java springmvc权限校验_springmvc拦截器实现用户登录权限验证

实现用户登录权限验证

先看一下我的项目的目录，我是在intellij idea 上开发的

1、先创建一个User类

1 package cn.lzc.po;

2

3 public class User {

4 private Integer id;//id

5 private String username;//用户名

6 private String password;//密码

7

8 public Integer getId() {

9 return id;

10 }

11

12 public void setId(Integer id) {

13 this.id = id;

14 }

15

16 public String getUsername() {

17 return username;

18 }

19

20 public void setUsername(String username) {

21 this.username = username;

22 }

23

24 public String getPassword() {

25 return password;

26 }

27

28 public void setPassword(String password) {

29 this.password = password;

30 }

31 }

2、创建一个UserController类

1 package cn.lzc.controller;

2

3 import cn.lzc.po.User;

4 import org.springframework.stereotype.Controller;

5 import org.springframework.ui.Model;

6 import org.springframework.web.bind.annotation.RequestMapping;

7 import org.springframework.web.bind.annotation.RequestMethod;

8

9 import javax.servlet.http.HttpSession;

10

11 @Controller

12 public class UserController {

13 /**

14 * 向用户登录页面跳转

15 */

16 @RequestMapping(value = "/login",method = RequestMethod.GET)

17 public String toLogin(){

18 return "login";

19 }

20

21 /**

22 * 用户登录

23 * @param user

24 * @param model

25 * @param session

26 * @return

27 */

28 @RequestMapping(value = "/login",method = RequestMethod.POST)

29 public String login(User user, Model model, HttpSession session){

30 //获取用户名和密码

31 String username=user.getUsername();

32 String password=user.getPassword();

33 //些处横板从数据库中获取对用户名和密码后进行判断

34 if(username!=null&&username.equals("admin")&&password!=null&&password.equals("admin")){

35 //将用户对象添加到Session中

36 session.setAttribute("USER_SESSION",user);

37 //重定向到主页面的跳转方法

38 return "redirect:main";

39 }

40 model.addAttribute("msg","用户名或密码错误，请重新登录！");

41 return "login";

42 }

43

44 @RequestMapping(value = "/main")

45 public String toMain(){

46 return "main";

47 }

48

49 @RequestMapping(value = "/logout")

50 public String logout(HttpSession session){

51 //清除session

52 session.invalidate();

53 //重定向到登录页面的跳转方法

54 return "redirect:login";

55 }

56

57 }

3、创建一个LoginInterceptor类

1 package cn.lzc.interceptor;

2

3 import cn.lzc.po.User;

4 import org.springframework.web.servlet.HandlerInterceptor;

5 import org.springframework.web.servlet.ModelAndView;

6

7 import javax.servlet.http.HttpServletRequest;

8 import javax.servlet.http.HttpServletResponse;

9 import javax.servlet.http.HttpSession;

10

11 public class LoginInterceptor implements HandlerInterceptor {

12

13 @Override

14 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {

15 //获取请求的RUi:去除http:localhost:8080这部分剩下的

16 String uri = request.getRequestURI();

17 //UTL:除了login.jsp是可以公开访问的，其他的URL都进行拦截控制

18 if (uri.indexOf("/login") >= 0) {

19 return true;

20 }

21 //获取session

22 HttpSession session = request.getSession();

23 User user = (User) session.getAttribute("USER_SESSION");

24 //判断session中是否有用户数据，如果有，则返回true，继续向下执行

25 if (user != null) {

26 return true;

27 }

28 //不符合条件的给出提示信息，并转发到登录页面

29 request.setAttribute("msg", "您还没有登录，请先登录！");

30 request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);

31 return false;

32 }

33

34 @Override

35 public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

36

37 }

38

39 @Override

40 public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

41

42 }

43 }

4、看一下springmvc-config.xml中配置的拦截器

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:tx="http://www.springframework.org/schema/tx"

xmlns:context="http://www.springframework.org/schema/context"

xmlns:mvc="http://www.springframework.org/schema/mvc"

xsi:schemaLocation="http://www.springframework.org/schema/beans

http://www.springframework.org/schema/beans/spring-beans-3.2.xsd

http://www.springframework.org/schema/tx

http://www.springframework.org/schema/tx/spring-tx-3.2.xsd

http://www.springframework.org/schema/context

http://www.springframework.org/schema/context/spring-context-3.2.xsd

http://www.springframework.org/schema/mvc

http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">

5、看下web.xml的配置

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"

version="4.0">

CharacterEncodingFilter

org.springframework.web.filter.CharacterEncodingFilter

encoding

utf-8

CharacterEncodingFilter

/*

springmvc

org.springframework.web.servlet.DispatcherServlet

contextConfigLocation

classpath:springmvc-config.xml

1

springmvc

/

6、WEB-INF目录下的main.jsp

Created by IntelliJ IDEA.

User: admin

Date: 2018-04-07

Time: 13:02

To change this template use File | Settings | File Templates.

--%>

系统主页

当前用户：${USER_SESSION.username}

退出

7、WEB-INF目录下的login.jsp

Created by IntelliJ IDEA.

User: admin

Date: 2018-04-07

Time: 13:04

To change this template use File | Settings | File Templates.

--%>

用户登录

${msg}

用户名：

密   码:

8、启动tomcat,可以访问了 http://localhost:8080/chater15/interceptor/login