关闭

使用springmvc拦截器进行登录控制

标签: cookie springmvc拦截器
50人阅读 评论(0) 收藏 举报

使用springmvc拦截器和session控制登录和获取登录用户的信息。

 1.LoginInterceptor.java 解析session,获取登录用户信息。

public class LoginInterceptor implements HandlerInterceptor {


protected static final Logger logger = Logger.getLogger(LoginInterceptor.class);

private SystemConfig systemConfig;


public void setSystemConfig(SystemConfig systemConfig) {

this.systemConfig = systemConfig;

}

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

Cookie[] cookies = request.getCookies();

if(cookies == null) {

return true;

}

for(Cookie cookie : cookies) {

String key = cookie.getName();

String content = cookie.getValue();

if(key.equalsIgnoreCase(systemConfig.getCookieKey())) {

if(StringUtils.isNotBlank(content)) {

String source = DESUtils.decrypt(content, systemConfig.getCookieSecurityKey());

UserDO user = this.decode(source);

LoginContext context = new LoginContext();

context.setUser(user);

LoginContextHolder.set(context);

}

}

}

return true;

}


public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

if(modelAndView != null) {

modelAndView.addObject("loginUser", LoginContextHolder.getLoginUser());

}

}


public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

LoginContextHolder.clear();

}


protected UserDO decode(String content) {

if(StringUtils.isBlank(content)) {

return null;

}

JSONObject json = JSONObject.fromObject(content);

UserDO user = new UserDO();

user.setId(json.getInt("id"));

user.setName(json.getString("name"));

return user;

}


}


2,securityInterceptor.java 控制用户登录

public class SecurityInterceptor implements HandlerInterceptor {


public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

// TODO Auto-generated method stub

LoginContext context = LoginContextHolder.get();

if(context != null && context.getUser() != null) {

return true;

}

response.sendRedirect("login.jhtml");

return false;

}


public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

// TODO Auto-generated method stub

}


public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

// TODO Auto-generated method stub

}


}


3.LoginContext.java 存放登录上下文信息。


public class LoginContext {

private UserDO user;


public UserDO getUser() {

return user;

}


public void setUser(UserDO user) {

this.user = user;

}

}


4.LoginContextHolder.java 使用ThreadLocal<LoginContext>存取用户信息。


public class LoginContextHolder {


private static final ThreadLocal<LoginContext> holder = new ThreadLocal<LoginContext>();


public static LoginContext get() {

return holder.get();

}

public static void set(LoginContext context) {

holder.set(context);

}

public static void clear() {

holder.remove();

}

public static UserDO getLoginUser() {

LoginContext context = holder.get();

return context == null ? null : context.getUser();

}


5.使用springMvc的拦截器对链接路径进行控制

<mvc:interceptors>

  <mvc:interceptor>

  <mvc:mapping path="/upload/**" />

  <bean class="com.moin.web.interceptor.LoginInterceptor" />

  </mvc:interceptor>

  <mvc:interceptor>

  <mvc:mapping path="/upload/**" />

  <bean class="com.moin.web.interceptor.SecurityInterceptor" />

  </mvc:interceptor>

  </mvc:interceptors>


0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:6246次
    • 积分:174
    • 等级:
    • 排名:千里之外
    • 原创:6篇
    • 转载:5篇
    • 译文:5篇
    • 评论:0条