您好,登錄后才能下訂單哦!
這期內(nèi)容當(dāng)中小編將會給大家?guī)碛嘘P(guān)利用springmvc中的攔截器如何實現(xiàn)一個登錄驗證功能,文章內(nèi)容豐富且以專業(yè)的角度為大家分析和敘述,閱讀完這篇文章希望大家可以有所收獲。
在spring-mvc.xml中配置攔截器:
<mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/user/*"/> <!-- 定義在mvc:interceptor下面的表示是對特定的請求才進(jìn)行攔截的 --> <bean class="com.wyb.interceptor.LoginInterceptor"/> </mvc:interceptor> </mvc:interceptors>
如上所示,這里配置了LoginIntercepter,為了簡單起見,該過濾器只攔截了URL為"/user/*"的請求。
要攔截的請求對應(yīng)控制器如下:
import java.util.ArrayList; import java.util.List; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import com.wyb.domain.User; import com.wyb.service.IUserService; import com.wyb.service.impl.UserServiceImpl; @Controller @RequestMapping("/user") public class UserController { private static final Logger LOG=Logger.getLogger(UserController.class); @Autowired private IUserService userService; @RequestMapping("/showAllUser") public String showAllUser(Model m){ List<User> userlist=new ArrayList<User>(); userlist=userService.findAllUser(); for(User user :userlist){ System.out.println(user.getUserName()); } return "/jsp/showAllUser"; } }
這里的showAllUser()方法是為了輸出所有的用戶,為了表明執(zhí)行了方法,將所有用戶在后臺打印,URL為:http://localhost:8080/TestSSM/user/showAllUser,可見該URL肯定會被LoginIntercepter攔截。
測試頁面showAllUser.jsp如下:
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>show All User</title> </head> <body> this is showAllUser Page!!! </body> </html>
LoginIntercepter如下:
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import com.wyb.domain.User; public class LoginInterceptor implements HandlerInterceptor{ @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { System.out.println("this is afterCompletion of LoginInterceptor"); } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception { System.out.println("this is postHandle of LoginInterceptor"); } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { // TODO Auto-generated method stub System.out.println("this is preHandle of LoginInterceptor"); HttpSession session=request.getSession(); User user=(User)session.getAttribute("user"); if(user==null){ System.out.println("no user in LoginInterceptor!!!"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); } //返回true代表繼續(xù)往下執(zhí)行 return true; } }
這里我犯了一個錯誤,聰明的小伙伴也許已經(jīng)看出來了,如果按照上面的代碼,當(dāng)我們訪問:http://localhost:8080/TestSSM/user/showAllUser結(jié)果如下:
咋一看,成功攔截了,輸入用戶名信息,正常跳轉(zhuǎn)到主頁,再次進(jìn)入http://localhost:8080/TestSSM/user/showAllUser如下:
頁面正常輸出,已經(jīng)記錄了session,不會被再次攔截,看似成功了,可是看看后臺輸出:
有沒有發(fā)現(xiàn),我們執(zhí)行了兩次showAllUser()方法,可見第一次訪問雖然被攔截器攔截了下來進(jìn)入登錄頁面,但后臺已經(jīng)悄悄執(zhí)行了showAllUser()。為什么呢?我們回頭再看看LoginIntercepter.java,尤其是preHandle()方法:
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { // TODO Auto-generated method stub System.out.println("this is preHandle of LoginInterceptor"); HttpSession session=request.getSession(); User user=(User)session.getAttribute("user"); if(user==null){ System.out.println("no user in LoginInterceptor!!!"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); } //返回true代表繼續(xù)往下執(zhí)行 return true; }
在判斷user為空后,雖然執(zhí)行了頁面跳轉(zhuǎn),但是程序還是會繼續(xù)執(zhí)行,最后返回true,返回true意味著,被攔截的業(yè)務(wù)邏輯可以繼續(xù)往下執(zhí)行,因此,雖然表面上被攔截了,但從本質(zhì)上來說并沒有攔截到。因此需要修改如下:
@Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { // TODO Auto-generated method stub System.out.println("this is preHandle of LoginInterceptor"); HttpSession session=request.getSession(); User user=(User)session.getAttribute("user"); if(user==null){ System.out.println("no user in LoginInterceptor!!!"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); //本次訪問被攔截,業(yè)務(wù)邏輯不繼續(xù)執(zhí)行 return false; } //返回true代表繼續(xù)往下執(zhí)行 return true; }
user為空,跳轉(zhuǎn)后,返回false,就不會執(zhí)行被攔截的業(yè)務(wù)邏輯了,修改后后臺輸出如下:
現(xiàn)在后臺正常輸出,且session保存了user信息后,才能執(zhí)行showAllUser()方法,大功告成!
上述就是小編為大家分享的利用springmvc中的攔截器如何實現(xiàn)一個登錄驗證功能了,如果剛好有類似的疑惑,不妨參照上述分析進(jìn)行理解。如果想知道更多相關(guān)知識,歡迎關(guān)注億速云行業(yè)資訊頻道。
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。