堆栈内存溢出
  简体   繁体   English

拦截器中的连锁动作

[英]chain action in interceptor

 原文  2014-11-24 16:27:43       java/ struts2/ get/ interceptor/ chaining

问题描述

Here is my code: 这是我的代码: 

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.StrutsStatics;

@SuppressWarnings("serial")
public class PostOnlyInterceptor extends AbstractInterceptor {

    @Override
    public String intercept(ActionInvocation ai) throws Exception {
        final ActionContext context = ai.getInvocationContext();
        HttpServletRequest request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
        if (!request.getMethod().equals("POST")) {
            return Action.ERROR;
        }

        return ai.invoke();

    }
}

I am using this interceptor to avoid 'GET' method requests for security reasons. 出于安全原因,我正在使用此拦截器来避免“ GET”方法请求。 But when I am calling it by using chain action method: request.getMethod() returns GET request. 但是,当我使用链式操作方法调用它时: request.getMethod()返回GET请求。

So how to handle this situation? 那么如何处理这种情况呢?

1 个解决方案

解决方案1
 0  2014-11-24 17:27:40

Beware of Action Chaining, that is discouraged : 提防动作链接, 不建议这样做

As a rule, Action Chaining is not recommended. 通常,不建议使用动作链接。 First explore other options, such as the Redirect After Post technique. 首先探索其他选项,例如“邮寄后重定向”技术。

But if you already are using it and can't change, you can bypass the POST check from within your Interceptor by checking if the result is of type chain : 但是,如果您已经在使用它并且无法更改,则可以通过检查结果是否为chain类型来从Interceptor内部绕过POST检查: 

public String intercept(ActionInvocation ai) throws Exception {
    final ActionContext context = ai.getInvocationContext();
    HttpServletRequest request = (HttpServletRequest) 
                                  context.get(StrutsStatics.HTTP_REQUEST);

    boolean isChainResult = ai.getResult() != null 
          && ActionChainResult.class.isAssignableFrom(ai.getResult().getClass());

    if (!request.getMethod().equals("POST") && !isChainResult) {
        return Action.ERROR;
    }

    return ai.invoke();

}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 登录拦截器(自定义拦截器)清除操作参数 - Login Interceptor(Custom Interceptor) clearing the Action Parameters 来自动作和拦截器的不同字符串 - Different String from action and interceptor Struts 2.3 Store Interceptor:如何将ActionErrors从Interceptor传递给Action? - Struts 2.3 Store Interceptor : How to pass ActionErrors from Interceptor to Action? 在ExceptionMapper创建响应时,不会遍历RestEasy Post Process Interceptor链 - RestEasy Post Process Interceptor chain not traversed when response created by ExceptionMapper Apache CXF发送自定义响应,中止拦截器链 - Apache CXF Send custom response, abort interceptor chain struts2拦截器重定向两次以执行操作 - struts2 interceptor redirecting twice to action 如何获取在拦截器中的操作 url 中定义的参数 - how to fetch params defined in the action url in Interceptor 在拦截器中访问struts动作结果的参数 - Accessing struts action result's parameters in an interceptor Struts2拦截器-如何读取动作参数 - Struts2 interceptor - how to read action parameters 在 Struts 2 中的身份验证拦截器之后重定向到正确的操作 - Redirecting to a correct action after authentication interceptor in Struts 2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM