最近在做一个网站,用的是Struts2,因为注册的画面和购物的画面要用到SSL,按照
那么就要把struts2的action中在这之中切换,于是找到SSL的一个
struts2的一个插件:
http://code.google.com/p/struts2-ssl-plugin/
大致讲解下:
首先当然把包COPY到lib下了; 之后在struts.xml中设置:
<constant name="struts2.sslplugin.httpPort" value="8085"/>
<constant name="struts2.sslplugin.httpsPort" value="8443"/>
<package name="default" extends="ssl-default">
注意,default里可以继承这个ssl-default,因为其实这个ssl-default也是继承
struts-default的,放心用
之后在你要某个SSL的方法前,用注释,就行了:
@Secured
public String execute1() throws Exception {
log.info("Inside execute1() method");
return SUCCESS;
} 如果要整个类都要SSL,则
@Secured
public class IndexAction extends ActionSupport { 以上的设置,注册画面好用,但是到购物画面的时候,因为不是所有事件都加密,只有在个别方法的时候加密,就在单个方法加@Secured 了,但是如果是href链接到这个方法好用,如果是sumbit提交的话,就跳转不到这个方法,哪位高手能解决一下,是不是跟什么重定向有关系啊,我看了插件里的好像用的是重定向,插件过滤流代码一下:
/*jadclipse*/package com.googlecode.sslplugin.interceptors;import com.googlecode.sslplugin.annotation.Secured;
import com.opensymphony.xwork2.*;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import java.lang.reflect.Method;
import java.net.URI;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;public class SSLInterceptor extends AbstractInterceptor { public SSLInterceptor() { /* 33*/useAnnotations = true; /* 49*/log.info("Intializing SSLInterceptor");
} public String intercept(ActionInvocation invocation) throws Exception { /* 59*/ActionContext context = invocation.getInvocationContext();
/* 60*/HttpServletRequest request = (HttpServletRequest) context.get("com.opensymphony.xwork2.dispatcher.HttpServletRequest"); /* 62*/HttpServletResponse response = (HttpServletResponse) context.get("com.opensymphony.xwork2.dispatcher.HttpServletResponse"); /* 66*/String scheme = request.getScheme().toLowerCase(); /* 69*/String method = request.getMethod().toUpperCase(); /* 77*/Object action = invocation.getAction();
/* 78*/Method method2 = getActionMethod(
action.getClass(),
invocation.getProxy().getMethod()); /* 81*/if (!isUseAnnotations()
|| action.getClass().isAnnotationPresent(
com / googlecode / sslplugin / annotation / Secured)
|| method2.isAnnotationPresent(com
/ googlecode / sslplugin / annotation / Secured)) { /* 84*/if (("GET".equals(method) || "POST".equals(method))
&& "http".equals(scheme)) { /* 87*/int httpsPort = getHttpsPort() != null ? Integer.parseInt(getHttpsPort())
: 8443; /* 89*/URI uri = new URI(
"https", null, request.getServerName(), httpsPort,
response.encodeRedirectURL(request.getRequestURI()),
request.getQueryString(), null); /* 93*/log.info((new StringBuilder()).append(
"Going to SSL mode, redirecting to ")
.append(uri.toString())
.toString()); /* 95*/response.sendRedirect(uri.toString());
/* 96*/return null;
}
}
else /* 103*/if (("GET".equals(method) || "POST".equals(method))
&& "https".equals(scheme)) { /* 106*/int httpPort = getHttpPort() != null ? Integer.parseInt(getHttpPort())
: 8080; /* 108*/URI uri = new URI(
"http", null, request.getServerName(), httpPort,
response.encodeRedirectURL(request.getRequestURI()),
request.getQueryString(), null); /* 112*/log.info((new StringBuilder()).append(
"Going to non-SSL mode, redirecting to ")
.append(uri.toString())
.toString()); /* 114*/response.sendRedirect(uri.toString());
/* 115*/return null;
} /* 119*/return invocation.invoke();
} protected Method getActionMethod(Class actionClass, String methodName)
throws NoSuchMethodException {
Method method; /* 126*/try {
/* <-MISALIGNED-> *//* 126*/method = actionClass.getMethod(
methodName,
new Class[0]);
}
/* <-MISALIGNED-> *//* 127*/catch (NoSuchMethodException e) {
