自定义拦截器(权限管理),包含了对ajax和表单请求的拦截
package com.interceptor; import java.io.IOException; import java.io.PrintWriter; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.struts2.ServletActionContext; import com.opensymphony.xwork2.Action; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.interceptor.AbstractInterceptor; public class AuthorityInterceptor extends AbstractInterceptor{ /** * */ private static final long serialVersionUID = 1L; @Override /* session过期及操作的权限验证拦截器 */ public String intercept(ActionInvocation invocation) throws Exception { // TODO Auto-generated method stub // 取得请求相关的ActionContext实例 ActionContext context=invocation.getInvocationContext(); Map session=context.getSession(); String employ=(String)session.get("employ"); if(!ServletActionContext.getRequest().isRequestedSessionIdValid()){ // session 过期 //return Action.LOGIN; //对ajax请求的拦截 return isAjax(); }else if (employ==null) { //没有登陆,将服务器提示设置成一个HttpServletRequest属性 context.put("tip","您还没有登录,请登陆系统"); return isAjax(); }else { return invocation.invoke(); } }// end function private String isAjax() { HttpServletRequest request = ServletActionContext.getRequest(); HttpServletResponse response = ServletActionContext.getResponse(); response.setCharacterEncoding("text/html;charset=utf-8"); response.setContentType("text/html;charset=utf-8"); PrintWriter pw = null; try { pw = response.getWriter(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } String flag = ""; if (request.getHeader("X-Requested-With") != null && request.getHeader("X-Requested-With").equalsIgnoreCase( "XMLHttpRequest")) { flag = "sessionfalse"; pw.write(flag); return null; }else{ return Action.LOGIN; } } }