为了实现用户登录拦截你是否写过如下代码呢?
1. 基于Filter
import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; public class AuthenticationFilter implements Filter { private FilterConfig filterConfig; private String onErrorUrl; public void init(FilterConfig filterConfig) throws ServletException { // 从 filterConfig 中的得到错误页 this.filterConfig = filterConfig; this.onErrorUrl = filterConfig.getInitParameter("onError"); if(this.onErrorUrl == null || "".equals(this.onErrorUrl)) this.onErrorUrl = "onError"; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest)request; session = httpRequest.getSession(); if(null == session.getAttribute("_LOGIN_USER_") && !"/login".equals(httpRequest.getServletPath())) { httpRequest.getRequestDispatcher("/"+this.onErrorUrl).forward(request, response); }else{ chain.doFilter(request, response); } } public void destroy() { } }
2. 基于Struts
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.apache.struts2.ServletActionContext; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.interceptor.AbstractInterceptor; @SuppressWarnings("serial") public class LoginInterceptor extends AbstractInterceptor { @Override public String intercept(ActionInvocation invocation) throws Exception { String currentUser="currentUser"; HttpServletRequest request=ServletActionContext.getRequest(); HttpServletResponse response=ServletActionContext.getResponse(); HttpSession session=request.getSession(); if(request.getRequestURI().endsWith("login.action")){ return invocation.invoke(); } else { if(session.getAttribute(currentUser)!=null){ return invocation.invoke(); }else{ response.sendRedirect(request.getContextPath()+"/login.jsp"); } } return null; } }
3. 基于SpringMVC
import javax.servlet.RequestDispatcher; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import cn.edu.hdc.util.Constants; /** * @ClassName: LoginInterceptor * @Description: 登录拦截器 * @author loweir [email protected] * @date 2016年4月27日 上午8:06:11 */ public class LoginInterceptor implements HandlerInterceptor { /** * 在目标方法前被调用,返回 true 继续 */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception { try { String url = request.getRequestURI(); // 如果不是登录操作 判断 session if (!url.endsWith("login")) { if (request.getSession().getAttribute(Constants.CURRENT_USER) == null) { response.sendRedirect(request.getContextPath() + "/login.jsp"); return false; } } } return true; } catch (Exception e) { e.printStackTrace(); return false; } } @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception { } }
如何使用自定义注解完成自定义拦截呢?
登录注解
import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * Created by loweir on 2017/5/14 17:19 ** author: 张瑀楠 * email: [email protected] * 负责登录拦截 */ @Retention(RetentionPolicy.RUNTIME) @Target({ElementType.TYPE,ElementType.METHOD}) public @interface WebLoginRequired { String value() default ""; // 未登录时需要跳转的路径 }
SpringMVC 拦截器设置
import com.ainsoft.globalshoperp.component.constant.WebLogin; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * Created by loweir on 2017/5/14 17:14 ** author: 张瑀楠 * email: [email protected] */ public class LoginInterceptor implements HandlerInterceptor { private static Log logger = LogFactory.getLog(LoginInterceptor.class); public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object handler) throws Exception { if (logger.isDebugEnabled()) { logger.debug("拦截器启动"); } /* * 判断是否为 HandlerMethod.class * 如果不是说明当前请求并不是 SpringMVC 管理, * 如果不是再自行根据业务做响应操作,这里直接返回 true */ if (HandlerMethod.class.isInstance(handler)) { HandlerMethod handlerMethod = (HandlerMethod) handler; // 判断该 handler 是否有WebLoginRequired注解 WebLoginRequired webLoginRequired = handlerMethod.getMethod().getDeclaredAnnotation(WebLoginRequired.class); // 如果该 handler 没有WebLoginRequired注解,判断所属Controller 是否包含注解 if (null == webLoginRequired) { webLoginRequired = handlerMethod.getBeanType().getAnnotation(WebLoginRequired.class); } // 如果需要 WebLoginRequired 判断 session if (null != webLoginRequired) { if (httpServletRequest.getSession().getAttribute(WebLogin.CURRENTUSER) == null) { String executeURL = webLoginRequired.value(); if (StringUtils.isBlank(executeURL)) { executeURL = WebLogin.LOGIN; } httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + executeURL); return false; } } } return true; } public void postHandle(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { if (logger.isDebugEnabled()) { logger.debug("postHandler"); } } public void afterCompletion(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { if (logger.isDebugEnabled()) { logger.debug("afterCompletion"); } } }
最终 controller 写法
1. 不需要登录权限的
类和方法都不需要注解
@Controller @RequestMapping("auth") public class AuthController { @RequestMapping("login") public String login() { return "login"; } }
2. 整个 controller 内都需要登录权限
在类上添加注解即可
@Controller @WebLoginRequired @RequestMapping("order") public class OrderController { @RequestMapping("index") public String index() { return "index"; } }
3. controller 某个方法需要登录权限
只在需要登录权限的方法上添加注解
在注解上可以指定需要重定向的链接
如果不指定则默认到 login
@Controller @RequestMapping("order") public class OrderController { @RequestMapping("index") public String index() { return "index"; } // 需要登录 @WebLoginRequired @RequestMapping("add") public String index() { return "index"; } // 需要登录,如果未登录跳到 error @WebLoginRequired("error") @RequestMapping("delete") public String index() { return "index"; } }
以上就是SpringMVC 如何使用注解完成登录拦截的详细内容,更多关于SpringMVC 使用注解完成登录拦截的资料请关注脚本之家其它相关文章!