cg3410的博客

不积跬步无以至千里,不积小流无以成江海。

使用springmvc拦截器进行登录控制

使用springmvc拦截器和session控制登录和获取登录用户的信息。

 1.LoginInterceptor.java 解析session,获取登录用户信息。

public class LoginInterceptor implements HandlerInterceptor {


protected static final Logger logger = Logger.getLogger(LoginInterceptor.class);

private SystemConfig systemConfig;


public void setSystemConfig(SystemConfig systemConfig) {

this.systemConfig = systemConfig;

}

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

Cookie[] cookies = request.getCookies();

if(cookies == null) {

return true;

}

for(Cookie cookie : cookies) {

String key = cookie.getName();

String content = cookie.getValue();

if(key.equalsIgnoreCase(systemConfig.getCookieKey())) {

if(StringUtils.isNotBlank(content)) {

String source = DESUtils.decrypt(content, systemConfig.getCookieSecurityKey());

UserDO user = this.decode(source);

LoginContext context = new LoginContext();

context.setUser(user);

LoginContextHolder.set(context);

}

}

}

return true;

}


public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

if(modelAndView != null) {

modelAndView.addObject("loginUser", LoginContextHolder.getLoginUser());

}

}


public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

LoginContextHolder.clear();

}


protected UserDO decode(String content) {

if(StringUtils.isBlank(content)) {

return null;

}

JSONObject json = JSONObject.fromObject(content);

UserDO user = new UserDO();

user.setId(json.getInt("id"));

user.setName(json.getString("name"));

return user;

}


}


2,securityInterceptor.java 控制用户登录

public class SecurityInterceptor implements HandlerInterceptor {


public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

// TODO Auto-generated method stub

LoginContext context = LoginContextHolder.get();

if(context != null && context.getUser() != null) {

return true;

}

response.sendRedirect("login.jhtml");

return false;

}


public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

// TODO Auto-generated method stub

}


public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

// TODO Auto-generated method stub

}


}


3.LoginContext.java 存放登录上下文信息。


public class LoginContext {

private UserDO user;


public UserDO getUser() {

return user;

}


public void setUser(UserDO user) {

this.user = user;

}

}


4.LoginContextHolder.java 使用ThreadLocal<LoginContext>存取用户信息。


public class LoginContextHolder {


private static final ThreadLocal<LoginContext> holder = new ThreadLocal<LoginContext>();


public static LoginContext get() {

return holder.get();

}

public static void set(LoginContext context) {

holder.set(context);

}

public static void clear() {

holder.remove();

}

public static UserDO getLoginUser() {

LoginContext context = holder.get();

return context == null ? null : context.getUser();

}


5.使用springMvc的拦截器对链接路径进行控制

<mvc:interceptors>

  <mvc:interceptor>

  <mvc:mapping path="/upload/**" />

  <bean class="com.moin.web.interceptor.LoginInterceptor" />

  </mvc:interceptor>

  <mvc:interceptor>

  <mvc:mapping path="/upload/**" />

  <bean class="com.moin.web.interceptor.SecurityInterceptor" />

  </mvc:interceptor>

  </mvc:interceptors>


阅读更多
上一篇查询,分页封装
下一篇mongoClient备忘
想对作者说点什么? 我来说一句

SpringMVC登录拦截器

2017年01月20日 13.42MB 下载

没有更多推荐了,返回首页

关闭
关闭