@Controller public class AdminController { @Inject private AdminService adminService; @RequestMapping(value="/",method=RequestMethod.GET) public String index() { return "index"; } @RequestMapping(value="/",method=RequestMethod.POST) public String login(Admin admin,HttpSession session,RedirectAttributes redirectAttributes) { Admin currAdmin = adminService.login(admin.getName(),admin.getPassword()); if(currAdmin == null) { redirectAttributes.addFlashAttribute("message", "账号或密码错误"); // 重定向 return "redirect:/"; } else { session.setAttribute("curr_admin", currAdmin); return "redirect:/book"; } } }
写一个类,继承HandlerInterceptorAdapter,并重写preHandle方法
public class LoginInterceptor extends HandlerInterceptorAdapter{ private List<String> execludeUrls; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String url = request.getRequestURI(); if(execludeUrls.contains(url) || url.startsWith("/static")) { return true; } else { HttpSession session = request.getSession(); Admin admin = (Admin) session.getAttribute("curr_admin"); if(admin == null) { System.out.println("未登录用户访问,访问被拒绝"); //response.sendRedirect("/"); /*在这里如果选择抛出异常,需要自定义一个异常,并且在mvc-servlet.xml中配置异常 */ throw new LoginException(); } return true; } } // set注入 public void setExecludeUrls(List<String> execludeUrls) { this.execludeUrls = execludeUrls; } }
自定义异常
package com.kaishengit.exception; public class LoginException extends RuntimeException{ private static final long serialVersionUID = 1L; }
且在mvc-servlet.xml中配置
1.异常处理
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> <property name="exceptionMappings"> <props> <!-- 这里的异常处理选择重定向 --> <prop key="com.kaishengit.exception.LoginException">redirect:/</prop> </props> </property> </bean>
2.拦截器配置
<mvc:interceptors> <mvc:interceptor> <!-- 所有都要经过拦截器 --> <mvc:mapping path="/**"/> <bean class="com.kaishengit.controller.interceptor.LoginInterceptor"> <!-- 在这里配置了一个叫execludeUrls的property,里面包含了三个请求路径 在LoginInterceptor里注入了execludeUrls(定义这个属性,并生成set方法),所以可以写execludeUrls.contains(url),就不用在 程序中写死了,如果不这样写,就还用老方法 "".equals(url) || "/".equals(url) || "/login".equals(url)--> <property name="execludeUrls"> <list> <value></value> <value>/</value> <value>/login</value> </list> </property> </bean> </mvc:interceptor> </mvc:interceptors>