What is the principle of Struts2 framework
The principle of the Struts2 framework: 1. The interceptor parses the request path; 2. Finds the complete class name of the Action; 3. Creates the Action object; 4. Execute the Action method; 5. Returns the result; 6. View parsing. Its principle is based on the interceptor mechanism, which completely separates the business logic controller from the Servlet API, improving the reusability and maintainability of the code. By using the reflection mechanism, the Struts2 framework can flexibly create and manage Action objects to process requests and responses.
The operating system for this tutorial: Windows 10 system, DELL G3 computer.
Struts2 is a Web layer framework based on the MVC pattern, which uses an interceptor mechanism to handle user requests. The following is the principle of the Struts2 framework:
1. The interceptor parses the request path: When the user sends a request to the Web application, the interceptor of the Struts2 framework will parse the request path and obtain The name of the Action.
2. Find the complete class name of Action: According to the name of Action, the Struts2 framework will find the corresponding complete class name in the configuration file. These configuration information are usually defined in the struts.xml file.
3. Create an Action object: Once the Struts2 framework finds the complete class name of Action, it will use the reflection mechanism to create an instance of the class (i.e. Action object). This way, a new Action object is created for each request.
4. Execute the Action method: When the Action object is created, the interceptor will hand over the processing of the request to ActionProxy. ActionProxy is the proxy object of the Action object. It executes the corresponding business logic by calling the execute() method of the Action object.
5. Return result: After the Action is executed, a string result (result code) is returned. This result string is usually associated with a view (View), which is used to display the results to the user.
6. View analysis: The Struts2 framework will parse the corresponding view according to the returned result string and display the result to the user. Views can be JSP pages, FreeMarker templates, etc.
The principle of the Struts2 framework is based on the interceptor mechanism, which completely separates the business logic controller from the Servlet API, improving the reusability and maintainability of the code. At the same time, by using the reflection mechanism, the Struts2 framework can flexibly create and manage Action objects to implement request and response processing.
As a classic MVC framework, the Struts2 framework has many advantages and disadvantages. The following is a detailed introduction to the advantages and disadvantages of the Struts2 framework:
Advantages of the Struts2 framework:
1. Rich tag library: provided by Struts2 There are a large number of tag libraries, which can greatly improve development efficiency and simplify the code of the view layer.
2. Interceptor mechanism: Struts2 uses the interceptor mechanism to implement the pre-processing and post-processing functions of requests. This mechanism completely separates the business logic controller from the Servlet API and improves the code's readability. Reusability and maintainability.
3. Type conversion and input verification: Struts2 provides built-in type conversion and input verification functions, which can easily verify and process user input.
4. Internationalization support: Struts2 supports internationalization and can be switched according to different language environments, improving the localization capabilities of applications.
5. Plug-in support: Struts2 provides rich plug-in support, which can easily extend the functions of the framework.
6. Easy to configure and deploy: The Struts2 framework has a clear structure, simple configuration, and can be easily deployed and maintained.
The shortcomings of the Struts2 framework:
1. Interceptor dependency order: The interceptor dependency order of Struts2 is fixed, which may lead to certain In some cases the execution order of interceptors is incorrect.
2. Performance issues: Since Struts2 uses a large number of reflection mechanisms, it may cause performance issues, especially when processing a large number of requests.
3. Steep learning curve: The Struts2 framework is powerful, but the learning curve is relatively steep, and it may take some time for beginners to become familiar with it.
4. Community activity: Although Struts2 is a classic MVC framework, with the emergence of other emerging frameworks, the community activity of Struts2 has declined.
To sum up, the Struts2 framework has rich functions and powerful scalability, but it also has some shortcomings. In actual development, the appropriate framework needs to be selected based on project requirements and team technology stack.
The above is the detailed content of What is the principle of Struts2 framework. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1378
52
How to view Struts2 historical vulnerabilities from a protection perspective
May 13, 2023 pm 05:49 PM
1. Introduction The Struts2 vulnerability is a classic series of vulnerabilities. The root cause is that Struts2 introduces OGNL expressions to make the framework flexible and dynamic. With the patching of the overall framework improved, it will now be much more difficult to discover new Struts2 vulnerabilities than before. Judging from the actual situation, most users have already repaired historical high-risk vulnerabilities. Currently, when doing penetration testing, Struts2 vulnerabilities are mainly left to chance, or it will be more effective to attack unpatched systems after being exposed to the intranet. Online analysis articles mainly analyze these Struts2 vulnerabilities from the perspective of attack and exploitation. As the new H3C offense and defense team, part of our job is to maintain the rule base of ips products. Today we will review this system.
