1、拦截器实现代码
package com.interceptor; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; public class LoginInterceptor implements HandlerInterceptor{ //允许那些url不被拦截,那些需要被拦截 private List<String> allowedpass; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { String urlString = request.getRequestURL().toString(); //先判断session状态 System.out.println("urlString="+urlString); System.out.println("allowedpass="+allowedpass); Object user = request.getSession().getAttribute("user"); if(user!=null) { System.out.println("已登录,无需校验"); return true; } for (String temp : allowedpass) { if(urlString.endsWith(temp)) { return true; } } response.sendRedirect(request.getContextPath()+"/login.jsp"); return true; } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception { } @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { } public List<String> getAllowedpass() { return allowedpass; } public void setAllowedpass(List<String> allowedpass) { this.allowedpass = allowedpass; } }
2、Controller层代码
package com.controller; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; @Controller public class UserController { @RequestMapping("/login") public String login(User user,HttpSession session) { if("siggy".equals(user.getUsername())&&"1111".equals(user.getPwd())) { session.setAttribute("user", user); System.out.println(user.toString()); return "redirect:/index.jsp"; } return "redirect:/login.jsp"; } }
3、mvc.xml配置文件
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean class="com.interceptor.LoginInterceptor">
<!-- 注入进来 -->
<property name="allowedpass">
<list>
<value>login.do</value>
</list>
</property>
</bean>
</mvc:interceptor>
4、login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>login</title> </head> <body> <form action="login.do" method="post"> username:<input type="text" name="username"><br> password:<input type="password" name="pwd"><br> <input type="submit" value="submit"> </form> </body> </html>
未登录时访问/admin/hello.do 被拦截,跳转到登陆页面
点击登陆
再次访问/admin/hello.do,访问成功。
