版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/linzhaoliangyan/article/details/88813335
* Spring Web MVC 的处理器拦截器类似于Servlet 开发中的过滤器Filter,用于对处理器进行预处理和后处理。
* 拦截器就是拦截所有的URL请求。如果符合条件就放行,如果不符合,拒绝访问。
* 开发一个拦截器
public class MHandlerInterceptor1 implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("MHandlerInterceptor1:preHandle");
// 返回值:返回false,不执行handler,返回true执行handler
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("MHandlerInterceptor1:postHandle");
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("MHandlerInterceptor1:afterCompletion");
}
}
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.hx.ssm.interceptor.MHandlerInterceptor1"></bean>
</mvc:interceptor>
</mvc:interceptors>
* 再开发一个拦截器
public class MHandlerInterceptor2 implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("MHandlerInterceptor2:preHandle");
// 返回值:返回false,不执行handler,返回true执行handler
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
System.out.println("MHandlerInterceptor2:postHandle");
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("MHandlerInterceptor2:afterCompletion");
}
}
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.hx.ssm.interceptor.MHandlerInterceptor2"></bean>
</mvc:interceptor>
* 两个返回值都为true的情况
* 第一个拦截器返回值为true,第二拦截器返回值为false
* 第一个拦截器返回值为false,第二拦截器返回值为true
业务需求
* 认证用户的身份,如果认证成功,就放行访问,如果不成功,跳转到的登录页面
开发思路:
1.登录的页面 (url:login) 不需要拦截
2.用户输入用户名和密码,提交表单验证 (url:main) 不需要
3.其他的任何的url都应该由拦截器拦截。
拦截器中的逻辑:(preHandle) 方法中做验证
//获取URL 判断下:如果 是login 或者main 就放行。
//如果不是登录的URL,
判断:session是否有用户信息,
如果有,已经登录,验证通过。
如果没有,重定向到登录的页面
public class LoginHandlerInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println("启动登录拦截器...");
Object loginStatus=request.getSession().getAttribute("loginStatus");
//如果不是登录的URL,
//判断:session是否有用户信息,
//如果有,已经登录,验证通过。
//如果没有重定向到登录的页面
if(loginStatus!=null){
return true;
}else {
response.sendRedirect(request.getContextPath()+"/login");
return false;
}
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
@RequestMapping(value = "/main",method = RequestMethod.POST)
public String login(User user, HttpSession httpSession) throws HxException {
System.out.println(user);
LoginOutDataVo loginOutDataVo = mLoginService.login(user);
if(loginOutDataVo.isLoginStatus()){
httpSession.setAttribute("loginStatus",true);
return "main";
}
return "loginfail";
}
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="/login"></mvc:exclude-mapping>
<mvc:exclude-mapping path="/main"></mvc:exclude-mapping>
<bean class="com.hx.ssm.interceptor.LoginHandlerInterceptor"></bean>
</mvc:interceptor>
* 访问http://localhost:8080/ssm/statistics/ui
* 跳转到登录页面