What is the principle of Struts2 framework
Jan 04, 2024 pm 01:55 PM
The principle of the Struts2 framework: 1. The interceptor parses the request path; 2. Finds the complete class name of the Action; 3. Creates the Action object; 4. Execute the Action method; 5. Returns the result; 6. View parsing. Its principle is based on the interceptor mechanism, which completely separates the business logic controller from the Servlet API, improving the reusability and maintainability of the code. By using the reflection mechanism, the Struts2 framework can flexibly create and manage Action objects to process requests and responses.
Struts2 vulnerability S2-001 example analysis
May 15, 2023 pm 03:58 PM
Vulhub vulnerability series: struts2 vulnerability S2-0011. Vulnerability description: struts2 vulnerability S2-001 is when the user submits form data and verification fails, the server uses OGNL expression to parse the parameter value previously submitted by the user, %{value} and refills the corresponding form data. For example, in a registration or login page. If the submission fails, the server will usually default to returning the previously submitted data. Since the server uses %{value} to perform OGNL expression parsing on the submitted data, the server can directly send the payload to execute the command. 2. Vulhub vulnerability exploitation: Using vulhub to reproduce vulnerabilities can save the environment construction process, which is very convenient. vu
How does the Struts2 S2-059 remote code execution vulnerability reproduce?
May 23, 2023 pm 10:37 PM
0x00 Introduction Struts2 is a very powerful JavaWeb open source framework launched by the Apache software organization, which is essentially equivalent to a servlet. Struts2 is based on MVC architecture and has a clear framework structure. It is usually used as a controller to establish data interaction between models and views, and is used to create enterprise-level Java web applications. It utilizes and extends the JavaServletAPI and encourages developers to adopt the MVC architecture. Struts2 takes the excellent design ideas of WebWork as the core, absorbs some advantages of the Struts framework, and provides a neater Web application framework implemented in the MVC design pattern. 0x01 vulnerability
Struts2-057 two versions of RCE vulnerability example analysis
May 15, 2023 pm 06:46 PM
Foreword On August 22, 2018, Apache Strust2 released the latest security bulletin. Apache Struts2 has a high-risk remote code execution vulnerability (S2-057/CVE-2018-11776). The vulnerability was discovered by ManYueMo, a security researcher from the SemmleSecurityResearch team. This vulnerability is due to the fact that when using the namespace function to define XML configuration in the Struts2 development framework, the namespace value is not set and is not set in the upper-layer action configuration (ActionConfiguration) or a wildcard namespace is used, which may lead to remote code execution. In the same way, u
How to reproduce the Apache Struts2--048 remote code execution vulnerability
May 12, 2023 pm 07:43 PM
0x00 Introduction The Struts2 framework is an open source web application architecture for developing JavaEE web applications. It utilizes and extends JavaServletAPI and encourages developers to adopt MVC architecture. Struts2 takes the excellent design ideas of WebWork as the core, absorbs some advantages of the Struts framework, and provides a neater Web application framework implemented in the MVC design pattern. Overview of the 0x01 vulnerability. The ApacheStruts22.3.x series has the struts2-struts1-plugin plug-in enabled and the struts2-showcase directory exists. The cause of the vulnerability is when ActionMe
Example analysis of Struts2 framework site risks
May 30, 2023 pm 12:32 PM
1. Overview Struts is an open source project sponsored by the Apache Software Foundation (ASF). It started as a sub-project within the Jakarta project and later became a top-level project of ASF. By using JavaServlet/JSP technology, it implements the application framework [WebFramework] based on the Model-View-Controller [MVC] design pattern of JavaEE Web applications. It is a classic product in the MVC classic design pattern. In the early days of the development of JavaEE web applications, in addition to using Servlet technology, HTM was generally used in the source code of JavaServerPages (JSP).
CNNVD report example analysis on Apache Struts2 S2-057 security vulnerability
May 11, 2023 pm 08:04 PM
Currently, Apache has officially released a version update to fix the vulnerability. It is recommended that users confirm the Apache Struts product version in time. If affected, please take timely patching measures. 1. Vulnerability introduction ApacheStruts2 is a sub-project of the Jakarta project under the American Apache Software Foundation. It is a Web application framework based on MVC design. On August 22, 2018, Apache officially released the Apache Struts2S2-057 security vulnerability (CNNVD-201808-740, CVE-2018-11776). When enabling the pan-namespace function in the struts2 development framework
