使用注释代替，但是对于这个例子，我将使用该接口。

Note: You can use an annotation instead, if you prefer, but for this example I will use the interface.

public interface LoginRequired {}

拦截器

拦截器将处理强制用户登录任何请求的实施操作 LoginRequired 界面。

public class LoginInterceptor extends AbstractInterceptor {
    @Override
    public String intercept(final ActionInvocation invocation) throws Exception {
        Map<String, Object> session = ActionContext.getContext().getSession();

        // sb: feel free to change this to some other type of an object which
        // represents that the user is logged in. for this example, I am using
        // an integer which would probably represent a primary key that I would
        // look the user up by with Hibernate or some other mechanism.
        Integer userId = (Integer) session.get("userId");

        // sb: if the user is already signed-in, then let the request through.
        if (userId != null) {
            return invocation.invoke();
        }

        Object action = invocation.getAction();

        // sb: if the action doesn't require sign-in, then let it through.
        if (!(action instanceof LoginRequired)) {
            return invocation.invoke();
        }

        // sb: if this request does require login and the current action is
        // not the login action, then redirect the user
        if (!(action instanceof LoginAction)) {
            return "loginRedirect";
        }

        // sb: they either requested the login page or are submitting their
        // login now, let it through
        return invocation.invoke();
    }
}

您还需要 LoginAction 显示和处理登录页面以及 LogoutAction ，它会使会话无效或清除。

You will also need a LoginAction which displays and processes the login page and a LogoutAction which invalidates or clears the session.

您需要将拦截器添加到堆栈中，并为loginRedirect创建全局结果映射。

You will need to add the interceptor to your stack and also create a global result mapping for "loginRedirect".

<interceptors>
    <interceptor name="login" class="your.package.LoginInterceptor"/>

    <!-- sb: you need to configure all of your interceptors here. i'm only
         listing the one we created for this example. -->
    <interceptor-stack name="yourStack">
        ...
        <interceptor-ref name="login"/>
        ...
    </interceptor-stack>
</interceptors>

<global-results>
    <!-- sb: make this the path to your login action.
         this could also be a redirectAction type. -->
    <result name="loginRedirect" type="redirect">/login</url>
</global-results>

这篇关于struts2应用程序中的会话的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！