前言
SpringMVC 中的Interceptor 攔截器主要用於攔截用戶的請求並進行相應的處理,定義一個Interceptor主要有兩種方式:
- 實現HandlerInterceptor 接口,或者是繼承實現了HandlerInterceptor 接口的類,例如HandlerInterceptorAdapter;
-
實現Spring的WebRequestInterceptor接口,或者是繼承實現了WebRequestInterceptor的類。
攔截器應用場景
以qq郵箱登錄爲例,登錄成功後,會進入到個人郵箱頁面。在短時間內,即使關閉了登錄頁面(不退出),再打開登錄頁,也會跳轉到個人郵箱頁面。如果退出,再打開個人郵箱頁面鏈接,則會跳轉到登錄頁面。以上登錄狀態的檢查其實就是測試過程中常聽說的session檢查了,也就是說每一個 Controller 方法執行前(上圖的preHandle)都需要進行 session 登錄態的檢查,如果存在登錄態,則繼續執行
Controller 的方法,如果不存在,則直接返回。
攔截器示例
參考《開發測試spring應用》書中提到的登錄案例,對攔截器的應用做以下說明。
pom依賴
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.springDemo</groupId>
<artifactId>springMVCDemo</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<name>springMVCDemo Maven Webapp</name>
<!-- FIXME change it to the project's website -->
<url>http://www.example.com</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
<spring.version>4.2.8.RELEASE</spring.version>
<!-- 解決mvn編譯亂碼問題
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-->
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.1</version>
<scope>provided</scope>
</dependency>
<!-- springframe start -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- springframe end -->
</dependencies>
<build>
<finalName>springMVCDemo</finalName>
<pluginManagement><!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
<plugins>
<plugin>
<artifactId>maven-clean-plugin</artifactId>
<version>3.1.0</version>
</plugin>
<!-- see http://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_war_packaging -->
<plugin>
<artifactId>maven-resources-plugin</artifactId>
<version>3.0.2</version>
</plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
</plugin>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
</plugin>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<version>3.2.2</version>
</plugin>
<plugin>
<artifactId>maven-install-plugin</artifactId>
<version>2.5.2</version>
</plugin>
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.8.2</version>
</plugin>
<!--
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
</plugin>
-->
</plugins>
</pluginManagement>
</build>
</project>
新建jsp及controller
login.jsp:登錄頁面
<%--
Created by IntelliJ IDEA.
User: lenovo
Date: 2019/2/25
Time: 15:03
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>測試系統</title>
</head>
<body>
<form action="/login" method="get">
<table>
<tr>
<td>用戶名:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>密碼:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td colspan="2">
<button type="submit">登錄</button>
</td>
</tr>
</table>
</form>
</body>
</html>
welcome.jsp:需注意,某些版本的isELIgnored默認爲true,此時需要設置爲isELIgnored="false",否則${username}變量無法傳遞到頁面展現。
<%--
Created by IntelliJ IDEA.
User: lenovo
Date: 2019/2/25
Time: 15:20
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %>
<html>
<head>
<title>測試系統</title>
</head>
<body>
<div>歡迎${username}登錄測試系統啊!</div>
<div><a href="/logout">退出</a> </div>
</body>
</html>
LoginController.java:“redirect:+路徑”表示重定向跳轉。代碼中用到的session,有效時間可以在web.xml中設置。
<!--session有效時間爲30分鐘-->
<session-config>
<session-timeout>30</session-timeout>
</session-config>
package example.controller;
import example.info.LoginInfo;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.http.HttpSession;
import java.util.Map;
@Controller
public class LoginController {
@RequestMapping(value = "/", method = RequestMethod.GET)
public String login(Map<String, Object> map) {
return "login";
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(LoginInfo loginInfo, HttpSession httpSession) { //此處的參數傳遞使用的是LoginInfo 實體對象
System.out.println("username:"+loginInfo.getUsername());
if (loginInfo.getUsername() != null){
httpSession.setAttribute("username", loginInfo.getUsername());
return "redirect:/welcome"; //點擊登錄按鈕後,重定向跳轉到 /welcome 路徑
}else
return "redirect:/"; //如果直接訪問/login路徑,則跳轉到登錄頁
}
@RequestMapping(value = "/welcome", method = RequestMethod.GET)
public String welcome(Map<String, Object> map, HttpSession httpSession) {
String username = "";
if (httpSession.getAttribute("username") != null)
username = httpSession.getAttribute("username").toString();