/* <-MISALIGNED-> *//* 130*/try {
/* <-MISALIGNED-> *//* 130*/String altMethodName = (new StringBuilder()).append(
"do")
.append(methodName.substring(0, 1).toUpperCase())
.append(methodName.substring(1))
.toString();
/* <-MISALIGNED-> *//* 131*/method = actionClass.getMethod(
altMethodName,
new Class[0]);
}
/* <-MISALIGNED-> *//* 132*/catch (NoSuchMethodException e1) {
/* <-MISALIGNED-> *//* 134*/throw e;
}
}
/* <-MISALIGNED-> *//* 137*/return method;
} public String getHttpsPort() {
/* <-MISALIGNED-> *//* 142*/return httpsPort;
} public void setHttpsPort(String httpsPort) {
/* <-MISALIGNED-> *//* 146*/this.httpsPort = httpsPort;
} public String getHttpPort() {
/* <-MISALIGNED-> *//* 150*/return httpPort;
} public void setHttpPort(String httpPort) {
/* <-MISALIGNED-> *//* 154*/this.httpPort = httpPort;
} public boolean isUseAnnotations() {
/* <-MISALIGNED-> *//* 158*/return useAnnotations;
} public void setUseAnnotations(boolean useAnnotations) {
/* <-MISALIGNED-> *//* 162*/this.useAnnotations = useAnnotations;
} private static Log log = LogFactory.getLog(com
/ googlecode / sslplugin / interceptors / SSLInterceptor); private String httpsPort; private String httpPort; private boolean useAnnotations; static final int HTTP_PORT = 8080; static final int HTTPS_PORT = 8443; static final String HTTP_GET = "GET"; static final String HTTP_POST = "POST"; static final String SCHEME_HTTP = "http"; static final String SCHEME_HTTPS = "https";
}
/*
DECOMPILATION REPORT Decompiled from: C:\Tomcat5.5\webapps\ccsr-aoba\WEB-INF\lib\struts2-ssl-plugin-1.0.jar
Total time: 1515 ms
Jad reported messages/errors:
Exit status: 0
Caught exceptions:
*/
那么就要把struts2的action中在这之中切换,于是找到SSL的一个
struts2的一个插件:
http://code.google.com/p/struts2-ssl-plugin/
大致讲解下:
首先当然把包COPY到lib下了; 之后在struts.xml中设置:
<constant name="struts2.sslplugin.httpPort" value="8085"/>
<constant name="struts2.sslplugin.httpsPort" value="8443"/>
<package name="default" extends="ssl-default">
注意,default里可以继承这个ssl-default,因为其实这个ssl-default也是继承
struts-default的,放心用
之后在你要某个SSL的方法前,用注释,就行了:
@Secured
public String execute1() throws Exception {
log.info("Inside execute1() method");
return SUCCESS;
} 如果要整个类都要SSL,则
@Secured
public class IndexAction extends ActionSupport { 以上的设置,注册画面好用,但是到购物画面的时候,因为不是所有事件都加密,只有在个别方法的时候加密,就在单个方法加@Secured 了,但是如果是href链接到这个方法好用,如果是sumbit提交的话,就跳转不到这个方法,哪位高手能解决一下,是不是跟什么重定向有关系啊,我看了插件里的好像用的是重定向,插件过滤流代码一下:
/*jadclipse*/package com.googlecode.sslplugin.interceptors;import com.googlecode.sslplugin.annotation.Secured;
import com.opensymphony.xwork2.*;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import java.lang.reflect.Method;
import java.net.URI;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;public class SSLInterceptor extends AbstractInterceptor { public SSLInterceptor() { /* 33*/useAnnotations = true; /* 49*/log.info("Intializing SSLInterceptor");
} public String intercept(ActionInvocation invocation) throws Exception { /* 59*/ActionContext context = invocation.getInvocationContext();
/* 60*/HttpServletRequest request = (HttpServletRequest) context.get("com.opensymphony.xwork2.dispatcher.HttpServletRequest"); /* 62*/HttpServletResponse response = (HttpServletResponse) context.get("com.opensymphony.xwork2.dispatcher.HttpServletResponse"); /* 66*/String scheme = request.getScheme().toLowerCase(); /* 69*/String method = request.getMethod().toUpperCase(); /* 77*/Object action = invocation.getAction();
/* 78*/Method method2 = getActionMethod(
action.getClass(),
