拦截器概述
拦截器是springMVC中特有的,与过滤器不同的是,过滤器是servlet中的一部分,任何框架都可以使用。拦截器只能够对controller中的请求进行拦截,拦截器也是aop思想的一种体现。如果我们想要定义一个拦截器,就必须要实现HandlerInterceptor接口,重写preHandle方法。
下面通过案例来解释
案例解释:首页有登录和进入主页两个功能,如果没有登录不能够直接进入到主页中,需要登录之后才能够进入。如果登录之后,再次点击首页无序登录,可直接进入。
springmvc的配置文件
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/mvc
https://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/context
https://www.springframework.org/schema/context/spring-context.xsd">
<!-- 自动扫描包-->
<context:component-scan base-package="com.duhaoyu.controller"/>
<!-- 静态资源过滤-->
<mvc:default-servlet-handler/>
<mvc:annotation-driven/>
<!-- json乱码解决-->
<mvc:annotation-driven>
<mvc:message-converters register-defaults="true">
<bean class="org.springframework.http.converter.StringHttpMessageConverter">
<constructor-arg value="UTF-8"/>
</bean>
<bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="objectMapper">
<bean class="org.springframework.http.converter.json.Jackson2ObjectMapperFactoryBean">
<property name="failOnEmptyBeans" value="false"/>
</bean>
</property>
</bean>
</mvc:message-converters>
</mvc:annotation-driven>
<!-- 视图解析器-->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" id="internalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/"/>
<property name="suffix" value=".jsp"/>
</bean>
<!--配置拦截器-->
<mvc:interceptors>
<mvc:interceptor>
<!-- 表示拦截user请求下的所有请求-->
<mvc:mapping path="/user/**"/>
<bean class="com.duhaoyu.config.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
web.xml的配置文件
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
index.jsp页面代码
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<a href="${pageContext.request.contextPath}/user/main">首页</a>
<a href="${pageContext.request.contextPath}/user/goLogin">登录页</a>
</body>
</html>
controller层代码
package com.duhaoyu.controller;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import javax.servlet.http.HttpSession;
/**
* @author duhaoyu
* @date 2020/12/1 12:55
*/
@Controller
@RequestMapping("/user")
public class TestController {
@GetMapping("/t1")
public String test() {
System.out.println("TestController的test执行了");
return "OK";
}
@RequestMapping("/login")
public String login(HttpSession session, String username, String password, Model model) {
session.setAttribute("username", username);
model.addAttribute("username", username);
model.addAttribute("password", password);
return "main";
}
@RequestMapping("/main")
public String main() {
return "main";
}
@RequestMapping("/goLogin")
public String geLogin() {
return "login";
}
@RequestMapping("/loginOut")
public String loginOut(HttpSession session) {
session.removeAttribute("username");
return "login";
}
}
login.jsp页面代码
<%--
Created by IntelliJ IDEA.
User: Administrator
Date: 2020/12/2
Time: 17:31
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<form action="${pageContext.request.contextPath}/user/login" method="post">
<input name="username" type="text" /><br>
<input type="password" name="password" /><br>
<input type="submit" value="登录">
</form>
</body>
</html>
main.jsp页面代码
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
${username}<br>
${password}
<h1>首页</h1>
<a href="${pageContext.request.contextPath}/user/loginOut">注销</a>
</body>
</html>
拦截器LoginInterceptor
如果我们想要使用拦截器必须要实现HandlerInterceptor,重写preHandle方法,在applicationContext.xml中配置拦截器,见上。如果有请求被applicationContext.xml中的拦截器识别到,就会进入到该方法中,该方法返回true则代表可以通过,如果返回false表示禁止通过,会卡死在该拦截器处。
package com.duhaoyu.config;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author duhaoyu
* @date 2020/12/2 17:29
*/
public class LoginInterceptor implements HandlerInterceptor {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (request.getSession().getAttribute("username") != null) {
return true;
}
if(request.getRequestURI().contains("login"))
return true;
if(request.getRequestURI().contains("goLogin"))
return true;
response.sendRedirect("goLogin");
return false;
}
}
结果展示
index.jsp页面
如果没有登录,点击首页会进入到登录页面
登录成功后会跳转到首页,这里的用户名和密码是虚拟的可以随意输入。
如果我们登录了,下次再进入index.jsp点击首页的时候就不用登录可以直接进入该页面,因为session中存储了我们登录的信息。在LoginInterceptor中有判断了session识别身份的代码,可以通过,拦截器。
注销功能即在session中移除该用户的用户名,那么用户的登录信息就不会保存在session中,进入拦截器的时候就不会通过,跳转到登录页面。
点击注销会进入登录页面
再次进入的时候需重新登录
附:maven的pom.xml配置
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.2.8.RELEASE</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.13</version>
</dependency>
</dependencies>
<!-- 如果配置文件没有被加载增加以下配置-->
<build>
<resources>
<resource>
<directory>src/main/resources</directory>
<includes>
<include>**/*.properties</include>
<include>**/*.xml</include>
</includes>
<filtering>true</filtering>
</resource>
<resource>
<directory>src/main/java</directory>
<includes>
<include>**/*.properties</include>
<include>**/*.xml</include>
</includes>
<filtering>true</filtering>
</resource>
</resources>
</build>