类似servlet中的filter用于对处理器进行预处理和后处理。是AOP思想的具体实现。
filter过滤器在任何mavenWeb工程中都可以使用;interceptor拦截器只在mavenWeb工程集成springMvc中才可以使用。
filter如果配置/拦截所有,对静态资源需在spring-mvc.xml中放行。interceptor如果配置/**拦截所有,也不会拦截静态资源(也不拦截jsp),业务上需对如登录的controller路径放行。
快速入门
创建mavenWeb项目
pom文件引入依赖
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.example</groupId>
<artifactId>SpringInterceptorModule</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.0.5.RELEASE</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
<configuration>
<port>8080</port>
<path>/SpringDemoModule</path>
</configuration>
</plugin>
</plugins>
</build>
</project>
web.xml中配置前端控制器
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<!--配置SpringMVC的前端控制器:-->
<servlet>
<servlet-name>DispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-mvc.xml</param-value>
</init-param>
<load-on-startup>2</load-on-startup><!--loadOnStartup=负整数或不加默认第一次访问该servlet执行时创建servlet对象并初始化
loadOnStartup为0或正整数时,web服务器启动时创建servlet对象,数字越小,优先级越高-->
</servlet>
<servlet-mapping>
<servlet-name>DispatcherServlet</servlet-name>
<url-pattern>/</url-pattern><!-- 配置该servlet的路径为拦截所有/,虽会覆盖tomcat静态资源访问路径,但现在没有静态资源html之类,只有jsp动态页面。-->
</servlet-mapping>
</web-app>
com.kdy.interceptor包下创建MyInterceptor
public class MyInterceptor implements HandlerInterceptor {
//在目标方法执行前执行
@Override
public boolean preHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler) throws Exception {
//参数request和response,可以处理请求响应的一些资源
System.out.println("preHandle...");
return true;//进入处理前前的预处理,return true代表放行,会继续到达处理器。return false代表不放行,会到达不了处理器
}
//在目标方法执行之后 视图对象返回之前,即还未到视图解析器的时候执行
//可对controller处理后的modelAndView进行操作
@Override
public void postHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
//post方法参数中除了request和response,还有个modelAndView,可以对controller响应的modelAndView进行再次处理
System.out.println("postHandle...");
}
//在流程都执行完毕后执行,即视图解析器解析后,前端控制器将其渲染发送客户端浏览器后,执行
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("afterCompletion...");
}
}
resource下spring-mvc.xml配置拦截器
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
">
<!--Controller的组件扫描-->
<context:component-scan base-package="com.kdy"></context:component-scan>
<!--视图解析器-->
<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/jsp/"></property><!--前缀-->
<property name="suffix" value=".jsp"></property><!--后缀-->
</bean>
<!--注解驱动,顶替配置的处理器映射器和适配器,集成了jackson,可Controller资源方法返回字为对象User时,自动转为json-->
<mvc:annotation-driven/>
<!--静态资源放行-->
<mvc:default-servlet-handler/>
<!--配置拦截器-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<!--<mvc:exclude-mapping path="/user/login"/>某些动态资源需要放行-->
<bean class="com.kdy.interceptor.MyInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
com.kdy.controller中创建TargetController
@Controller
public class TargetController {
@RequestMapping("/target")
public ModelAndView show() {
System.out.println("目标资源执行...");
ModelAndView modelAndView = new ModelAndView();
modelAndView.addObject("name", "kdy");
modelAndView.setViewName("index");
return modelAndView;
}
}
webapp下jsp目录创建index.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>index</title>
</head>
<body>
Hello world~ <br/>
<%
System.out.println("执行到jsp页面...");
%>
${name}
</body>
</html>
启动项目访问http://localhost:8080/SpringInterceptorModule/target
执行流程为
preHandle...
目标资源执行...
postHandle...
执行到jsp页面...
afterCompletion...