invocation.getProxy().getMethod()); /* 81*/if (!isUseAnnotations()
|| action.getClass().isAnnotationPresent(
com / googlecode / sslplugin / annotation / Secured)
|| method2.isAnnotationPresent(com
/ googlecode / sslplugin / annotation / Secured)) { /* 84*/if (("GET".equals(method) || "POST".equals(method))
&& "http".equals(scheme)) { /* 87*/int httpsPort = getHttpsPort() != null ? Integer.parseInt(getHttpsPort())
: 8443; /* 89*/URI uri = new URI(
"https", null, request.getServerName(), httpsPort,
response.encodeRedirectURL(request.getRequestURI()),
request.getQueryString(), null); /* 93*/log.info((new StringBuilder()).append(
"Going to SSL mode, redirecting to ")
.append(uri.toString())
.toString()); /* 95*/response.sendRedirect(uri.toString());
/* 96*/return null;
}
}
else /* 103*/if (("GET".equals(method) || "POST".equals(method))
&& "https".equals(scheme)) { /* 106*/int httpPort = getHttpPort() != null ? Integer.parseInt(getHttpPort())
: 8080; /* 108*/URI uri = new URI(
"http", null, request.getServerName(), httpPort,
response.encodeRedirectURL(request.getRequestURI()),
request.getQueryString(), null); /* 112*/log.info((new StringBuilder()).append(
"Going to non-SSL mode, redirecting to ")
.append(uri.toString())
.toString()); /* 114*/response.sendRedirect(uri.toString());
/* 115*/return null;
} /* 119*/return invocation.invoke();
} protected Method getActionMethod(Class actionClass, String methodName)
throws NoSuchMethodException {
Method method; /* 126*/try {
/* <-MISALIGNED-> *//* 126*/method = actionClass.getMethod(
methodName,
new Class[0]);
}
/* <-MISALIGNED-> *//* 127*/catch (NoSuchMethodException e) {
/* <-MISALIGNED-> *//* 130*/try {
/* <-MISALIGNED-> *//* 130*/String altMethodName = (new StringBuilder()).append(
"do")
.append(methodName.substring(0, 1).toUpperCase())
.append(methodName.substring(1))
.toString();
/* <-MISALIGNED-> *//* 131*/method = actionClass.getMethod(
altMethodName,
new Class[0]);
}
/* <-MISALIGNED-> *//* 132*/catch (NoSuchMethodException e1) {
/* <-MISALIGNED-> *//* 134*/throw e;
}
}
/* <-MISALIGNED-> *//* 137*/return method;
} public String getHttpsPort() {
/* <-MISALIGNED-> *//* 142*/return httpsPort;
} public void setHttpsPort(String httpsPort) {
/* <-MISALIGNED-> *//* 146*/this.httpsPort = httpsPort;
} public String getHttpPort() {
/* <-MISALIGNED-> *//* 150*/return httpPort;
} public void setHttpPort(String httpPort) {
/* <-MISALIGNED-> *//* 154*/this.httpPort = httpPort;
} public boolean isUseAnnotations() {
/* <-MISALIGNED-> *//* 158*/return useAnnotations;
} public void setUseAnnotations(boolean useAnnotations) {
/* <-MISALIGNED-> *//* 162*/this.useAnnotations = useAnnotations;
} private static Log log = LogFactory.getLog(com
/ googlecode / sslplugin / interceptors / SSLInterceptor); private String httpsPort; private String httpPort; private boolean useAnnotations; static final int HTTP_PORT = 8080; static final int HTTPS_PORT = 8443; static final String HTTP_GET = "GET"; static final String HTTP_POST = "POST"; static final String SCHEME_HTTP = "http"; static final String SCHEME_HTTPS = "https";
}
/*
DECOMPILATION REPORT Decompiled from: C:\Tomcat5.5\webapps\ccsr-aoba\WEB-INF\lib\struts2-ssl-plugin-1.0.jar
Total time: 1515 ms
Jad reported messages/errors:
Exit status: 0
Caught exceptions:
*/
<package name="sunyou" namespace="/com/sunyou" extends="ssl-default">
<action><!--将你要执行的方法配置此处试试--></action>
</package>
如果还是不行,可以差看我的博客http://blog.csdn.net/sunyoulao/archive/2011/03/22/6267485.aspx
该文章就是针对你的问题从头到尾演示了。我的演示一切都正常。希望对你会有帮助。