Stripes - 重定向、会话过期

发布于 2024-10-11 02:32:46 字数 341 浏览 2 评论 0原文

我有一个 Stripes 框架问题。

这个重定向页面在注解方法之前？

像这样的东西：

@Before
public void test()
{
  String login=(String)context.getRequest().getSession().getAttribute("login");
  if (login==null)
  {
    Redirect...(LoginActionBean.class);  // ??????
    exit....();                                    // ??????
  }
}

原文

I have a Stripes framework question.

This redirect page in the annotation method before?

something like:

@Before
public void test()
{
  String login=(String)context.getRequest().getSession().getAttribute("login");
  if (login==null)
  {
    Redirect...(LoginActionBean.class);  // ??????
    exit....();                                    // ??????
  }
}

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

末骤雨初歇 2024-10-18 02:32:46

我认为你尝试做这样的事情：

public class MyPageActionBean implements ActionBean {
  private ActionBeanContext context;

  public ActionBeanContext getContext() {
    return context;
  }

  public void setContext(ActionBeanContext context) {
    this.context = context;
  }

  @DefaultHandler
  public Resolution view() {
    String login =
      (String)context.getRequest().getSession().getAttribute("login");
    if (login==null) {
      return new RedirectResolution(LoginActionBean.class);
    } else {
      // do you're normal stuff here
    }
  }
}

但更完整的安全解决方案是实现 Stripes 安全拦截器。

I think you try to do something like this:

public class MyPageActionBean implements ActionBean {
  private ActionBeanContext context;

  public ActionBeanContext getContext() {
    return context;
  }

  public void setContext(ActionBeanContext context) {
    this.context = context;
  }

  @DefaultHandler
  public Resolution view() {
    String login =
      (String)context.getRequest().getSession().getAttribute("login");
    if (login==null) {
      return new RedirectResolution(LoginActionBean.class);
    } else {
      // do you're normal stuff here
    }
  }
}

But a more complete security solution would be to implement the Stripes Security Interceptor.

回复收藏 0 原文

情绪 2024-10-18 02:32:46

嗯。这不太好。

所有方法中都有重复代码。


public Resolution view1()
{
  String login=....
  if () {...}
  else  {...}
}

public Resolution view2()
{
  String login=....
  if () {...}
  else  {...}
}
public Resolution view3()
{
  String login=....
  if () {...}
  else  {...}
}

所以，我去读《Stripes Security Interceptor》。

谢谢。

Hm. This isnt nice.

Duplication code in all method.


public Resolution view1()
{
  String login=....
  if () {...}
  else  {...}
}

public Resolution view2()
{
  String login=....
  if () {...}
  else  {...}
}
public Resolution view3()
{
  String login=....
  if () {...}
  else  {...}
}

So, i go read Stripes Security Interceptor.

Thanks.

回复收藏 0 原文

冷︶言冷语的世界 2024-10-18 02:32:46

我认为你的问题是在用户未登录时在登录页面上重定向用户。在每个 actionBean 上使用 @before 不是一个好主意。为了实现这一点，您可以通过扩展 SpringInterceptorSupport 来创建自己的拦截器。

@Intercepts(LifecycleStage.ActionBeanResolution)
public class MyInterceptor extends SpringInterceptorSupport {
private static final List<Class<? extends ActionBean>> ALLOW = Arrays.asList(LoginActionBean.class, anyOtherActionBeanAllowedWithoutLogin.class);

@Override
  @SuppressWarnings({ "rawtypes" })
  public Resolution intercept(ExecutionContext execContext) throws Exception {
    Resolution resolution = execContext.proceed();
    ActionBean actionBean = execContext.getActionBean();
    Class<? extends ActionBean> destinationclass = actionBean.getClass();
    if (!ALLOW.contains(destinationclass) && !isSessionExist()) {
      resolution = new RedirectResolution(LoginActionBean.class);
    }
    return resolution;

  }

  private boolean isSessionExist() {
    String login = (String)context.getRequest().getSession().getAttribute("login");
    return login != null;
  }

}

I think your problem is to redirect a user on login page when they are not logged in. Using @before on each actionBean is not a good idea. To achieve this you can make your own interceptor by extending SpringInterceptorSupport.

@Intercepts(LifecycleStage.ActionBeanResolution)
public class MyInterceptor extends SpringInterceptorSupport {
private static final List<Class<? extends ActionBean>> ALLOW = Arrays.asList(LoginActionBean.class, anyOtherActionBeanAllowedWithoutLogin.class);

@Override
  @SuppressWarnings({ "rawtypes" })
  public Resolution intercept(ExecutionContext execContext) throws Exception {
    Resolution resolution = execContext.proceed();
    ActionBean actionBean = execContext.getActionBean();
    Class<? extends ActionBean> destinationclass = actionBean.getClass();
    if (!ALLOW.contains(destinationclass) && !isSessionExist()) {
      resolution = new RedirectResolution(LoginActionBean.class);
    }
    return resolution;

  }

  private boolean isSessionExist() {
    String login = (String)context.getRequest().getSession().getAttribute("login");
    return login != null;
  }

}

回复收藏 0 原文

~没有更多了~