举例
pre方法中进行判断,判断用户访问携带的参数,如果param=yes,就进行放行
//在目标方法执行前执行
@Override
public boolean preHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler) throws Exception {
//参数request和response,可以处理请求响应的一些资源
System.out.println("preHandle...");
String param = request.getParameter("param");
if ("yes".equals(param)){
return true;//进入处理前前的预处理,return true代表放行,会继续到达处理器。return false代表不放行,会到达不了处理器
}else{
request.getRequestDispatcher("/jsp/error.jsp").forward(request,response);//这里的jsp没被springMvc视图解析器接管,写全名
return false;
}
}
处理器处理后,拦截器对modelAndView对象加上一个属性参数后再放行给视图解析器
//在目标方法执行之后 视图对象返回之前,即还未到视图解析器的时候执行
//可对controller处理后的modelAndView对象再处理
@Override
public void postHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
//post方法参数中除了request和response,还有个modelAndView,可以对controller响应的modelAndView进行再次处理
System.out.println("postHandle...");
modelAndView.addObject("password","passwordHello123~");
}
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>index</title>
</head>
<body>
Hello world~ <br/>
<%
System.out.println("执行到jsp页面...");
%>
${name}<br/>
${password}
</body>
</html>
这时pre->handler->post->视图解析器将jsp转成html,将el表达式的值附上渲染后就有值了
拦截器链
com.kdy.interceptor包下MyInterceptor1
public class MyInterceptor1 implements HandlerInterceptor {
//在目标方法执行前执行
@Override
public boolean preHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler) throws Exception {
//参数request和response,可以处理请求响应的一些资源
System.out.println("preHandle111...");
return true;//进入处理前前的预处理,return true代表放行,会继续到达处理器。return false代表不放行,会到达不了处理器
}
//在目标方法执行之后 视图对象返回之前,即还未到视图解析器的时候执行
@Override
public void postHandle(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
//post方法参数中除了request和response,还有个modelAndView,可以对controller响应的modelAndView进行再次处理
System.out.println("postHandle111...");
}
//在流程都执行完毕后执行
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("afterCompletion111...");
}
}
com.kdy.interceptor包下MyInterceptor2
public class MyInterceptor2 implements HandlerInterceptor {
//在目标方法执行前执行
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//参数request和response,可以处理请求响应的一些资源
System.out.println("preHandle222...");
return true;//进入处理前前的预处理,return true代表放行,会继续到达处理器。return false代表不放行,会到达不了处理器
}
//在目标方法执行之后 视图对象返回之前,即还未到视图解析器的时候执行
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
//post方法参数中除了request和response,还有个modelAndView,可以对controller响应的modelAndView进行再次处理
System.out.println("postHandle222...");
}
//在流程都执行完毕后执行
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
System.out.println("afterCompletion222...");
}
}
spring-mvc.xml中配置拦截器
<!--配置拦截器-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/><!--该拦截器对哪些路径的资源进行拦截操作-->
<bean class="com.kdy.interceptor.MyInterceptor2"/>
</mvc:interceptor>
<mvc:interceptor>
<mvc:mapping path="/**"/><!--该拦截器对哪些路径的资源进行拦截操作-->
<bean class="com.kdy.interceptor.MyInterceptor1"/>
</mvc:interceptor>
</mvc:interceptors>
controller还是上面的TargetController
index.jsp还是上面的index.jsp
拦截器链的执行顺序为spring-mvc中配置的拦截器的上下(前后)顺序
访问http://localhost:8080/SpringInterceptorModule/target
执行的结果为:
preHandle222...
preHandle111...
目标资源执行...
postHandle111...
postHandle222...
执行到jsp页面...
afterCompletion111...
afterCompletion222...
拦截器小Demo--用户登录权限控制
未登录-点击菜单都进行跳回登录页面 登录后才可进行操作
提示:用户登录的信息看放入session中,集群环境登录信息可放入redis中
Demo环境--使用我博客中《Spring+SpringMVC+JdbcTemplate小Demo》项目,连接如下:
Spring+SpringMVC+JdbcTemplate小Demo_阳光明媚UPUP的博客-CSDN博客
com.kdy.interceptor包下创建PrivilegeInterceptor
public class PrivilegeInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HttpSession session = request.getSession();
User user = (User) session.getAttribute("user");
if (user == null) {
response.sendRedirect(request.getContextPath() + "/jsp/login.jsp");
return false;
}
return true;
}
}
spring-mvc.xml中配置拦截器
<!--配置拦截器-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="/user/login"/><!--需要放行的controller资源路径 注:interceptor默认就不拦截静态资源和jsp-->
<bean class="com.kdy.interceptor.PrivilegeInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
com.kdy.dao中的UserDaoImpl加上
注:jdbcTemplate.queryForObject()查不到会报错,所以报错在dao层网上抛给service层
@Override
public User selectByNameAndPwd(String name, String password) throws EmptyResultDataAccessException {
return jdbcTemplate.queryForObject("select * from sys_user where name = ? and password = ?", new BeanPropertyRowMapper<User>(User.class),name,password);
}
com.kdy.service层的UserServiceImpl加上
注:在service层中使用try-catch处理异常
@Override
public User login(String name, String password) {
try {
return userDao.selectByNameAndPwd(name, password);
}catch (EmptyResultDataAccessException e){
e.printStackTrace();
return null;
}
}
com.kdy.controller中UserController中加上
@RequestMapping("/login")
public String login(String name, String password, HttpSession session){
User user = userService.login(name, password);
if (user!=null){
session.setAttribute("user",user);
return "redirect:/jsp/index.jsp";
}else{
return "redirect:/jsp/login.jsp";
}
}
webapp的jsp下加上login.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>login</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/user/login" method="post">
name:<input type="text" name="name"><br/>
password:<input type="text" name="password"><br/>
<input type="submit" value="提交"><input type="reset" value="重置">
</form>
</body>
</html>
index.jsp中加上欢迎你${name}
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>index</title>
</head>
<body>
<h2>欢迎你${user.name}</h2>
<a href="${pageContext.request.contextPath}/jsp/index.jsp">首页</a><br/>
<a href="${pageContext.request.contextPath}/user/userList">用户管理</a><br/>
<a href="${pageContext.request.contextPath}/role/roleList">角色管理</a><br/>
</body>
</html>