1、自定义拦截器
package com.shengya.web.www.interecptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.shengya.service.bean.User;
import com.shengya.web.www.vo.response.UserResponseVo;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class SecurityInterceptor implements HandlerInterceptor {
public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
public void setAllowUrls(String[] allowUrls) {
this.allowUrls = allowUrls;
}
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
//zxiao 测试
String requestURI = request.getRequestURI();
String contextPath = request.getContextPath();
String serverName = request.getServerName();
int serverPort = request.getServerPort();
String scheme = request.getScheme();
String queryString = request.getQueryString();
String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
System.out.println("请求路径:" + requestUrl);
if (null != allowUrls && allowUrls.length >= 1) {
for (String url : allowUrls) {
if (requestUrl.contains(url)) {
return true;
}
}
}
HttpSession session = request.getSession(true);
UserResponseVo user = (UserResponseVo) session.getAttribute("user");
if (user != null) {
return true;
//return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
} else {
throw new SessionTimeoutException();// 返回到配置文件中定义的路径
}
}
}
2、配置拦截器
<mvc:interceptors>
<mvc:interceptor>
<!-- 需拦截的地址 -->
<mvc:mapping path="/*/*"/>
<bean class="com.shengya.web.www.interecptor.SecurityInterceptor">
<property name="allowUrls">
<list>
<!-- 如果请求中包含以下路径,则不进行拦截 -->
<value>/user/login</value>
<value>/user/preLogin</value>
<value>/user/registration</value>
<value>/user/forthwithRegister</value>
<value>/user/userAgreement</value>
<value>/Activity/detail</value>
<value>/Content/detail</value>
<value>/Enterprise/detail</value>
<value>/Resume/detail</value>
<value>/Thought/detail</value>
<value>/About/aboutOur</value>
<value>/Position/detail</value>
<value>/HR/sendVerifyCode</value>
<value>/checkCode/getCode</value>
<value>/user/checkingPhone</value>
<value>/user/verifyPhoneIsUser</value>
<value>/user/preCreatePwd</value>
<value>/user/forgetPwd</value>
<value>/optimization/add</value>
<value>/ambassador/add</value>
<value>/incubatorPlan/add</value>
<value>/Position/detail</value>
<value>/download</value>
<value>/js</value>
<value>/css</value>
<value>/images</value>
<value>/about</value>
</list>
</property>
</bean>
</mvc:interceptor>
</mvc:interceptors>
3、常用api介绍
//zxiao 测试
//请求地址:http://localhost:8111/Resume/resumeManager
String requestURI = request.getRequestURI();// Resume/resumeManager
//得到项目的名字,如果是根目录则得到一个""
String contextPath = request.getContextPath();// ""
//得到主机名,本机测试得到localhost
String serverName = request.getServerName();// localhost
//获取端口号
int serverPort = request.getServerPort(); // 8111
//获取协议名称
String scheme = request.getScheme(); // http
//是获取查询字符串 http://localhost/test.do?a=b&c=d&e=f
//通过request.getQueryString()得到的是
//a=b&c=d&e=f
String queryString = request.getQueryString();
//创建一个新的session
HttpSession session = request.getSession(true);
getSession(boolean create)意思是返回当前reqeust中的HttpSession ,如果当前reqeust中的HttpSession 为null,当create为true,就创建一个新的Session,否则返回null;
简而言之:
HttpServletRequest.getSession(ture)等同于 HttpServletRequest.getSession()
HttpServletRequest.getSession(false)等同于 如果当前Session没有就为null;
package com.shengya.web.www.interecptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.shengya.service.bean.User;
import com.shengya.web.www.vo.response.UserResponseVo;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class SecurityInterceptor implements HandlerInterceptor {
public String[] allowUrls;// 还没发现可以直接配置不拦截的资源,所以在代码里面来排除
public void setAllowUrls(String[] allowUrls) {
this.allowUrls = allowUrls;
}
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
// TODO Auto-generated method stub
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
//zxiao 测试
String requestURI = request.getRequestURI();
String contextPath = request.getContextPath();
String serverName = request.getServerName();
int serverPort = request.getServerPort();
String scheme = request.getScheme();
String queryString = request.getQueryString();
String requestUrl = request.getRequestURI().replace(request.getContextPath(), "");
System.out.println("请求路径:" + requestUrl);
if (null != allowUrls && allowUrls.length >= 1) {
for (String url : allowUrls) {
if (requestUrl.contains(url)) {
return true;
}
}
}
HttpSession session = request.getSession(true);
UserResponseVo user = (UserResponseVo) session.getAttribute("user");
if (user != null) {
return true;
//return true; // 返回true,则这个方面调用后会接着调用postHandle(), afterCompletion()
} else {
throw new SessionTimeoutException();// 返回到配置文件中定义的路径
}
}
}
2、配置拦截器
<mvc:interceptors>
<mvc:interceptor>
<!-- 需拦截的地址 -->
<mvc:mapping path="/*/*"/>
<bean class="com.shengya.web.www.interecptor.SecurityInterceptor">
<property name="allowUrls">
<list>
<!-- 如果请求中包含以下路径,则不进行拦截 -->
<value>/user/login</value>
<value>/user/preLogin</value>
<value>/user/registration</value>
<value>/user/forthwithRegister</value>
<value>/user/userAgreement</value>
<value>/Activity/detail</value>
<value>/Content/detail</value>
<value>/Enterprise/detail</value>
<value>/Resume/detail</value>
<value>/Thought/detail</value>
<value>/About/aboutOur</value>
<value>/Position/detail</value>
<value>/HR/sendVerifyCode</value>
<value>/checkCode/getCode</value>
<value>/user/checkingPhone</value>
<value>/user/verifyPhoneIsUser</value>
<value>/user/preCreatePwd</value>
<value>/user/forgetPwd</value>
<value>/optimization/add</value>
<value>/ambassador/add</value>
<value>/incubatorPlan/add</value>
<value>/Position/detail</value>
<value>/download</value>
<value>/js</value>
<value>/css</value>
<value>/images</value>
<value>/about</value>
</list>
</property>
</bean>
</mvc:interceptor>
</mvc:interceptors>
3、常用api介绍
//zxiao 测试
//请求地址:http://localhost:8111/Resume/resumeManager
String requestURI = request.getRequestURI();// Resume/resumeManager
//得到项目的名字,如果是根目录则得到一个""
String contextPath = request.getContextPath();// ""
//得到主机名,本机测试得到localhost
String serverName = request.getServerName();// localhost
//获取端口号
int serverPort = request.getServerPort(); // 8111
//获取协议名称
String scheme = request.getScheme(); // http
//是获取查询字符串 http://localhost/test.do?a=b&c=d&e=f
//通过request.getQueryString()得到的是
//a=b&c=d&e=f
String queryString = request.getQueryString();
//创建一个新的session
HttpSession session = request.getSession(true);
getSession(boolean create)意思是返回当前reqeust中的HttpSession ,如果当前reqeust中的HttpSession 为null,当create为true,就创建一个新的Session,否则返回null;
简而言之:
HttpServletRequest.getSession(ture)等同于 HttpServletRequest.getSession()
HttpServletRequest.getSession(false)等同于 如果当前Session没有就为null;
218
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
