添加登录拦截器:LoginInterceptor
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; public class LoginInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { Object user = request.getSession().getAttribute("LOGIN_USER"); if (user == null) { response.sendRedirect("/login.jsp"); System.out.println("尚未登录,跳到登录页面"); return false; } return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { System.out.println("postHandle"); } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { System.out.println("afterCompletion"); } }
spring-mvc.xml 配置文件:
<mvc:interceptors> <mvc:interceptor> <!-- 拦截所有请求 --> <mvc:mapping path="/**"/>
<!-- 排除拦截的请求 -->
<mvc:exclude-mapping path="/user/login.do"/>
<bean class="com.dowave.interceptor.LoginInterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
当 mvc:exclude-mapping 报错时,将 http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd 改成 3.2。
到此,就完成拦截器了。如果JSP代码没放在 WEB-INF 目录下还需要增加对 jsp 文件的拦截,如下:
增加登录过滤器 LoginFilter:
import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class LoginFilter implements Filter { public void destroy() { } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String currentURL = request.getRequestURI(); String ctxPath = request.getContextPath(); // 除掉项目名称时访问页面当前路径 String targetURL = currentURL.substring(ctxPath.length()); HttpSession session = request.getSession(false); // 对当前页面进行判断,如果当前页面不为登录页面 if (!("/login.jsp".equals(targetURL))) {// 在不为登陆页面时,再进行判断,如果不是登陆页面也没有session则跳转到登录页面, if (session == null || session.getAttribute("LOGIN_USER") == null) { response.sendRedirect("/login.jsp"); return; } else { // 这里表示正确,会去寻找下一个链,如果不存在,则进行正常的页面跳转 filterChain.doFilter(request, response); return; } } else { // 这里表示如果当前页面是登陆页面,跳转到登陆页面 filterChain.doFilter(request, response); return; } } public void init(FilterConfig filterConfig) throws ServletException { } }
在 web.xml 增加:
<!-- jsp拦截 --> <filter> <filter-name>LoginFilter</filter-name> <filter-class>com.dowave.interceptor.LoginFilter</filter-class> </filter> <filter-mapping> <filter-name>LoginFilter</filter-name> <!-- 这里表示对所有的以jsp后缀的文件有效,其它的无效 --> <url-pattern>*.jsp</url-pattern> </filter-mapping>
O了,本文到此结束,喜欢收藏哦