package com.shaokp.hrm.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.shaokp.hrm.entity.User;
public class AuthorizedInterceptor implements HandlerInterceptor{
private static final String[] LOGIN_URI={"/login","/loginCheck","404.html"};
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
boolean flag=false;
String servletPath = request.getServletPath();
for(String path:LOGIN_URI){
if(servletPath.contains(path)){
flag=true;
break;
}
}
if(!flag){
User user = (User)request.getSession().getAttribute("user");
if(user==null){
request.setAttribute("message", "请先登录再访问网站");
request.getRequestDispatcher("/login").forward(request,response);
}
}else{
flag=true;
}
return flag;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
}
}
spring-mvc的配置
<!-- 启用默认配置 -->
<mvc:annotation-driven/>
<mvc:default-servlet-handler/>
<!-- 权限检查拦截器 -->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/*"/>
<bean class="com.shaokp.hrm.interceptor.AuthorizedInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
设置web.xml中的默认拦截器,不拦截静态资源(也可以不写。也可以写自定义的)
在springmvc的Dispatcher中配置(一般Web应用服务器默认的Servlet名称是”default”,所以这里我们激活Tomcat的defaultServlet来处理静态文件,在web.xml里配置如下代码即可:)
<!--该servlet为tomcat,jetty等容器提供,将静态资源映射从/改为/static/目录,如原来访问http://localhost/foo.css,现在http://localhost/static/foo.css -->
<!-- 不拦截静态文件 -->
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/js/*</url-pattern>
<url-pattern>/css/*</url-pattern>
<url-pattern>/images/*</url-pattern>
<url-pattern>/fonts/*</url-pattern>
</servlet-mapping>