为了实现用户登录拦截你是否写过如下代码呢?
1. 基于Filter
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
public class AuthenticationFilter implements Filter {
private FilterConfig filterConfig;
private String onErrorUrl;
public void init(FilterConfig filterConfig) throws ServletException {
// 从 filterConfig 中的得到错误页
this .filterConfig = filterConfig;
this .onErrorUrl = filterConfig.getInitParameter( "onError" );
if ( this .onErrorUrl == null || "" .equals( this .onErrorUrl))
this .onErrorUrl = "onError" ;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest)request;
session = httpRequest.getSession();
if ( null == session.getAttribute( "_LOGIN_USER_" ) && ! "/login" .equals(httpRequest.getServletPath())) {
httpRequest.getRequestDispatcher( "/" + this .onErrorUrl).forward(request, response);
} else {
chain.doFilter(request, response);
}
}
public void destroy() {
}
}
|
2. 基于Struts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
@SuppressWarnings ( "serial" )
public class LoginInterceptor extends AbstractInterceptor {
@Override
public String intercept(ActionInvocation invocation) throws Exception {
String currentUser= "currentUser" ;
HttpServletRequest request=ServletActionContext.getRequest();
HttpServletResponse response=ServletActionContext.getResponse();
HttpSession session=request.getSession();
if (request.getRequestURI().endsWith( "login.action" )){
return invocation.invoke();
} else {
if (session.getAttribute(currentUser)!= null ){
return invocation.invoke();
} else {
response.sendRedirect(request.getContextPath()+ "/login.jsp" );
}
}
return null ;
}
}
|
3. 基于SpringMVC
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import cn.edu.hdc.util.Constants;
/**
* @ClassName: LoginInterceptor
* @Description: 登录拦截器
* @author loweir hbloweir@163.com
* @date 2016年4月27日 上午8:06:11
*/
public class LoginInterceptor implements HandlerInterceptor {
/**
* 在目标方法前被调用,返回 true 继续
*/
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception {
try {
String url = request.getRequestURI();
// 如果不是登录操作 判断 session
if (!url.endsWith( "login" )) {
if (request.getSession().getAttribute(Constants.CURRENT_USER) == null ) {
response.sendRedirect(request.getContextPath() + "/login.jsp" );
return false ;
}
} }
return true ;
} catch (Exception e) {
e.printStackTrace();
return false ;
}
}
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
}
}
|
如何使用自定义注解完成自定义拦截呢?
登录注解
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* Created by loweir on 2017/5/14 17:19
* <p>
* author: 张瑀楠
* email: hbloweir@163.com
* 负责登录拦截
*/
@Retention (RetentionPolicy.RUNTIME)
@Target ({ElementType.TYPE,ElementType.METHOD})
public @interface WebLoginRequired {
String value() default "" ; // 未登录时需要跳转的路径
}
|
SpringMVC 拦截器设置
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
import com.ainsoft.globalshoperp.component.constant.WebLogin;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Created by loweir on 2017/5/14 17:14
* <p>
* author: 张瑀楠
* email: hbloweir@163.com
*/
public class LoginInterceptor implements HandlerInterceptor {
private static Log logger = LogFactory.getLog(LoginInterceptor. class );
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object handler) throws Exception {
if (logger.isDebugEnabled()) {
logger.debug( "拦截器启动" );
}
/*
* 判断是否为 HandlerMethod.class
* 如果不是说明当前请求并不是 SpringMVC 管理,
* 如果不是再自行根据业务做响应操作,这里直接返回 true
*/
if (HandlerMethod. class .isInstance(handler)) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
// 判断该 handler 是否有WebLoginRequired注解
WebLoginRequired webLoginRequired = handlerMethod.getMethod().getDeclaredAnnotation(WebLoginRequired. class );
// 如果该 handler 没有WebLoginRequired注解,判断所属Controller 是否包含注解
if ( null == webLoginRequired) {
webLoginRequired = handlerMethod.getBeanType().getAnnotation(WebLoginRequired. class );
}
// 如果需要 WebLoginRequired 判断 session
if ( null != webLoginRequired) {
if (httpServletRequest.getSession().getAttribute(WebLogin.CURRENTUSER) == null ) {
String executeURL = webLoginRequired.value();
if (StringUtils.isBlank(executeURL)) {
executeURL = WebLogin.LOGIN;
}
httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + executeURL);
return false ;
}
}
}
return true ;
}
public void postHandle(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
if (logger.isDebugEnabled()) {
logger.debug( "postHandler" );
}
}
public void afterCompletion(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
if (logger.isDebugEnabled()) {
logger.debug( "afterCompletion" );
}
}
}
|
最终 controller 写法
1. 不需要登录权限的
类和方法都不需要注解
1
2
3
4
5
6
7
8
9
|
@Controller
@RequestMapping ( "auth" )
public class AuthController {
@RequestMapping ( "login" )
public String login() {
return "login" ;
}
}
|
2. 整个 controller 内都需要登录权限
在类上添加注解即可
1
2
3
4
5
6
7
8
9
10
|
@Controller
@WebLoginRequired
@RequestMapping ( "order" )
public class OrderController {
@RequestMapping ( "index" )
public String index() {
return "index" ;
}
}
|
3. controller 某个方法需要登录权限
只在需要登录权限的方法上添加注解
在注解上可以指定需要重定向的链接
如果不指定则默认到 login
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
@Controller
@RequestMapping ( "order" )
public class OrderController {
@RequestMapping ( "index" )
public String index() {
return "index" ;
}
// 需要登录
@WebLoginRequired
@RequestMapping ( "add" )
public String index() {
return "index" ;
}
// 需要登录,如果未登录跳到 error
@WebLoginRequired ( "error" )
@RequestMapping ( "delete" )
public String index() {
return "index" ;
}
}
|
以上就是SpringMVC 如何使用注解完成登录拦截的详细内容,更多关于SpringMVC 使用注解完成登录拦截的资料请关注服务器之家其它相关文章!
原文链接:https://www.cnblogs.com/zyndev/p/7613006.html