The validation concept understanding in Struts 2(Struts 2 中的验证概念理解)
问题描述
我不明白下一个案例中 Struts2 验证的概念:
我的应用程序包含 2 个操作:
- login.action
- drive.action
我可以从浏览器命令行运行 drive.action
而无需在 login.action
如果用户未在 login.action
中成功填写用户名和密码,我如何实现验证代码以防止从命令行运行 drive.action
?
验证概念
Struts 2 验证是通过 XML 或注释配置的.手动的动作中的验证也是可能的,并且可以与XML 和注释驱动的验证.
验证还取决于验证和工作流程拦截器(两者都包含在默认拦截器堆栈中).这验证拦截器自己进行验证并创建一个列表特定领域的错误.工作流拦截器检查存在验证错误:如果发现任何错误,则返回输入"结果(默认情况下),将用户带回包含验证错误.
如果我们使用默认设置并且我们的操作没有输入"结果定义并且有验证(或者,顺便说一下,类型转换)错误,我们会收到一条错误消息告诉我们没有输入";为操作定义的结果.
很简单,您可以通过验证配置文件或注释将验证器映射到字段.然后将 validation
拦截器应用于通过拦截器堆栈、自定义堆栈或 defaultStack
.
当验证开始时,它会调用验证管理器来执行实际验证并将错误保存到 ValidationAware
动作.
你的动作应该实现这个接口,或者只是扩展 ActionSupport
已经实现,以保存错误.然后 workflow
拦截器 检查这些错误,如果发现其中任何一个重定向到 INPUT
结果,如果未发现错误,则执行操作调用.您还可以通过实现 程序化 验证.html" rel="nofollow noreferrer">Validateable
接口,其中ActionSupport
默认实现,因此要覆盖 validate()
方法.p>
作为基于 XML 的验证的补充,您还可以应用基于注释的配置.这只是服务器端验证,应用于浏览器的客户端验证通过 Struts 标记启用 javascript,用于将验证内容呈现给正在验证的页面.
所有这个概念都不适用于需要身份验证的动作(除非身份验证拦截器应用于动作).如果您使用 JAAS 身份验证,那么您应该考虑实施 PrincipalAware
或使用 roles
拦截器来限制对检查 isUserInRole()
.您可以使用 Action.如果用户未像 结果返回到身份验证拦截器中的登录页面way-to-redirect-to-another-action-class-without-using-on-struts-xml/16256030#16256030">有没有办法重定向到另一个动作类而不使用
struts.xml代码> 示例.
I don't understand conception of Struts2 validation in next case :
My application consists of 2 actions:
- login.action
- drive.action
I can run drive.action
from browser command line without filling user and password in login.action
How can I implement validation code which prevents the run of drive.action
from command line if user hasn't successfully filled user and password in login.action
?
The validation concept
Struts 2 validation is configured via XML or annotations. Manual validation in the action is also possible, and may be combined with XML and annotation-driven validation.
Validation also depends on both the validation and workflow interceptors (both are included in the default interceptor stack). The validation interceptor does the validation itself and creates a list of field-specific errors. The workflow interceptor checks for the presence of validation errors: if any are found, it returns the "input" result (by default), taking the user back to the form which contained the validation errors.
If we're using the default settings and our action doesn't have an "input" result defined and there are validation (or, incidentally, type conversion) errors, we'll get an error message back telling us there's no "input" result defined for the action.
It is simple, you map the validators to the fields via the validation configuration file, or via annotations. Then apply a validation
interceptor to the action via referencing it explicitly or implicitly via the interceptor stack, custom stack or defaultStack
.
When validation started it invokes the validation manager to perform actual validation and save errors to the ValidationAware
action.
Your action should implement this interface, or just extend the ActionSupport
where it's already implemented, to save the errors. Then workflow
interceptor checks for those errors and if found any of them redirect to the INPUT
result, if no errors found the action invocation is executed. You may also add a programmatic validation to the action by implementing Validateable
interface, which ActionSupport
is implemented by default, hence to override the validate()
method(s).
As a supplement to XML based validation you could also apply annotation based configuration. This only the server-side validation, the client-side validation applied to the browser enabled javascript via Struts tags used for rendering a validation content to the page being validated.
All of this concept is not applicable to the action which requires authentication (unless the authentication interceptor is applied to the action). If you use JAAS authentication, then you should consider your action to implement PrincipalAware
or use roles
interceptor to restrict access to the action which checks the isUserInRole()
. You may use Action.LOGIN
result to return to the login page in authentication interceptor if the user is not authenticated like in Is there a way to redirect to another action class without using on struts.xml
example.
这篇关于Struts 2 中的验证概念理解的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!
本文标题为:Struts 2 中的验证概念理解
基础教程推荐
- “未找到匹配项"使用 matcher 的 group 方法时 2022-01-01
- 在 Libgdx 中处理屏幕的正确方法 2022-01-01
- FirebaseListAdapter 不推送聊天应用程序的单个项目 - Firebase-Ui 3.1 2022-01-01
- 降序排序:Java Map 2022-01-01
- 设置 bean 时出现 Nullpointerexception 2022-01-01
- 减少 JVM 暂停时间 >1 秒使用 UseConcMarkSweepGC 2022-01-01
- Java Keytool 导入证书后出错,"keytool error: java.io.FileNotFoundException &拒绝访问" 2022-01-01
- Java:带有char数组的println给出乱码 2022-01-01
- 无法使用修饰符“public final"访问 java.util.Ha 2022-01-01
- 如何使用 Java 创建 X509 证书? 2022-01-01