之前一直都在用mvc的攔截器權限控制,後來上網也研究了一些這方面的知識,下面就直接分享下我對mvc的攔截器的理解,通過項目來分析吧。。。
1、首先準備對應的架包
2、看看項目的架構
3、基本的web.xml文件
- <?xml version="1.0" encoding="UTF-8"?>
- <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
- <display-name>shiro</display-name>
- <!-- 加載springmvc -->
- <servlet>
- <servlet-name>SpringMVC</servlet-name>
- <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
- <init-param>
- <param-name>contextConfigLocation</param-name>
- <param-value>classpath:mvc.xml</param-value>
- </init-param>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <!-- 以.htm結尾的都被mvc攔截 -->
- <servlet-mapping>
- <servlet-name>SpringMVC</servlet-name>
- <url-pattern>*.htm</url-pattern>
- </servlet-mapping>
- <!-- 啓動spring 加載 需要加載其他的spring時 需啓動該監聽器
- <listener>
- <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
- </listener>
- -->
- </web-app>
3、配置classpath下的mvc.xml文件
- <?xml version="1.0" encoding="UTF-8"?>
- <beans xmlns="http://www.springframework.org/schema/beans"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:mvc="http://www.springframework.org/schema/mvc"
- xsi:schemaLocation="http://www.springframework.org/schema/beans
- http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/context
- http://www.springframework.org/schema/context/spring-context-3.0.xsd
- http://www.springframework.org/schema/mvc
- http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd">
- <mvc:annotation-driven />
- <!-- 自動掃描包 -->
- <context:component-scan base-package="com.cat.spring.controller" />
- <!-- 配置mvc的攔截器 可以配置多個 -->
- <mvc:interceptors>
- <mvc:interceptor>
- <!-- 需要被攔截的路徑 -->
- <mvc:mapping path="/member/**" />
- <!-- 攔截處理的interceptor -->
- <bean class="com.cat.interceptor.MemberInterceptor" />
- </mvc:interceptor>
- </mvc:interceptors>
- <!-- mvc返回頁面的配置 -->
- <bean id="viewResolver"
- class="org.springframework.web.servlet.view.InternalResourceViewResolver">
- <!-- 模板路徑爲WEB-INF/pages/ -->
- <property name="prefix">
- <value>/WEB-INF/pages/</value>
- </property>
- <!-- 視圖模板後綴爲.JSP -->
- <property name="suffix">
- <value>.jsp</value>
- </property>
- </bean>
- </beans>
4、接着就要配置攔截器了MemberInterceptor.java
- /**
- *
- */
- package com.cat.interceptor;
- import java.net.URLEncoder;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.servlet.http.HttpSession;
- import org.apache.commons.lang.StringUtils;
- import org.springframework.web.servlet.HandlerInterceptor;
- import org.springframework.web.servlet.ModelAndView;
- /**
- * @author chenlf
- *
- * 2014-3-25
- */
- public class MemberInterceptor implements HandlerInterceptor {
- public final static String SEESION_MEMBER = "seesion_member";
- /*
- * (non-Javadoc)
- *
- * @see org.springframework.web.servlet.HandlerInterceptor#afterCompletion(javax.servlet.http.HttpServletRequest,
- * javax.servlet.http.HttpServletResponse, java.lang.Object, java.lang.Exception)
- */
- public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2,
- Exception arg3) throws Exception {
- // TODO Auto-generated method stub
- }
- /*
- * (non-Javadoc)
- *
- * @see org.springframework.web.servlet.HandlerInterceptor#postHandle(javax.servlet.http.HttpServletRequest,
- * javax.servlet.http.HttpServletResponse, java.lang.Object, org.springframework.web.servlet.ModelAndView)
- */
- public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2,
- ModelAndView arg3) throws Exception {
- // TODO Auto-generated method stub
- }
- /*
- * (non-Javadoc)
