目录为了实现用户登录拦截你是否写过如下代码呢?1. 基于Filter2. 基于Struts3. 基于SpringMVC如何使用自定义注解完成自定义拦截呢?登录注解SpringMVC 拦截器设置最终 controller 写法1. 不需要登录权限的2. 整个 controller 内都需要登录权限3. controller 某个方法需要登录权限
为了实现用户登录拦截你是否写过如下代码呢?
1. 基于Filter
import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpSession;public class AuthenticationFilter implements Filter {private FilterConfig filterConfig;private String onErrorUrl;public void init(FilterConfig filterConfig) throws ServletException {// 从 filterConfig 中的得到错误页this.filterConfig = filterConfig;this.onErrorUrl = filterConfig.getInitParameter("onError");if(this.onErrorUrl == null || "".equals(this.onErrorUrl))this.onErrorUrl = "onError";}public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {HttpServletRequest httpRequest = (HttpServletRequest)request;session = httpRequest.getSession();if(null == session.getAttribute("_LOGIN_USER_") && !"/login".equals(httpRequest.getServletPath())) {httpRequest.getRequestDispatcher("/"+this.onErrorUrl).forward(request, response);}else{chain.doFilter(request, response);}}public void destroy() {}}
2. 基于Struts
import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.apache.struts2.ServletActionContext;import com.opensymphony.xwork2.ActionInvocation;import com.opensymphony.xwork2.interceptor.AbstractInterceptor;@SuppressWarnings("serial")public class LoginInterceptor extends AbstractInterceptor {@Overridepublic String intercept(ActionInvocation invocation) throws Exception {String currentUser="currentUser";HttpServletRequest request=ServletActionContext.getRequest();HttpServletResponse response=ServletActionContext.getResponse();HttpSession session=request.getSession(); if(request.getRequestURI().endsWith("login.action")){ return invocation.invoke(); } else { if(session.getAttribute(currentUser)!=null){return invocation.invoke(); }else{ response.sendRedirect(request.getContextPath()+"/login.jsp"); } } return null;}}
3. 基于SpringMVC
import javax.servlet.RequestDispatcher;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.springframework.web.servlet.HandlerInterceptor;import org.springframework.web.servlet.ModelAndView;import cn.edu.hdc.util.Constants;/** * @ClassName: LoginInterceptor * @Description: 登录拦截器 * @author loweir hbloweir@163.com * @date 2016年4月27日 上午8:06:11 */public class LoginInterceptor implements HandlerInterceptor {/** * 在目标方法前被调用,返回 true 继续 */@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception {try {String url = request.getRequestURI();// 如果不是登录操作 判断 sessionif (!url.endsWith("login")) {if (request.getSession().getAttribute(Constants.CURRENT_USER) == null) { response.sendRedirect(request.getContextPath() + "/login.jsp");return false;}}} return true;} catch (Exception e) {e.printStackTrace();return false;}}@Overridepublic void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)throws Exception {}@Overridepublic void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)throws Exception {}}
如何使用自定义注解完成自定义拦截呢?
登录注解
import java.lang.annotation.ElementType;import java.lang.annotation.Retention;import java.lang.annotation.RetentionPolicy;import java.lang.annotation.Target;/** * Created by loweir on 2017/5/14 17:19 * <p> * author: 张瑀楠 * email: hbloweir@163.com * 负责登录拦截 */@Retention(RetentionPolicy.RUNTIME)@Target({ElementType.TYPE,ElementType.METHOD})public @interface WebLoginRequired { String value() default ""; // 未登录时需要跳转的路径}
SpringMVC 拦截器设置
import com.ainsoft.globalshoperp.component.constant.WebLogin;import org.apache.commons.lang3.StringUtils;import org.apache.commons.logging.Log;import org.apache.commons.logging.LogFactory;import org.springframework.web.method.HandlerMethod;import org.springframework.web.servlet.HandlerInterceptor;import org.springframework.web.servlet.ModelAndView;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;/** * Created by loweir on 2017/5/14 17:14 * <p> * author: 张瑀楠 * email: hbloweir@163.com */public class LoginInterceptor implements HandlerInterceptor { private static Log logger = LogFactory.getLog(LoginInterceptor.class); public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object handler) throws Exception { if (logger.isDebugEnabled()) { logger.debug("拦截器启动"); } /* * 判断是否为 HandlerMethod.class * 如果不是说明当前请求并不是 SpringMVC 管理, * 如果不是再自行根据业务做响应操作,这里直接返回 true */ if (HandlerMethod.class.isInstance(handler)) { HandlerMethod handlerMethod = (HandlerMethod) handler; // 判断该 handler 是否有WebLoginRequired注解 WebLoginRequired webLoginRequired = handlerMethod.getMethod().getDeclaredAnnotation(WebLoginRequired.class);// 如果该 handler 没有WebLoginRequired注解,判断所属Controller 是否包含注解 if (null == webLoginRequired) { webLoginRequired = handlerMethod.getBeanType().getAnnotation(WebLoginRequired.class); }// 如果需要 WebLoginRequired 判断 session if (null != webLoginRequired) { if (httpServletRequest.getSession().getAttribute(WebLogin.CURRENTUSER) == null) { String executeURL = webLoginRequired.value(); if (StringUtils.isBlank(executeURL)) { executeURL = WebLogin.LOGIN; } httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + executeURL); return false; } } } return true; } public void postHandle(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { if (logger.isDebugEnabled()) { logger.debug("postHandler"); } } public void afterCompletion(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { if (logger.isDebugEnabled()) { logger.debug("afterCompletion"); } }}
最终 controller 写法
1. 不需要登录权限的
类和方法都不需要注解
@Controller@RequestMapping("auth")public class AuthController { @RequestMapping("login") public String login() { return "login"; }}
2. 整个 controller 内都需要登录权限
在类上添加注解即可
@Controller@WebLoginRequired@RequestMapping("order")public class OrderController { @RequestMapping("index") public String index() { return "index"; }}
3. controller 某个方法需要登录权限
只在需要登录权限的方法上添加注解在注解上可以指定需要重定向的链接如果不指定则默认到 login
@Controller@RequestMapping("order")public class OrderController { @RequestMapping("index") public String index() { return "index"; }// 需要登录@WebLoginRequired@RequestMapping("add") public String index() { return "index"; }// 需要登录,如果未登录跳到 error@WebLoginRequired("error")@RequestMapping("delete") public String index() { return "index"; }}
以上就是SpringMVC 如何使用注解完成登录拦截的详细内容,更多关于SpringMVC 使用注解完成登录拦截的资料请关注其它相关文章!
终究还是会从指缝中一滴一滴流淌干净。
