后台权限校验拦截器

拦截器类

/*
 * 后台权限校验的拦截器
 * *对没有登陆的用户,不可以进行访问
 */
public class PrivilegeInterceptor extends MethodFilterInterceptor {

    @Override
    //执行拦截的方法
    protected String doIntercept(ActionInvocation actionInvocation) throws Exception {
        //判断session中是否保存了后台用户的信息
        AdminUser existAdminUser=(AdminUser) ServletActionContext.getRequest().getSession().getAttribute("existAdminUser");
        if(existAdminUser==null){
            //没有登录进行访问
            ActionSupport actionSupport=(ActionSupport) actionInvocation.getAction();
            actionSupport.addActionError("亲,您还没有登陆!没有权限访问!");
            return "loginFail";
        }else{
            //已经登陆过
            return actionInvocation.invoke();
        }
    }

}

Struts

<!-- 配置拦截器 -->
        <interceptors>
            <interceptor name="PrivilegeInterceptor" class="cn.itcast.shop.interceptor.PrivilegeInterceptor"/>
        </interceptors>

        <!-- 全局页面 -->
        <global-results>
            <result name="loginFail">/admin/index.jsp</result>
        </global-results>

<!-- 配置后台一级分类管理的Action -->
        <action name="adminCategory_*" class="adminCategoryAction" method="{1}">
            <result name="findAll">/admin/category/list.jsp</result>
            <result name="saveSuccess" type="redirectAction">adminCategory_findAll.action</result>
            <result name="deleteSuccess" type="redirectAction">adminCategory_findAll.action</result>
            <result name="editSuccess">/admin/category/edit.jsp</result>
            <result name="updateSuccess" type="redirectAction">adminCategory_findAll.action</result>

            <interceptor-ref name="PrivilegeInterceptor"></interceptor-ref>
            <!-- 引入默认的拦截器 -->
            <interceptor-ref name="defaultStack"></interceptor-ref>
        </action>

JSP

红色代码具有实时刷新的作用，使用拦截器必须要有它

<form method="post" action="${pageContext.request.contextPath }/adminUser_login.action" target="_parent" name=‘theForm‘>

</form>