类 SecureLinkTool
- 所有已实现的接口:
Cloneable
It has the same interface as StrutsLinkTool and can function as a substitute if Struts 1.x and SSL Ext are installed.
The SecureLinkTool extends the standard
LinkTool
and has the exact same interface as
StrutsLinkTool
and the same function. It should
substitute the StrutsLinkTool
in the toolbox if
SSL Ext is installed.
It's functionality is a subset of the functionality provided by the
sslext tag library for JSP.
The SSL Ext. Struts extension package makes it possible to declare Struts actions secure, non-secure, or neutral in the struts config like so:
<action path="/someSecurePath" type="some.important.Action"> <set-property property="secure" value="true"/> <forward name="success" path="/somePage.vm" /> </action>
If an action is declared secure the SecureLinkTool will render the relevant link
as https (if not already in ssl-mode). In the same way, if an action is declared
non-secure the SecureLinkTool will render the relevant link as http (if in ssl-mode).
If the action is declared as neutral (with a "secure" property of "any") then the
SecureLinkTool won't force a protocol change either way.
If the custom
request processor is also used then a request will be redirected to the correct
protocol if an action URL is manually entered into the browser with the wrong protocol
These are the steps needed to enable SSL Ext:
- SSL connections need to be enabled on the webserver.
- The Java Secure Socket Extension (JSSE) package needs to be in place (it's integrated into the Java 2 SDK Standard Edition, v. 1.4 but optional for earlier versions)
- In your tools.xml, add the SecureLinkTool to replace (same key) or complement
(alternate key) the
StrutsLinkTool
- In struts-conf.xml the custom action-mapping class needs to be specified
- In struts-conf.xml the custom controller class can optionally be specified (if the redirect feature is wanted)
- In struts-conf.xml the SecurePlugIn needs to be added
- In struts-conf.xml, when using Tiles, the SecureTilesPlugin substitues both the TilesPlugin and the SecurePlugIn and it also takes care of setting the correct controller so there is no need to specify the custom controller.
Usage:
Template example: <!-- Use just like a regular StrutsLinkTool --> $link.action.nameOfAction $link.action.nameOfForward If the action or forward is marked as secure, or not, in your struts-config then the link will be rendered with https or http accordingly. Toolbox configuration: <tools> <toolbox scope="request"> <tool class="org.apache.velocity.tools.struts.SecureLinkTool"/> </toolbox> </tools>
- 从以下版本开始:
- VelocityTools 1.1
- 版本:
- $Revision: 707788 $ $Date: 2008-10-24 16:28:06 -0700 (Fri, 24 Oct 2008) $
- 作者:
- Marino A. Jonsson
-
字段概要
字段修饰符和类型字段说明protected ServletContext
private static final String
private static final String
private static final String
private static final String
从类继承的字段 org.apache.velocity.tools.view.LinkTool
INCLUDE_REQUEST_PARAMS_KEY, includeRequestParams, request, response
从类继承的字段 org.apache.velocity.tools.generic.LinkTool
APPEND_PARAMS_KEY, appendParams, charset, CHARSET_KEY, DEFAULT_CHARSET, DEFAULT_SCHEME, FORCE_RELATIVE_KEY, forceRelative, fragment, FRAGMENT_KEY, host, HOST_KEY, HTML_QUERY_DELIMITER, LOG, opaque, path, PATH_KEY, port, PORT_KEY, query, QUERY_KEY, queryDelim, scheme, SCHEME_KEY, SECURE_SCHEME, self, URI_KEY, user, USER_KEY, XHTML_MODE_KEY, XHTML_QUERY_DELIMITER
从类继承的字段 org.apache.velocity.tools.generic.SafeConfig
LOCK_CONFIG_KEY, OLD_LOCK_CONFIG_KEY, SAFE_MODE_KEY
-
构造器概要
构造器 -
方法概要
修饰符和类型方法说明computeURL
(HttpServletRequest request, ServletContext app, String link) Compute a hyperlink URL based on the specified action link.protected void
configure
(ValueParser props) Does the actual configuration.private static SecureActionConfig
getActionConfig
(ServletContext app, String linkString) Finds the configuration definition for the specified action linkReturns a copy of the link with the given action name converted into a server-relative URI reference.setForward
