SpringMVC拦截器——实现登录验证拦截器的示例代码_Java教程

本例实现登陆时的验证拦截，采用SpringMVC 拦截器来实现

当用户点击到网站主页时要进行拦截，用户登录了才能进入网站主页，否则进入登陆页面

核心代码

首先是index.jsp,显示链接

									<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

									<%

									String path = request.getContextPath();

									String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

									%>

									<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

									<html>

									 <head>

									  <base href="<%=basePath%>" rel="external nofollow" >

									  <title>首页</title>

									  <meta http-equiv="pragma" content="no-cache">

									  <meta http-equiv="cache-control" content="no-cache">

									  <meta http-equiv="expires" content="0">  

									  <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">

									  <meta http-equiv="description" content="This is my page">

									  <!--

									  <link rel="stylesheet" type="text/css" href="styles.css" rel="external nofollow" >

									  -->

									 </head>

									 <body>

									   <div style="margin:0 auto;padding-top:100px;font-size:18px;" align="center">

									     <p><a href="loginpage.html" rel="external nofollow" >登陆</a></p>

									     <p><a href="user/home.html" rel="external nofollow" >用户中心</a></p>

									     <p><a href="exception.html" rel="external nofollow" >触发异常</a></p>

									   </div>

									 </body>

									</html>

controller类

									package com.jikexueyuan.demo.springmvc.lesson4.controller;

									import javax.annotation.Resource;

									import javax.servlet.http.HttpServletRequest;

									import org.springframework.stereotype.Controller;

									import org.springframework.web.bind.annotation.RequestMapping;

									import org.springframework.web.bind.annotation.RequestMethod;

									import org.springframework.web.bind.annotation.RequestParam;

									import com.jikexueyuan.demo.springmvc.lesson4.constant.Global;

									import com.jikexueyuan.demo.springmvc.lesson4.exception.MyException;

									import com.jikexueyuan.demo.springmvc.lesson4.model.User;

									import com.jikexueyuan.demo.springmvc.lesson4.service.LoginService;

									/**

									 * 这个例子讲解了如何定义MVC三层注解，使用@Resource进行注入，以及使用@RequestMapping、@RequestParam 、@SessionAttributes

									 */

									@Controller

									public class LoginController extends BaseController {

									  @Resource

									  LoginService service;

									  @Resource

									  HttpServletRequest request;

									  @RequestMapping("/exception")

									  public void exception() throws MyException{

									    throw new MyException("测试springmvc中的异常捕获");

									  }

									  @RequestMapping("/loginpage")

									  public String toLoginPage(){

									    return "/WEB-INF/jsp/login.jsp";

									  }

									  @RequestMapping("/user/home")

									  public String toUserHome(){

									    return "/WEB-INF/jsp/userhome.jsp";

									  }

									  @RequestMapping("/logout")

									  public String logout(){

									    request.getSession().removeAttribute(Global.USER_SESSION_KEY);

									    return "redirect:/";

									  }

									  @RequestMapping(value = "/doLogin", method = RequestMethod.POST)

									  public String doLogin(@RequestParam String userName, @RequestParam String password){

									    try {

									      User user = service.doLogin(userName, password);

									      request.getSession().setAttribute(Global.USER_SESSION_KEY, user);

									      return "redirect:/user/home.html";

									    } catch (Exception e) {

									      return "/WEB-INF/jsp/login.jsp";

									    }

									  }

									}

当点击用户中心时，触发拦截，相关配置如下

在spring-mvc.xml中加上拦截配置，拦截所有URL中包含/user/的请求，当然请求用户中心时就会触发这个拦截器了

									<mvc:interceptors>

									    <mvc:interceptor>

									      <!-- 拦截所有URL中包含/user/的请求 -->

									      <mvc:mapping path="/user/**"/>

									      <bean class="com.jikexueyuan.demo.springmvc.lesson4.interceptor.LoginInterceptor"></bean>

									    </mvc:interceptor>

									  </mvc:interceptors>

然后是bean指向的具体的interceptor类，如果session保存的用户信息为null，则跳到login页面，postHandle和afterCompletion方法都不执行，反之都执行。

									package com.jikexueyuan.demo.springmvc.lesson4.interceptor;

									import javax.servlet.http.HttpServletRequest;

									import javax.servlet.http.HttpServletResponse;

									import org.springframework.web.servlet.HandlerInterceptor;

									import org.springframework.web.servlet.ModelAndView;

									import com.jikexueyuan.demo.springmvc.lesson4.constant.Global;

									public class LoginInterceptor implements HandlerInterceptor {

									  @Override

									  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

									    Object user = request.getSession().getAttribute(Global.USER_SESSION_KEY);

									    if (user == null) {

									      System.out.println("尚未登录，调到登录页面");

									      response.sendRedirect("/loginpage.html");

									      return false;

									    }

									    return true;

									  }

									  @Override

									  public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

									    System.out.println("postHandle");

									  }

									  @Override

									  public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

									    System.out.println("afterCompletion");

									  }

									}