如何知道从哪个班级收到的请求
[英]How to know from which class a request has been received
问题描述
I have a login.jsp page in my application. 
我的应用程序中有一个login.jsp页面。 I am using Struts 2 and a simple validate() method to validate my form. 我正在使用Struts 2和一个简单的validate()方法来验证我的表单。 I have two questions: 我有两个问题:
validate()method in my form bean class validates the form.我的表单bean类中的validate()方法验证表单。 Ie checks for empty fields etc. If I need to check my username and password combination should I do this insidevalidate()or in my action class?即检查空白字段等。如果需要检查用户名和密码组合,是否应该在validate()或操作类中执行此操作?If I am doing the same in my action class, correct combination leads to success page.
如果我在动作课中也做同样的事情,正确的组合将导致成功页面。 I want the incorrect combination to lead to my JSP page along with the error message: "Incorrect combination". 我希望不正确的组合以及错误消息“不正确的组合”导致我的JSP页面。 How can I check in my JSP page that the request has come from action class so that it can print the error message "Incorrect combination"? 如何在我的JSP页面中检查该请求是否来自操作类,以便它可以显示错误消息“错误的组合”?
3 个解决方案
解决方案1
1 已采纳 2013-01-25 22:35:54
Authentication belongs in the action, not in validation, IMO. 认证属于IMO,而不属于验证。
I might consider using XML or annotation validations for the fields themselves and put the login attempt in validate() , but the code is small, and I'd be pretty comfortable with it either way. 我可能会考虑对字段本身使用XML或批注验证,并将登录尝试放在validate() ,但是代码很小,无论哪种方式,我都会很满意。
public String execute() {
if (userService.loginValid(username, password) {
return SUCCESS;
}
addActionError(getText("login.failure"));
return FAILURE;
}
I would use the framework's support for action-level error messages rather than using a flag (and I wouldn't duplicate that flag with a local if I did), and I strongly recommend using something you can inject to do the actual logging in to make testing easier. 我会使用框架对操作级别错误消息的支持,而不是使用标志(并且如果这样做的话,我不会与本地重复该标志),并且我强烈建议您使用可以注入的东西进行实际登录使测试更容易。
Using the validate() approach makes things pretty tight: 使用validate()方法使事情变得很紧:
public void validate() {
if (!userService.loginValid(username, password)) {
addActionError(getText("login.failure"));
}
}
Assuming you define reasonable "input" and "success" results that might be all you need. 假设您定义了可能需要的合理“输入”和“成功”结果。 If developers looking at the code are familiar with the framework the validate() version is relatively clear. 如果查看代码的开发人员熟悉该框架,则validate()版本会相对清楚。
If you're not interested in using XML or annotation validations, you can do that manually as well. 如果您对使用XML或批注验证不感兴趣,也可以手动进行。 That definitely belongs in validate() , and for common utility methods like this, static imports make the code still relatively concise: 那绝对属于validate() ,对于像这样的通用实用程序方法,静态导入使代码仍然相对简洁:
public void validate() {
boolean tryLogin = true;
if (isBlank(username)) {
addFieldError("username", getText("login.username.required"));
tryLogin = false;
}
if (isBlank(password)) {
addFieldError("password", getText("login.password.required"));
tryLogin = false;
}
if (tryLogin && !userService.loginValid(username, password)) {
addActionError(getText("login.failure"));
}
}
(I added the tryLogin flag to avoid seeing the error message for a login that will obviously fail, although this could be handled in other ways as well. Post-login processing elided.) (我添加了tryLogin标志,以避免看到显然会失败的登录错误消息,尽管也可以通过其他方式处理。省去了登录后处理。)
解决方案2
0 2013-01-25 20:44:05
I would say you definitely don't want the login logic in the validate method; 我要说的是,您绝对不希望validate方法中的登录逻辑; that's for validating data. 那是为了验证数据。
I would suggest that if your login fails, just expose a data property on the action like: 我建议如果登录失败,只需在操作中公开一个数据属性,例如:
execute () {
boolean authenticated = login( getUsername(), getPassword() );
setLoginValid( authenticated );
if ( authenticated )
result = SUCCESS;
else
result = FAILURE;
return result;
}
And then in your login.jsp, simply wrap a message about bad credentials in the struts if tag, with a test on the loginValid property. 然后在您的login.jsp中,只需对loginValid属性进行测试,即可在struts if标记中包装一条有关不良凭证的消息。
解决方案3
0 2013-01-25 21:37:31
The purpose of the validation framework is to check field values to be valid to prevent unexpected errors while executing the action. 验证框架的目的是检查字段值是否有效,以防止在执行操作时发生意外错误。
It is a good practice to separate the validation logic from the business logic. 将验证逻辑与业务逻辑分开是一个好习惯。 Authentication has nothing to do with validation logic. 身份验证与验证逻辑无关。 It is a separate process provided by security mechanisms. 这是安全机制提供的单独过程。 Of course you can create the action or interceptor that performs authentication, and as with any action you can configure it for validation. 当然,您可以创建执行身份验证的操作或拦截器,并且可以像配置任何操作一样配置它以进行验证。
In Struts2 it's even more simplified by applying a validation interceptor is a part of the job for processing request. 在Struts2中,通过应用validation拦截器甚至更加简化,这是处理请求的工作的一部分。 In more sophisticated scenarios authentication becomes a part of the business logic, but the method to validate the input fields renames the same. 在更复杂的场景中,身份验证已成为业务逻辑的一部分,但是用于验证输入字段的方法将重命名相同的名称。 If your action is only do is authenticating then you may not require the validation to process authentication. 如果您只是要进行身份验证,则可能不需要身份验证即可进行身份验证。
To your second question: all you need is to addActionError(getText("error.key")) to invalidate the action. 第二个问题是:您只需添加addActionError(getText("error.key"))即可使操作无效。 Then return to the result where <s:actionerror> to display the message. 然后返回结果<s:actionerror>以显示消息。
What is more important the validation logic remains the same if you decide to move it to the action. 更重要的是,如果您决定将验证逻辑移至操作中,则验证逻辑将保持不变。 In this case the only thing you have to do is to remove the validation stack. 在这种情况下,您唯一要做的就是删除验证堆栈。 The only reason of such validation is to return the result that is different than "input" . 进行这种验证的唯一原因是返回与"input"不同的结果。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.