- 拦截登录以外的所有请求,当登录过才可以访问相应的请求
1.登录的界面和main.jsp
// 登录界面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>登录</title>
</head>
<body>
<form action="/login" method="post" >
账户:<input type="text" name="userName" > <br>
密码:<input type="password" name="userPwd" ><br>
<input type="submit" value="登录">
</form>
${msg}
</body>
</html>
-------------------------------------------------------------------------------------
main.jsp
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
欢迎你${userName} <br>
<a href="loginOut">退出</a>
</body>
</html>
2.用户判断UserAction类
package com.xiao.action;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import javax.servlet.http.HttpSession;
@Controller
public class UserAction {
@RequestMapping("/test01")
public String test01(){
System.out.println("正在执行test01的业务逻辑");
return "index";
}
@RequestMapping("/test02")
public String test02(){
System.out.println("正在执行test02的业务逻辑");
return "index";
}
@RequestMapping("/main")
public String main(){
return "main";
}
// 登录判断
@RequestMapping("/login")
public String login(String userName, String userPwd, Model model, HttpSession session){
if (userName.equals("sss")&&userPwd.equals("123")){
session.setAttribute("userName",userName);
return "redirect:/main";
}else {
model.addAttribute("msg","账号密码错误");
return "loginUI";
}
}
// 退出
@RequestMapping("/loginOut")
public String loginOut(HttpSession session){
session.invalidate(); //session失效
return "loginUI";
}
}
3.做拦截器
package com.xiao.interceptor;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
// 获取不拦截的路径
String path = request.getRequestURI();
if (path.indexOf("login")>0){
return true;
}
Object name = request.getSession().getAttribute("userName");
if (name!=null){
return true;
}else {
request.setAttribute("msg","要先登录哦哦哦!!!");
request.getRequestDispatcher("loginUI.jsp").forward(request,response);
return false;
}
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
4.配置web.xml、spring-mvc.xml、applicationContext.xml文件
// web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<!-- 设置web应用的上下文参数 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<!--使用spring提供的监听器加载上下文的配置文件 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!--no.1 配置spring mvc 的 前端控制器,拦截所有的 请求 -->
<servlet>
<servlet-name>dispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-mvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcherServlet</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
----------------------------------------------------------------------------------
spring-mvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd">
<!--配置springmvc的文件,包含 网站跳转!的逻辑相关的控制和配置 -->
<!--注解扫描 -->
<context:component-scan base-package="com.xiao" />
<mvc:default-servlet-handler/>
<mvc:annotation-driven />
<!--配置视图解析器 -->
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean id="loginInteceptor" class="com.xiao.interceptor.LoginInterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
</beans>
----------------------------------------------------------------------------------------
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.0.xsd">
<!--这里面写 spring的配置文件,主要配置和业务逻辑相关联的-->
<!-- 数据源 , 事务管理控制,等等和业务逻辑相关联的-->
<mvc:default-servlet-handler/>
<mvc:annotation-driven/>
<context:annotation-config/>
<!--扫描注解-->
<context:component-scan base-package="com.xiao"></context:component-scan>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<property name="defaultEncoding" value="utf-8"></property>
<property name="maxUploadSize" value="102400000"></property>
</bean>
</beans>
5.运行效果
没有登录之前,不可以访问除登录以外的请求
账户密码会提示
当输入正确的账户密码进入main.jsp
当点击退出之后,也无法访问除登录之外的请求;因为session清除了缓存