它是Strict Method Invocation並且自從Struts 2.5默認啓用它。
從約SMI和通配符映射文檔:
When using wildcard mapping in actions' definitions SMI works in two ways:
- SMI is disabled - any wildcard will be substituted with the default RegEx, ie.:
<action name="Person*" method="perform*"> will be translated into allowedMethod = "regex:perform([A-Za-z0-9_$]*)" .
- SMI is enabled - no wildcard substitution will happen, you must strictly define which methods can be accessed by annotations or
<allowed-method/> tag.
,您可以在每<package>禁用。
<package strict-method-invocation="false">
,也可以使用<allowed-methods>標籤添加每行動允許的方法名稱。
<action name="*Application" class="x.ApplicationHandler" method="{1}">
<result name="input">/WEB-INF/application.jsp</result>
<result name="success" type="redirectAction">
<param name="actionName">browseApps</param>
</result>
<allowed-methods>firstMethod, secondMethod, thirdMethod</allowed-methods>
</action>
或者使用<global-allowed-methods>標記爲每個包添加允許的方法名稱。
<package extends="struts-default">
<global-allowed-methods>firstMethod, secondMethod, thirdMethod</global-allowed-methods>
</package>
注意爲了使用上述標籤的struts.xml必須更新DTD定義2.5。
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.5//EN"
"http://struts.apache.org/dtds/struts-2.5.dtd">
<struts>
...
</struts>
還有@AllowedMethods標註在struts2-convention-plugin允許行動,以指定允許的操作方法。
This annotation can be used directly on Action classes or in the package-info.java class in order to specify global allowed methods for all sub-packages.
這是因爲SMI,如Aleksandr已經解釋過的,它的確在不允許的情況下拋出一個異常,並拋出缺少方法。我想知道用「這種方法是不允許的」拋出異常會更好嗎,wdyt? –
是的,更有意義的例外在這裏可能非常有用。 – john
我註冊了一個問題以涵蓋此https://issues.apache.org/jira/browse/WW-4640 –