springmvc设计拦截器拦截未经过登录访问发生的请求:
用户不经过登录而直接就能访问后台或者登录过期就不能让用户继续访问,那么我们就可以做一个拦截器,
首先我们在spring-mvc.xml文件中先写上配置文件:
<!--登录拦截器--> <mvc:interceptors> <mvc:interceptor> <!-- 拦截所有URL中包含/user/的请求 --> <mvc:mapping path="/**"/> <!-- 首页不进行拦截 --> <mvc:exclude-mapping path="/" /> <!-- 登录注册不进行拦截 --> <mvc:exclude-mapping path="/user/login.do" /> <mvc:exclude-mapping path="/user/toLoginPage.do" /> <bean class="com.zh.intercept.LoginIntercept"></bean> </mvc:interceptor> </mvc:interceptors>
然后写一个类,继承HandlerInterceptor
package com.zh.intercept; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginIntercept implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { Object user = request.getSession().getAttribute("username"); // 判断是否登录如果返回true就会继续下面的controller不然就会返回登录 if (user == null) { response.sendRedirect("/user/toLoginPage.do"); return false; } return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } }