1、在spring配置文件中配置对应的拦截器,下面是我的拦截器配置
- <!-- 拦截器配置 -->
- <mvc:interceptors>
- <!-- session超时 -->
- <mvc:interceptor>
- <mvc:mapping path="/*/*" />
- <bean class="tm.change.www.interceptor.SessionTimeoutInterceptor">
- <property name="allowUrls">
- <list>
- <!-- 如果请求中包含以下路径,则不进行拦截 -->
- <value>/login</value>
- <value>/js</value>
- <value>/css</value>
- <value>/image</value>
- <value>/images</value>
- </list>
- </property>
- </bean>
- </mvc:interceptor>
- </mvc:interceptors>
- /**
- * session拦截器
- *
- * @author tianyong
- *
- */
- public class SessionTimeoutInterceptor implements HandlerInterceptor {
- public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
- public void setAllowUrls(String[] allowUrls) {
- this.allowUrls = allowUrls;
- }
- @Override
- public void afterCompletion(HttpServletRequest arg0,
- HttpServletResponse arg1, Object arg2, Exception arg3)
- throws Exception {
- // TODO Auto-generated method stub
- }
- @Override
- public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
- Object arg2, ModelAndView arg3) throws Exception {
- // TODO Auto-generated method stub
- }
- @Override
- public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception {
- String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
- // System.out.println(requestUrl);
- if (null != allowUrls && allowUrls.length >= 1)
- for (String url : allowUrls) {
- if (requestUrl.contains(url)) {
- return true;
- }
- }
- User user = (User) request.getSession().getAttribute("user");
- if (user != null) {
- return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
- } else {
- // 未登录 跳转到登录页面
- throw new SessionTimeoutException();// 返回到配置文件中定义的路径
- }
- }
- }
- <!-- 自定义异常处理,SimpleMappingExceptionResolver这个类可以是个空类,但是要写,方便在java代码里面使用 -->
- <bean id="exceptionResolver"
- class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
- <property name="exceptionMappings">
- <props>
- <prop key="tm.change.www.interceptor.SessionTimeoutException">redirect:../index.jsp</prop>
- </props>
- </property>
- </bean>
而SessionTimeoutException只有一个类的壳子就行,继承exception,主要作用是出错之后跳转到index页面
4、此方法在iframe中登录页面将会在子窗口中打开,这是一个问题,还没有解决
5、另一种方法如下
- /**
- * spring拦截器
- * @author tianyong
- *
- */
- public class SecurityInterceptor implements HandlerInterceptor{
- public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
- public void setAllowUrls(String[] allowUrls) {
- this.allowUrls = allowUrls;
- }
- @Override
- public void afterCompletion(HttpServletRequest arg0,
- HttpServletResponse arg1, Object arg2, Exception arg3)
- throws Exception {
- // TODO Auto-generated method stub
- }
- @Override
- public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
- Object arg2, ModelAndView arg3) throws Exception {
- // TODO Auto-generated method stub
- }
- @Override
- public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception {
- String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
- response.setContentType("text/html; charset=utf-8");
- HttpSession session = request.getSession(true);
- // System.out.println(requestUrl);
- if (null != allowUrls && allowUrls.length >= 1)
- for (String url : allowUrls) {
- if (requestUrl.contains(url)) {
- return true;
- }
- }
- Object obj = session.getAttribute(SystemConstants.SEESION_IUSER);
- if (obj == null || "".equals(obj.toString())) {
- // throw new SessionTimeoutException();// 返回到配置文件中定义的路径
- // response.sendRedirect(SystemConstants.LOGIN_URL);
- PrintWriter out = response.getWriter();
- StringBuilder builder = new StringBuilder();
- builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");
- builder.append("alert(\"页面过期,请重新登录\");");
- builder.append("window.top.location.href=\""+SystemConstants.LOGIN_URL+"\"");
- builder.append("</script>");
- out.print(builder.toString());
- out.close();
- }
- return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
- }
转自:http://blog.csdn.net/top_y/article/details/50817399