β

SpringMVC拦截器(实现登录验证拦截器)

lenglingx的个人页面 129 阅读

本例实现登陆时的验证拦截,采用SpringMVC拦截器来实现

核心代码

首先是index.jsp,显示链接

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="https://my.oschina.net/lenglingx/blog/<%=basePath%>">
    
    <title>首页</title>
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="expires" content="0">    
    <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
    <meta http-equiv="description" content="This is my page">
    <!--
    <link rel="stylesheet" type="text/css" href="https://my.oschina.net/lenglingx/blog/styles.css">
    -->
  </head>
  
  <body>
     <div style="margin:0 auto;padding-top:100px;font-size:18px;" align="center">
         <p><a href="https://my.oschina.net/lenglingx/blog/loginpage.html">登陆</a></p>
         <p><a href="https://my.oschina.net/lenglingx/blog/user/home.html">用户中心</a></p>
         <p><a href="https://my.oschina.net/lenglingx/blog/exception.html">触发异常</a></p>
     </div>
  </body>
</html>

controller类

package com.jikexueyuan.demo.springmvc.lesson4.controller;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

import com.jikexueyuan.demo.springmvc.lesson4.constant.Global;
import com.jikexueyuan.demo.springmvc.lesson4.exception.MyException;
import com.jikexueyuan.demo.springmvc.lesson4.model.User;
import com.jikexueyuan.demo.springmvc.lesson4.service.LoginService;

/**
 * 这个例子讲解了如何定义MVC三层注解,使用@Resource进行注入,以及使用@RequestMapping、@RequestParam 、@SessionAttributes
 */

@Controller
public class LoginController extends BaseController {

    @Resource
    LoginService service;
    
    @Resource
    HttpServletRequest request;
    
    @RequestMapping("/exception")
    public void exception() throws MyException{
        throw new MyException("测试springmvc中的异常捕获");
    }
    
    @RequestMapping("/loginpage")
    public String toLoginPage(){
        return "/WEB-INF/jsp/login.jsp";
    }
    
    @RequestMapping("/user/home")
    public String toUserHome(){
        return "/WEB-INF/jsp/userhome.jsp";
    }
    
    @RequestMapping("/logout")
    public String logout(){
        request.getSession().removeAttribute(Global.USER_SESSION_KEY);
        return "redirect:/";
    }
    
    @RequestMapping(value = "/doLogin", method = RequestMethod.POST)
    public String doLogin(@RequestParam String userName, @RequestParam String password){
        
        try {
            User user = service.doLogin(userName, password);
            request.getSession().setAttribute(Global.USER_SESSION_KEY, user);
            return "redirect:/user/home.html";
        } catch (Exception e) {
            return "/WEB-INF/jsp/login.jsp";
        }
        
    }
    
}

当点击用户中心时,触发拦截,相关配置如下

在spring-mvc.xml中加上拦截配置,拦截所有URL中包含/user/的请求,当然请求用户中心时就会触发这个拦截器了

<mvc:interceptors>
        <mvc:interceptor>
            <!-- 拦截所有URL中包含/user/的请求 -->
            <mvc:mapping path="/user/**"/>
            <bean class="com.jikexueyuan.demo.springmvc.lesson4.interceptor.LoginInterceptor"></bean>
        </mvc:interceptor>
    </mvc:interceptors>

然后是bean指向的具体的interceptor类,如果session保存的用户信息为null,则跳到login页面,postHandle和afterCompletion方法都不执行,反之都执行

package com.jikexueyuan.demo.springmvc.lesson4.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.jikexueyuan.demo.springmvc.lesson4.constant.Global;

public class LoginInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        Object user = request.getSession().getAttribute(Global.USER_SESSION_KEY);
        if (user == null) {
            System.out.println("尚未登录,调到登录页面");
            response.sendRedirect("/loginpage.html");
            return false;
        }
        
        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        System.out.println("postHandle");
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        System.out.println("afterCompletion");
    }

}

至此,简单的springmvc拦截器就完成了。

作者:lenglingx的个人页面
独钓渔的博客
原文地址:SpringMVC拦截器(实现登录验证拦截器), 感谢原作者分享。