map.put("username", username); //傳遞變量給welcome.jsp的${username}
return "welcome";
}
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpSession httpSession) {
httpSession.setAttribute("username", null);
return "redirect:/";
}
}
新建實體類LoginInfo
需注意的是,LoginInfo 定義的變量必須與login.jsp標籤裏的 name 屬性對應,並且要有getter/setter 方法,這樣才能在表單提交時自動賦值。
package example.info;
public class LoginInfo {
private String username;
private String password;
public String getUsername() {
return this.username;
}
public String getPassword() {
return this.password;
}
public void setUsername(String username) {
this.username = username;
}
public void setPassword(String password) {
this.password = password;
}
}
回看LoginController類的login方法,除了通過實體類LoginInfo來傳遞參數,
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(LoginInfo loginInfo, HttpSession httpSession) {
System.out.println("username:"+loginInfo.getUsername());
if (loginInfo.getUsername() != null){
httpSession.setAttribute("username", loginInfo.getUsername());
return "redirect:/welcome"; //重定向跳轉到 /welcome 路徑
}else
return "redirect:/"; //如果直接訪問/login路徑,則跳轉到登錄頁
}
還可以通過以下兩種方式來實現同樣的效果。
方式一:變量名依舊和login.jsp標籤的name屬性名一致。
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(String username,String password, HttpSession httpSession) {
if (username != null){
httpSession.setAttribute("username", username);
return "redirect:/welcome"; //重定向跳轉到 /welcome 路徑
}else
return "redirect:/"; //如果直接訪問/login路徑,則跳轉到登錄頁
}
方式二:通過@RequestParam註解來實現,此方式不要求變量名與login.jsp標籤屬性一致。
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(@RequestParam("username")String name, HttpSession httpSession) {
if (name != null){
httpSession.setAttribute("username", name);
return "redirect:/welcome"; //重定向跳轉到 /welcome 路徑
}else
return "redirect:/"; //如果直接訪問/login路徑,則跳轉到登錄頁
}
新建攔截類DemoInterceptor
前文提到每一個Controller方法執行前都需要進行session登錄態的檢查,此時便需要用到攔截器了,接下來以實現HandlerInterceptor 接口爲例說明。
package example.interceptor;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class DemoInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
String username = (String) httpServletRequest.getSession().getAttribute("username");
System.out.println("name:"+username);
if (StringUtils.isEmpty(username)) {
httpServletResponse.sendRedirect(httpServletRequest.getContextPath());
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
- preHandle 是攔截前置處理,在請求進入 action 之前執行,通過重寫preHandle 方法,判斷了 session 信息是否存在,如果存在,則返回 true,然後進入 action,如果不存在,則 sendRedirect,,即進行重定向,request.getContextPath() 的值就是站點根目錄”http://localhost:8082/”,所以會進入登錄頁面。
- postHandle 就是攔截後置處理。
- afterCompletion 就是攔截完成處理。
配置攔截器
配置dispatcher-servlet.xml,增加攔截器interceptor配置。
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<context:component-scan base-package="example.controller"/>
<mvc:default-servlet-handler/>
<!--啓用spring的一些annotation -->
<context:annotation-config/>
<!-- 配置註解驅動 可以將request參數與綁定到controller參數上 -->
<mvc:annotation-driven/>
<!--靜態資源映射-->
<!--本項目把靜態資源放在了webapp的statics目錄下,資源映射如下-->
<!--statics目錄下所有文件不會被DispatcherServlet攔截,直接訪問,當做靜態資源交給Servlet處理-->
<mvc:resources mapping="/statics/**" location="/WEB-INF/statics/"/>
<!--mvc:resources mapping="/js/**" location="/WEB-INF/statics/js/"/-->
<!--mvc:resources mapping="/image/**" location="/WEB-INF/statics/image/"/-->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/view/"/><!--設置JSP文件的目錄位置-->
<property name="suffix" value=".jsp"/>
<property name="exposeContextBeansAsAttributes" value="true"/>
</bean>
<!--mvc:mapping 表示要攔截的請求路徑,”/**”表示攔截所有的路徑-->
<!--mvc:exclude-mapping 表示要排除攔截的路徑,即不攔截的路徑-->
<!--bean 表示攔截後要做的事,都寫在了 DemoInterceptor 這個類裏-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="/"/>
<mvc:exclude-mapping path="/login"/>
<mvc:exclude-mapping path="/view/**"/>
<bean class="example.interceptor.DemoInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
增加攔截器後,未登錄前,打開 http://localhost:8082/welcome會跳轉到登錄頁面。如果不增加攔截器,未登錄前打開 http://localhost:8082/welcome 則會跳轉到歡迎頁面。
頁面驗證
做完以上處理後,一個登錄頁面基本完成了,啓動Tomcat服務。
輸入http://locathost:8082,展現登錄頁面如下:
點擊登錄按鈕,進入welcome頁面。
點擊退出按鈕,回到登錄頁面。
參考資料
《開發測試的spring應用》