Springmvc实现用户登录拦截器(学习)
Spring MVC 中的拦截器( Interceptor )类似于 Servlet 中的过滤器( Filter) ,它主要用于 拦截用户请求并做相应的处理。 例如通过拦截器可以进行权限验证、记录请求信息的日志、判断 用户是否登录等。
拦截嚣的定义
要使用 Spring MVC 中的拦截器,就需要对拦截器类进行定义和配置。 通常拦截器类可以通 过两种方式来定义。 一种是通过实现 Handlerlnterceptor 接口,或继承 Handlerlnterceptor 接口 的实现类(如 HandlerlnterceptorAdapter )来定义;另一种是通过实现 WebRequestlnterceptor 接口,或继承 WebRequestlnterceptor 接口的实现类来定义。 以实现 Handlerlnterceptor 接口的定义方式为例,自定义拦截器类的代码如下所示。
public class Customlnterceptor implements Bandlerlnterceptor{
Override
public boolean preBandle(HttpServletRequest request,
HttpServletResponse response , Object handler)throws Exception {
}
return false;
@Override
public void postBandle(HttpServletRequest request,
HttpServletResponse response , Object handler,
ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request,
HttpServletResponse response , Object handler,
Exception ex) throws Exception {
}
}
从上述代码可以看出,自定义的拦截器类实现了 Handlerlnterceptor 接口,并实现了接口中的三个方法 关于这三个方法的具体描述如下
• preHandlerO方法:该方法会在控制器方法前执行,其返回值表示是否中断后续操作其返回值为 true 时,表示继续向下执行;当其返回值为 false 时,会中断后续的所有操作(包括调用下一个拦截器和控制器类中的方法执行等)
• postHandleO方法:该方法会在控制器方法调用之后,且解析视图之前执行 可以通过此方法对请求域中的模型和视图做出进一步的修改
• erCompletiQnO方法: ì:衷方法会在整个请求完成,即视图渲染结束之后执行 可以通过此方法实现一些资源清理、记录曰志信息等工作
拦截嚣的配置
要使自定义的拦截器类生效,还需要在 Spring MVC 的配置文件中进行配置,配置代码如下所示
<mvc:interceptors>
<!一使用 bean 直接定义在<mvc:interceptors>下面的 Interceptor 将拦截所有请求一〉
<bean class="com. itheima.interceptor.Customlnterceptor " />
<!一拦截器 一〉
<mvc : interceptor>
<!一配置拦截器作用的路径一〉
<mvc :mapping path="/.."/>
<!一配置不需要拦截器作用的路径一〉
<mvc:exclude-mapping path=""/>
<!一定义在<mvc:interceptor> 下面的,表示对匹配路径的请求才进行拦截一〉
<bean class="com.itheima.interceptor.lnterceptorl" />
</mvc:interceptor>
<!一拦截器 一〉
<mvc:interceptor>
<mvc:mapping path=" /hello" />
<bean class=" com.itheima .interceptor.lnterceptor2 " />
</mvc:interceptor>
</mvc:interceptors>
在上述代码中. mvc:interceptors 元素用于配置一组拦截器,其子元素 中定义的是全局拦截器,它会拦截所有的请求;而mvc:interceptor 元素中定义的是指定路径的拦截器,它会对指定路径下的请求生效 mvc:interceptor 元素的子元素mvc:mapping 用于配置拦截器作用的路径,该路径在其属性 path 中定义 如上述代码中 path 的属性值"/**"表示拦截所有路径. “/hello” 表示拦截所有以 “/hello” 结尾的路径 如果在请求路径中包含不需要拦截的内容,还可以通过mvc:exclude-mapping 元素进行配置需要注意的是. 中的子元素必须按照上述代码的配置顺序进行编写,即<:mvc mapping … />今 <mvc exclude-mapping … />今 <bean … />的顺序,否则文件会报错
Springmvc需要的jar文件
登录界面,简单的jsp代码,模拟登录所需数据:
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>login.jsp</title>
</head>
<body>
<center>
<form action="login.action" method="post">
<span>用户名:</span><input type="text" name="name"/><br>
<span>密码:</span><input type="password" name="password"/>
<input type="submit" value="提交"/>
</form>
</center>
</body>
</html>
登录拦截器控制设置,拦截action的登录请求以为的action,根据session中是否有user用户判断是否登录。
package com.ytk.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.ytk.util.Constants;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2) throws Exception {
if(arg0.getRequestURI().indexOf("login.action")>0) {
return true;
}
System.out.println(arg0.getSession().getAttribute(Constants.USER_CONTEXT)+"<<<<<<<<");
if(arg0.getSession().getAttribute(Constants.USER_CONTEXT)!=null) {
return true;
}
arg1.sendRedirect("/index.jsp");
return false;
}
}
Spring 控制跳转,业务处理登录请求,登录action,退出action以及其业务逻辑处理
package com.ytk.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import com.ytk.entity.User;
@Controller
public class LoginController extends BaseController {
@RequestMapping("/login.action")
public String login(HttpServletRequest request,User user,Model model) {
setSessionUser(request, user);
System.out.println("username:"+user.getName());
System.out.println("password:"+user.getPassword());
model.addAttribute("name", user);
return "success";
}
@RequestMapping("/logout.action")
public String logout(HttpServletRequest request,HttpServletResponse response) {
User user=getSessionUser(request);
System.out.println(user.getName());
System.err.println(user.getPassword());
setSessionUser(request, null);
return "logout";
}
}
login登录成功之后界面以及登出请求处理
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>hello</title>
</head>
<body>
您好!${user.name };
<a href="logout.action">退出</a>
success.jsp
<c:if test="${not empty user }">
${user.password }
</c:if>
</body>
</html>
登出请求,首先触发拦截器处理。判断用户是否登录。并作出相应处理。然后进入Spring 控制跳转的logout.action方法
保存用户的session域设置,也是拦截器判断是否拦截的条件
package com.ytk.controller;
import javax.servlet.http.HttpServletRequest;
import com.ytk.entity.User;
import com.ytk.util.Constants;
public class BaseController {
public void setSessionUser(HttpServletRequest request,User user) {
request.getSession().setAttribute(Constants.USER_CONTEXT, user);
}
public User getSessionUser(HttpServletRequest request) {
return (User)request.getSession().getAttribute(Constants.USER_CONTEXT);
}
}
用户entity文件
package com.ytk.entity;
public class User {
public User(){}
private String name;
private String password;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
package com.ytk.util;
public class Constants {
public final static String USER_CONTEXT="user_context";
}
文件配置springmvc.xml,spring.xml以及web.xml文件配置:
spring.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
</beans>
springmvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-4.3.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.3.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.3.xsd">
<context:component-scan base-package="com.ytk.controller"></context:component-scan>
<mvc:annotation-driven/>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/*"/>
<bean class="com.ytk.controller.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/views/"/>
<property name="suffix" value=".jsp"/>
</bean>
</beans>
web.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
<display-name>Springmvc</display-name>
<listener>
<listener-class> org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring.xml</param-value>
</context-param>
<!-- sprigmvc注册核心拦截器 -->
<servlet>
<servlet-name>dispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:springmvc.xml</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>dispatcherServlet</servlet-name>
<url-pattern>*.action</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>dispatcherServlet</servlet-name>
<url-pattern>/user/**</url-pattern>
</servlet-mapping>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>