1:web.xml 配置 读取springmvc配置文件和mybatis配置文件
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-mybatis.xml</param-value>
</context-param>
<!-- Spring MVC servlet -->
<servlet>
<servlet-name>SpringMVC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-mvc.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>SpringMVC</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
2:编码过滤器
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<async-supported>true</async-supported>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
3:监听器以及自己配置监听器
<listener>
<listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
4:过滤器
<filter>
<filter-name>hiddenHttpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>hiddenHttpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>httpPutFormcontentFilter</filter-name>
<filter-class>org.springframework.web.filter.HttpPutFormContentFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>httpPutFormcontentFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
5:用户权限拦截
<filter>
<filter-name>securityFilter</filter-name>
<filter-class>com.core.hs.filter.UserFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>*.htm</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>securityFilter</filter-name>
<url-pattern>*.html</url-pattern>
</filter-mapping>
UserFilter:
实现过滤器
UserFilter implements Filter{};
权限校验:
public class UserFilter implements Filter{
private final Logger logger = LoggerFactory.getLogger(UserFilter.class);
private IRoleService roleService;
public void init(FilterConfig filterConfig) throws ServletException {
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httprequest = (HttpServletRequest) request;
String userId = httprequest.getRemoteUser();
String urlPath = httprequest.getServletPath();
if(!StringUtils.isBlank(userId)){
ServletContext servletContext = httprequest.getSession().getServletContext();
ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(servletContext);
roleService = (IRoleService) ctx.getBean(IRoleService.class);
//判断用户是否维护
RoleInfo userAuth = roleService.getRoleInfoByCardId(userId);
if(null == userAuth){
logger.info("用户>"+userId+"操作了:"+urlPath);
request.getRequestDispatcher("/views/v2/noPower.htm").forward(request, response);
return;
}
}
chain.doFilter(request, response);
}
public void destroy() {
}
}
springmvc.xml <mvc:annotation-driven />
<mvc:default-servlet-handler/>
<!-- 自动扫描该包,使SpringMVC认为包下用了@controller注解的类是控制器 -->
<context:component-scan base-package="com.suning.core.hs" >
<context:include-filter type="annotation" expression="org.springframework.stereotype.Controller"/>
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Service" />
</context:component-scan>
<!-- 添加controller层输入输出参数打印的功能 -->
<aop:aspectj-autoproxy></aop:aspectj-autoproxy><!--AOP切面,将所有被Aspectj标注的类生成所有代理对象-->
<tx:annotation-driven transaction-manager="transactionManager" proxy-target-class="true" />
<!--避免IE执行AJAX时,返回JSON出现下载文件 -->
<bean id="mappingJacksonHttpMessageConverter"
class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter">
<property name="supportedMediaTypes">
<list>
<value>text/html;charset=UTF-8</value>
</list>
</property>
</bean>
<!-- 启动SpringMVC的注解功能,完成请求和注解POJO的映射 -->
<bean
class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
<property name="messageConverters">
<list>
<ref bean="mappingJacksonHttpMessageConverter" /> <!-- JSON转换器 -->
</list>
</property>
</bean>
<!-- 定义跳转的文件的前后缀 ,视图模式配置 -->
<!-- 这里的配置我的理解是自动给后面action的方法return的字符串加上前缀和后缀,变成一个 可用的url地址 -->
<!--
-->
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/" />
<property name="suffix" value=".jsp" />
</bean>
<!-- 配置文件上传,如果没有使用文件上传可以不用配置,当然如果不配,那么配置文件中也不必引入上传组件包 -->
<bean id="multipartResolver"
class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<!-- 默认编码 -->
<property name="defaultEncoding" value="utf-8" />
<!-- 文件大小最大值 -->
<property name="maxUploadSize" value="10485760000" />
<!-- 内存中的最大值 -->
<property name="maxInMemorySize" value="40960" />
</bean>
日志拦截:mvc已经配置
@Aspect
@Component
public class UrlParamInterceptor {
private static final Logger LOGGER = LoggerFactory
.getLogger(UrlParamInterceptor.class);
@Pointcut(value = "execution(* com.suning.core.hs.rest.*.*(..))")
public void pointCut() {
}
@Around("pointCut()")
public JSONObject around(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder
.getRequestAttributes()).getRequest();
String path = request.getServletPath();
String method = request.getMethod();
Map<String,String[]> param = request.getParameterMap();
String vTmp = "";
for(Map.Entry<String, String[]> entry:param.entrySet()){
String key = entry.getKey();
String[] values = entry.getValue();
for (String s:values) {
vTmp+=key+":"+s+",";
}
}
if (vTmp.length()>1) {
vTmp = vTmp.substring(0, vTmp.length()-1) ;
}
LOGGER.info("请求路径:{},请求方法:{},参数:{}", path, method,vTmp);
return (JSONObject) pjp.proceed();
}
}
12万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
