<!--spring配置 -->
1    <bean id="authorityInterceptor" class="com.xxx.interceptor.AuthorityInterceptor"/>2 3     <bean id="operationInterceptor" class="com.xxx.interceptor.OperationInterceptor">4         <property name="defectService" ref="sysDefectService"/>5         <property name="projectService" ref="projectService" />6         <property name="includeMethods">7             <value>*Modify,*Delete</value>8         </property>9     </bean>

1      <interceptors>2             <interceptor name="loginInterceptor" class="authorityInterceptor"/>3             <interceptor name="operationInterceptor" class="operationInterceptor"/> 5         </interceptors>

public String intercept(ActionInvocation aInvocation) throws Exception {　　// 获取请求的action名称　　String actionName = aInvocation.getInvocationContext().getName();

　　
　　//获取参数集合
　　Map parameters = aInvocation.getInvocationContext().getParameters();

 
　　 ....}

package com.jd.jd_ptesting.interceptor;import com.jd.jd_ptesting.action.ProjectAction;import com.jd.jd_ptesting.action.SysDefectAction;import com.jd.jd_ptesting.po.Project;import com.jd.jd_ptesting.po.SysDefect;import com.jd.jd_ptesting.po.User;import com.jd.jd_ptesting.service.IProjectService;import com.jd.jd_ptesting.service.ISysDefectService;import com.opensymphony.xwork2.Action;import com.opensymphony.xwork2.ActionContext;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;import java.util.List;public class OperationInterceptor extends MethodFilterInterceptor {    private ISysDefectService defectService;    private IProjectService projectService;      protected String doIntercept(ActionInvocation actionInvocation) throws Exception {        boolean hasAuth = false;        String cunrrentId = "";        Object currentActon =actionInvocation.getAction();        ActionContext actionContext = actionInvocation.getInvocationContext();        User currentUser = (User)actionContext.getSession().get("currentUser");        if(currentUser == null                || currentUser.getEmployer()==null                || currentUser.getGroup() == null                || currentUser.getEmployer().getEmpId()+""==null        )        {            return Action.LOGIN;        }        //获取当前用户的epmId        String empId = currentUser.getEmployer().getEmpId() + "";        if(currentActon instanceof ProjectAction){            //是否第二次检查权限            List<Project> projectList = currentUser.getProjectList();            if (projectList==null || projectList.size()<1){                ProjectAction projectAction = (ProjectAction)currentActon;                cunrrentId = projectAction.getProjId();                projectList =  projectService.getProjectsByEmpId(empId);            }            //如果获取列表失败,则提示无权限            if(projectList==null || projectList.size()<1){                return "deny";            }else {                currentUser.setProjectList(projectList);            }            for(Project project:projectList){                if(cunrrentId.equals(project.getProjId()+"")){                    hasAuth = true;                }            }            if(hasAuth){                return actionInvocation.invoke();            }        }else if(currentActon instanceof SysDefectAction){            SysDefectAction sysDefectAction = (SysDefectAction)currentActon;            List<SysDefect> sysDefectList =  defectService.getSysDefectsByEmpId(empId);            if(sysDefectList==null || sysDefectList.size()<1){                return "deny";            }else {                currentUser.setSysDefectList(sysDefectList);            }            for(SysDefect sysDefect:sysDefectList){                if(cunrrentId.equals(sysDefect.getDefId()+"")){                    hasAuth = true;
                }            }            if(hasAuth){                return actionInvocation.invoke();            }        }        return "deny";  //To change body of implemented methods use File | Settings | File Templates.    }    public ISysDefectService getDefectService() {        return defectService;    }    public void setDefectService(ISysDefectService defectService) {        this.defectService = defectService;    }    public IProjectService getProjectService() {        return projectService;    }    public void setProjectService(IProjectService projectService) {        this.projectService = projectService;    }}

    <bean id="authorityInterceptor" class="com.jd.jd_ptesting.interceptor.AuthorityInterceptor"/>    <bean id="operationInterceptor" class="com.jd.jd_ptesting.interceptor.OperationInterceptor">        <property name="defectService" ref="sysDefectService"/>        <property name="projectService" ref="projectService" />

　　　　　<!-- 白名单属性配置,注意*的用法 -->        <property name="includeMethods">            <value>*Modify,*Delete</value>        </property>    </bean>

     <interceptors>            <interceptor name="loginInterceptor" class="authorityInterceptor"/>            <interceptor name="operationInterceptor" class="operationInterceptor"/>                        <interceptor-stack name="authInterceptor-stack">                <interceptor-ref name="defaultStack"/>                <interceptor-ref name="loginInterceptor"/>                <interceptor-ref name="operationInterceptor"/>            </interceptor-stack>        </interceptors>