问题
I’ve started playing around with JSPs and Struts2. I’ve read through a bunch of tutorials and specs, and now I’m trying my hand at a very simple application using Struts2, JSP2 EL, and creating a custom taglib.
What I am trying to do is create a simple reusable login control. I’ve created a JSP that will check the session to see if a user is logged in, and if not display a login page.
The issue I am having is I can’t seem put the retPage attribute in login.tag as a value in a hidden input field. As is, I get the following error “/WEB-INF/tags/login.tag(14,1) According to TLD or attribute directive in tag file, attribute value does not accept any expressions”. If I set the value of sourcePage to an empty string, everything else works fine.
I’ve done some googling for this error, and it seems to indicate I am not using the version of JSP I think I am (I think I’m using JSP 2, but this error seems to occur from JSP 1.2 trying to interpret JSP2 EL statements ). However if I wasn’t using JSP 2, I would have thought that all JSP EL statements would fail, which is not the case.
How can I set my retPage attribute in login.tag to be the value of a hidden input field?
I do feel like I have a very tenuous grasp on this stuff. So if all of this is way off base, please let me know.
Any help would be greatly appreciated. Thank you.
index.jsp
<?xml version="1.0" encoding="UTF-8" ?>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Welcome</title>
</head>
<body>
<%@ include file="auth.jsp" %>
<div> Welcome to My Test Page</div>
</body>
</html>
auth.jsp:
<?xml version="1.0" encoding="UTF-8" ?>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<s:head />
</head>
<body>
<s:if test="! #session['authenticated']" >
<%
StringBuffer url = request.getRequestURL();
String ns = "myTest/";
int sidx = url.lastIndexOf( ns );
int tidx = url.indexOf( "?");
if( 0 > tidx )
{
tidx = url.length();
}
String retPage = url.substring( sidx + ns.length(), tidx );
%>
<jsp:forward page="login.jsp" >
<jsp:param name="page" value="<%=retPage%>" />
</jsp:forward>
</s:if>
</body>
</html>
login.jsp:
<?xml version="1.0" encoding="UTF-8" ?>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags" %>
<%@ taglib prefix="sj" uri="/struts-jquery-tags"%>
<%@ taglib prefix="ml" tagdir="/WEB-INF/tags" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Please login</title>
<s:head />
<sj:head />
</head>
<body>
<div id="login">
<ml:login retPage="${param.page}" />
</div>
</body>
</html>
login.tag:
<%@ tag body-content="empty" %>
<%@ attribute name="retPage" required="true" %>
<%@ taglib prefix="s" uri="/struts-tags" %>
<s:head />
<s:form action="login" theme="xhtml">
<div>
Please login.
Ret0: ${retPage}
</div>
<s:textfield name="user.userName" label="Username" />
<s:hidden name="sourcePage" value="${retPage}" />
<s:submit />
</s:form>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>myTest</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
回答1:
According to TLD or attribute directive in tag file, attribute value does not accept any expressions.
By default you cannot pass a JSP EL expression to a Struts2 tag. This is done for security purposes. If you wanted to, you could make a copy of struts-tags.tld and set <rtexprvalue> to true for all of the tags. However, you should be aware of the security vulnerability involved in allowing tags to accept both JSP EL and OGNL expressions.
JSP EL is evaluated prior to invoking the tag handler, OGNL is evaluated afterwards (inside the tag). As such, if ${retPage} evaluated to an OGNL expression, then the tag may wind up doing something you didn't expect.
For the case of a hidden form field, just use the HTML equivalent.
来源:https://stackoverflow.com/questions/6296544/jsp2-expression-in-struts2-form-input