1、在springmvc-servlet.xml中配置拦截器,代码如下:
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**/*.do" />
<mvc:exclude-mapping path="/login_toLogin.do"/>
<mvc:exclude-mapping path="/code.do"/>
<mvc:exclude-mapping path="/dealLogin.do"/>
<bean class="com.krk.sxytj.utils.LoginInterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
其中 为要拦截的接口,带exclude-mapping为放行的接口,拦截器捕捉到这些接口予以放行。
2、增加一个拦截器的工具类:
public class LoginInterceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,Object handler) throws Exception {
/* System.out.println("preHandle...");
String requestUri = request.getRequestURI();
String contextPath = request.getContextPath();
String url = requestUri.substring(contextPath.length());
System.out.println("requestUri" + requestUri);
System.out.println("contextPath" + contextPath);
System.out.println("url" + url); */
Cookie[]cookies=request.getCookies();
String userToken = null;
if(cookies==null||cookies.length==0){
response.sendRedirect("../login_toLogin.do");
return false;
}else{
for (Cookie cookie : cookies) {
if(cookie.getName().equals("userToken")){
userToken =MD5Util.JM(cookie.getValue());
}
}
}
if(null == userToken){
response.sendRedirect("../login_toLogin.do");
return false;
}else{
YTJDOCTOR user=(YTJDOCTOR) request.getSession().getAttribute(userToken);
if(user==null){
response.sendRedirect("../login_toLogin.do");
return false;
}
}
return true;
}
}
在登录的接口处增加以下代码:
YTJDOCTOR doctor=ytjdoctorService.login(account, password);
if(doctor==null){
return "usererror";
}else{
request.getSession().setAttribute(doctor.getDoctornumber(), doctor); //单点登录
//把用户对象放入到session中,将会触发LoginListenner中的attributeAdded事件
request.getSession().setAttribute("loginuser", doctor); //用于限制同一账号在多平台同时登录
YTJDOCTOR user=(YTJDOCTOR)request.getSession().getAttribute(doctor.getDoctornumber());
//Date time=new Date();
//SimpleDateFormat sdf=new SimpleDateFormat("yyyyMMddHHmmssSSS");
//String currentTime=sdf.format(time);
String userToken=MD5Util.KL(doctor.getDoctornumber());
//user.setToken(currentTime);
Cookie cookie=new Cookie("userToken", userToken);
cookie.setMaxAge(20*60); //存活期为20分钟
response.addCookie(cookie);
return "docSuccess";
}
web.xml的配置:
<servlet-mapping>
<servlet-name>springMvc</servlet-name>
<url-pattern>.do</url-pattern>
</servlet-mapping>