- * 攔截mvc.xml配置的/member/**路徑的請求
- * @see org.springframework.web.servlet.HandlerInterceptor#preHandle(javax.servlet.http.HttpServletRequest,
- * javax.servlet.http.HttpServletResponse, java.lang.Object)
- */
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
- Object handler) throws Exception {
- //請求的路徑
- String contextPath=request.getContextPath();
- String url=request.getServletPath().toString();
- HttpSession session = request.getSession();
- String user = (String) session.getAttribute(SEESION_MEMBER);
- //這裏可以根據session的用戶來判斷角色的權限,根據權限來重定向不同的頁面,簡單起見,這裏只是做了一個重定向
- if (StringUtils.isEmpty(user)) {
- //被攔截,重定向到login界面
- response.sendRedirect(contextPath+"/login.htm?redirectURL="
- + URLEncoder.encode(url));
- return false;
- }
- return true;
- }
- }
5、LoginController.java文件
- /**
- *
- */
- package com.cat.spring.controller;
- import java.net.URLDecoder;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpSession;
- import org.apache.commons.lang.StringUtils;
- import org.springframework.stereotype.Controller;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RequestMethod;
- import org.springframework.web.servlet.ModelAndView;
- import com.cat.interceptor.MemberInterceptor;
- /**
- * @author chenlf
- *
- * 2014-3-24
- */
- @Controller
- public class LoginController {
- @RequestMapping(value = "/login", method = RequestMethod.GET)
- public ModelAndView login(String redirectURL, HttpServletRequest request) {
- ModelAndView view = new ModelAndView();
- //把攔截前路徑存下來,以便登入成功可以直接請求到登錄前的頁面
- view.addObject("redirectURL", redirectURL);
- view.setViewName("/login");
- return view;
- }
- @RequestMapping(value = "/submit", method = RequestMethod.POST)
- public String submit(String username, String password, String redirectURL,
- HttpServletRequest request) {
- //模擬登陸成功 用戶admin 密碼admin的用戶
- if (StringUtils.isNotBlank(username) && StringUtils.isNotBlank(password)
- && username.equals("admin") && password.equals("admin")) {
- //當登陸成功是,將用戶信息存放到session中去
- HttpSession session = request.getSession();
- session.setAttribute(MemberInterceptor.SEESION_MEMBER, "admin");
- if (StringUtils.isNotBlank(redirectURL)) {
- return "redirect:" + URLDecoder.decode(redirectURL);
- }
- return "redirect:/member/index.htm";
- } else {
- if (StringUtils.isNotBlank(redirectURL)) {
- return "redirect:/login.htm?" + URLDecoder.decode(redirectURL);
- }
- return "redirect:/login.htm";
- }
- }
- }
6、下面就是login.jsp文件
- <%@ page language="java" contentType="text/html; charset=UTF-8"
- pageEncoding="utf-8"%>
- <!DOCTYPE html>
- <html>
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <title>mvc權限登陸login</title>
- </head>
- <body>
- <h3>
- mvc權限登陸login
- </h3>
- <form action="submit.htm" method="post">
- <!-- 記錄重定向的url -->
- <input type="hidden" name="redirectURL" value="${redirectURL}" />
- <table>
- <tr>
- <td>
- 賬號
- </td>
- <td>
- <input type="text" name="username" />
- </td>
- <td>
- 密碼
- </td>
- <td>
- <input type="password" name="password" />
- </td>
- </tr>
- <tr>
- <td colspan="2" align="center">
- <input type="submit" value="提交" />
- </td>
- </tr>
- </table>
- </form>
- </body>
- </html>
7、剩下的就是一些正常的mvc請求處理的文件,這裏就不贅訴了
8、到這裏看看效果吧
a、當非登陸狀態的時候,請求localhost:8010/demo-mvc/member/list.htm時,被攔截攔截,重定向到login頁面,並攜帶了當前的這個路徑(/member/list.htm)作爲參數傳到頁面
b、輸入正確的用戶名admin 密碼admin後登陸,會跳轉到攔截前的頁面
c、當登陸完成後,輸入地址爲http://localhost:8010/demo-mvc/member/index.htm,session中記錄着當前用戶的信息,不需要重新登陸了