之前一直都在用mvc的攔截器權限控制,後來上網也研究了一些這方面的知識,下面就直接分享下我對mvc的攔截器的理解,通過項目來分析吧。。。
1、首先準備對應的架包
2、看看項目的架構
3、基本的web.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>shiro</display-name>
<!-- 加載springmvc -->
<servlet>
<servlet-name>SpringMVC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:mvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- 以.htm結尾的都被mvc攔截 -->
<servlet-mapping>
<servlet-name>SpringMVC</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<!-- 啓動spring 加載 需要加載其他的spring時 需啓動該監聽器
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
-->
</web-app>
3、配置classpath下的mvc.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
<mvc:annotation-driven />
<!-- 自動掃描包 -->
<context:component-scan base-package="com.cat.spring.controller" />
<!-- 配置mvc的攔截器 可以配置多個 -->
<mvc:interceptors>
<mvc:interceptor>
<!-- 需要被攔截的路徑 -->
<mvc:mapping path="/member/**" />
<!-- 攔截處理的interceptor -->
<bean class="com.cat.interceptor.MemberInterceptor" />
</mvc:interceptor>
</mvc:interceptors>
<!-- mvc返回頁面的配置 -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<!-- 模板路徑爲WEB-INF/pages/ -->
<property name="prefix">
<value>/WEB-INF/pages/</value>
</property>
<!-- 視圖模板後綴爲.JSP -->
<property name="suffix">
<value>.jsp</value>
</property>
</bean>
</beans>
4、接着就要配置攔截器了MemberInterceptor.java
/**
*
*/
package com.cat.interceptor;
import java.net.URLEncoder;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
/**
* @author chenlf
*
* 2014-3-25
*/
public class MemberInterceptor implements HandlerInterceptor {
public final static String SEESION_MEMBER = "seesion_member";
/*
* (non-Javadoc)
*
* @see org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, java.lang.Object, java.lang.Exception)
*/
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2,
Exception arg3) throws Exception {
// TODO Auto-generated method stub
}
/*
* (non-Javadoc)
*
* @see org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView)
*/
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2,
ModelAndView arg3) throws Exception {
// TODO Auto-generated method stub
}
/*
* (non-Javadoc)
* 攔截mvc.xml配置的/member/**路徑的請求
* @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, java.lang.Object)
*/
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object handler) throws Exception {
//請求的路徑
String contextPath=request.getContextPath();
String url=request.getServletPath().toString();
HttpSession session = request.getSession();
String user = (String) session.getAttribute(SEESION_MEMBER);
//這裏可以根據session的用戶來判斷角色的權限,根據權限來重定向不同的頁面,簡單起見,這裏只是做了一個重定向
if (StringUtils.isEmpty(user)) {
//被攔截,重定向到login界面
response.sendRedirect(contextPath+"/login.htm?redirectURL="
+ URLEncoder.encode(url));
return false;
}
return true;
}
}
這樣攔截器的核心就配置完了,接下來就是一些登陸的處理操作5、LoginController.java文件
/**
*
*/
package com.cat.spring.controller;
import java.net.URLDecoder;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import com.cat.interceptor.MemberInterceptor;
/**
* @author chenlf
*
* 2014-3-24
*/
@Controller
public class LoginController {
@RequestMapping(value = "/login", method = RequestMethod.GET)
public ModelAndView login(String redirectURL, HttpServletRequest request) {
ModelAndView view = new ModelAndView();
//把攔截前路徑存下來,以便登入成功可以直接請求到登錄前的頁面
view.addObject("redirectURL", redirectURL);
view.setViewName("/login");
return view;
}
@RequestMapping(value = "/submit", method = RequestMethod.POST)
public String submit(String username, String password, String redirectURL,
HttpServletRequest request) {
//模擬登陸成功 用戶admin 密碼admin的用戶
if (StringUtils.isNotBlank(username) && StringUtils.isNotBlank(password)
&& username.equals("admin") && password.equals("admin")) {
//當登陸成功是,將用戶信息存放到session中去
HttpSession session = request.getSession();
session.setAttribute(MemberInterceptor.SEESION_MEMBER, "admin");
if (StringUtils.isNotBlank(redirectURL)) {
return "redirect:" + URLDecoder.decode(redirectURL);
}
return "redirect:/member/index.htm";
} else {
if (StringUtils.isNotBlank(redirectURL)) {
return "redirect:/login.htm?" + URLDecoder.decode(redirectURL);
}
return "redirect:/login.htm";
}
}
}
6、下面就是login.jsp文件
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="utf-8"%>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>mvc權限登陸login</title>
</head>
<body>
<h3>
mvc權限登陸login
</h3>
<form action="submit.htm" method="post">
<!-- 記錄重定向的url -->
<input type="hidden" name="redirectURL" value="${redirectURL}" />
<table>
<tr>
<td>
賬號
</td>
<td>
<input type="text" name="username" />
</td>
<td>
密碼
</td>
<td>
<input type="password" name="password" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="提交" />
</td>
</tr>
</table>
</form>
</body>
</html>