logonaction.java

这是《JSP2.0应用实例》一书中的代码

package app;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.ActionServlet;


/**
 * Implementation of <strong>Action</strong> that validates a user logon.
 *
 * @author Craig R. McClanahan
 * @author Ted Husted
 * @version $Revision: 1.1.1.1 $ $Date: 2002/08/15 15:50:55 $
 */
public final class LogonAction extends Action {


    /**
     * Validate credentials with business tier.
     *
     * @param username The username credential
     * @param password The password credential
     * @returns true if credentials can be validated
     * @exception UserDirectoryException if cannot access directory
     */
    /*
    public boolean isUserLogon(String username,
        String password) throws UserDirectoryException {

        return (UserDirectory.getInstance().isValidPassword(username,password));
        // return true;

	}
	*/

	public boolean isUserLogon(String userId, String password) {

        // no null passwords
        if (null==password) return false;

        // conform userId to uppercase
        String _userId = userId.toUpperCase();

        // 简化起见，只有chenxd/admin用户和密码是有效的
        if (! _userId.equals("CHENXD")) return false;

        // does password match user's password
        return (password.equals("admin"));

	}
    /**
     * Login the user.
     * The event is logged if the debug level is >= Constants.DEBUG.
     *
     * @param mapping The ActionMapping used to select this instance
     * @param actionForm The ActionForm bean for this request (if any)
     * @param request The HTTP request we are processing
     * @param response The HTTP response we are creating
     *
     * @exception IOException if an input/output error occurs
     * @exception ServletException if a servlet exception occurs
     */
    public ActionForward perform(ActionMapping mapping,
            ActionForm form,
            HttpServletRequest request,
            HttpServletResponse response)
        throws IOException, ServletException {

        // Obtain username and password from web tier
        String username = ((LogonForm) form).getUsername();
        String password = ((LogonForm) form).getPassword();

        // Validate credentials with business tier
        boolean validated = isUserLogon(username,password);
        

        if (!validated) {
            // credentials don't match
            ActionErrors errors = new ActionErrors();
            errors.add(ActionErrors.GLOBAL_ERROR,
            new ActionError("error.logon.invalid"));
            saveErrors(request,errors);
            // return to input page
            return (new ActionForward(mapping.getInput()));
        }

        // Save our logged-in user in the session,
        // because we use it again later.
        HttpSession session = request.getSession();
        session.setAttribute(Constants.USER_KEY, form);

        // Log this event, if appropriate
        /*
        if (servlet.getDebug() >= Constants.DEBUG) {
            StringBuffer message =
                new StringBuffer("LogonAction: User '");
            message.append(username);
            message.append("' logged on in session ");
            message.append(session.getId());
            servlet.log(message.toString());
        }
		*/
        // Return success
        return (mapping.findForward(Constants.SUCCESS));

    }

} // End LogonAction