(String forward) Returns a copy of the link with the given global forward name converted into a server-relative URI reference.private static StringBuilder
startNewUrlString
(HttpServletRequest request, String desiredScheme, String desiredPort) Builds the protocol, server name, and port portion of the new URLReturn the specified URL with the specified session identifier suitably encoded.从类继承的方法 org.apache.velocity.tools.view.LinkTool
addMissingRequestParams, addRequestParams, addRequestParamsExcept, getContextPath, getContextURL, getRequestPath, isPathChanged, setFromRequest, setIncludeRequestParams, toString
从类继承的方法 org.apache.velocity.tools.generic.LinkTool
absolute, absolute, anchor, append, append, appendAsArray, appendPath, appendQuery, combinePath, combineQuery, createURI, debug, debug, decode, decodeQueryPercents, directory, duplicate, duplicate, encode, equals, getAnchor, getAppendParams, getBaseRef, getCharacterEncoding, getDirectory, getFile, getHost, getParams, getPath, getPort, getQuery, getRoot, getScheme, getSelf, getUri, getUser, handleParamsBoolean, hashCode, host, insecure, isAbsolute, isOpaque, isRelative, isSecure, isXHTML, normalizeQuery, param, params, parseQuery, parseQuery, path, port, query, relative, relative, remove, removeParam, root, scheme, secure, set, setAppendParams, setCharacterEncoding, setForceRelative, setFragment, setFromURI, setHost, setParam, setParams, setPath, setPort, setQuery, setScheme, setUserInfo, setXHTML, toQuery, toQuery, toURI, uri, user
从类继承的方法 org.apache.velocity.tools.generic.SafeConfig
configure, isConfigLocked, isSafeMode, setLockConfig, setSafeMode
-
字段详细资料
-
构造器详细资料
-
SecureLinkTool
public SecureLinkTool()
-
-
方法详细资料
-
configure
从类复制的说明:SafeConfig
Does the actual configuration. This is protected, so subclasses may share the same ValueParser and call configure at any time, while preventing templates from doing so when configure(Map) is locked. -
setAction
Returns a copy of the link with the given action name converted into a server-relative URI reference. This method does not check if the specified action really is defined. This method will overwrite any previous URI reference settings but will copy the query string.
- 参数:
action
- an action path as defined in struts-config.xml- 返回:
- a new instance of StrutsLinkTool
-
setForward
Returns a copy of the link with the given global forward name converted into a server-relative URI reference. If the parameter does not map to an existing global forward name,
null
is returned. This method will overwrite any previous URI reference settings but will copy the query string.- 参数:
forward
- a global forward name as defined in struts-config.xml- 返回:
- a new instance of StrutsLinkTool
-
computeURL
Compute a hyperlink URL based on the specified action link. The returned URL will have already been passed toresponse.encodeURL()
for adding a session identifier.- 参数:
request
- the current request.app
- the current ServletContext.link
- the action that is to be converted to a hyperlink URL- 返回:
- the computed hyperlink URL
-
getActionConfig
Finds the configuration definition for the specified action link- 参数:
app
- the current ServletContext.linkString
- The action we are searching for, specified as a link. (i.e. may include "..")- 返回:
- The SecureActionConfig object entry for this action, or null if not found
-
startNewUrlString
private static StringBuilder startNewUrlString(HttpServletRequest request, String desiredScheme, String desiredPort) Builds the protocol, server name, and port portion of the new URL- 参数:
request
- The current requestdesiredScheme
- The scheme (http or https) to be used in the new URLdesiredPort
- The port number to be used in th enew URL- 返回:
- The new URL as a StringBuilder
-
toEncoded
Return the specified URL with the specified session identifier suitably encoded.- 参数:
url
- URL to be encoded with the session idsessionId
- Session id to be included in the encoded URL- 返回:
- the specified URL with the specified session identifier suitably encoded
-