CheckLoginInterceptor.java
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* Author: HeatDeath
* Date: 2018/2/24
* Desc:
*/
public class CheckLoginInterceptor implements HandlerInterceptor {
@Autowired
private SSOServiceImpl ssoService;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
boolean login = ssoService.checkLogin(request, response);
if (!login){
String currentUrl = request.getRequestURL().toString();
if (request.getQueryString() != null) {
currentUrl += "?" + request.getQueryString();
}
String loginUrl = ssoService.loginRequired(currentUrl);
response.sendRedirect(loginUrl);
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
springmvc.xml
<mvc:interceptors>
<!-- 配置一个用于处理对于 /* 请求的拦截器 -->
<mvc:interceptor>
<mvc:mapping path="/*" />
<mvc:exclude-mapping path="/callback"/>
<bean class="web.interceptor.CheckLoginInterceptor" />
</mvc:interceptor>
</mvc:interceptors>
这个拦截器的作用是,拦截未登录的用户访问 /*, 但除了 /callback
当拦截到用户请求时,check 用户是否登录
①如果用户未登录,则将用户重定向到 登录页面
②如果用户已经登录,则正常响应用户的请求
注意:
<mvc:mapping path="/*" />
<mvc:exclude-mapping path="/callback"/>
mapping 一定要写在 exclude-mapping 之前!
更多详细内容可以参考:
SpringMVC拦截器(资源和权限管理)
http://blog.csdn.net/tonytfjing/article/details/39207551