(一)拦截器的概述
Sprig MVC中的拦截器和Struts2中的拦截器的作用一样,它们主要用于拦截用户请求并做出相应的处理。比如通过拦截器可以进行权限认证、记录请求信息的日志、判断用户是否登陆、设置编码等作用。
1.拦截器的定义
要使用拦截器就需要对拦截器进行定义和配置,通常拦截器类可以通过以下两种方式来定义
- 通过实现HandlerINterceptor接口或继承HandlerInterceptor的实现类(比如:HandlerInterceptorAdapter)
- 通过实现WebRequestInterceptor接口或继承WebRequestInterceptor的实现类。
2.拦截器的配置
<!-- 配置拦截器 -->
<mvc:interceptors>
<!--使用bean直接定义在<mvc:interceptors>下面的拦截器将拦截所有请求-->
<!-- <bean class="com.wang.HelloInterceptor"/> -->
<!-- 拦截器1 -->
<mvc:interceptor>
<!-- 配置拦截器作用的路径 -->
<mvc:mapping path="/**" />
<!-- 配置不需要拦截的路径 -->
<mvc:exclude-mapping path="" />
<!-- 定义在<mvc:interceptor>下面的表示匹配指定路径的请求才进行拦截的 -->
<bean class="com.wang.HelloInterceptor1" />
</mvc:interceptor>
<!-- 拦截器2 -->
<mvc:interceptor>
<!-- 拦截器以/hello结尾的路径-->
<mvc:mapping path="/hello" />
<bean class="com.wang.HelloInterceptor2" />
</mvc:interceptor>
<mvc:interceptor>
<mvc:mapping path="/**" />
<bean class="com.wang.HelloInterceptor3" />
</mvc:interceptor>
</mvc:interceptors>
01.拦截以@requestMapping(“/hello”)请求方法
<mvc:interceptor>
<!-- 拦截器以/hello结尾的路径-->
<mvc:mapping path="/hello" />
<bean class="com.wang.HelloInterceptor2" />
</mvc:interceptor>
02.拦截所有请求
<mvc:interceptor>
<bean class="com.wang.HelloInterceptor2" />
</mvc:interceptor>
3.配置静态资源文件不拦截
如果只配置拦截类似于*.do格式的url,则对静态资源的访问是没有问题的,但是如果配置拦截了所有的请求(如我们上面配置的“/”),就会造成js文件、css文件、图片文件等静态资源无法访问。一般实现拦截器主要是为了权限管理,主要是拦截一些url请求,所以不对静态资源进行拦截。要过滤掉静态资源一般有两种方式。
第一种方式是采用<mvc:default-servlet-handler />,(一般Web应用服务器默认的Servlet
名称是”default”,所以这里我们激活Tomcat的defaultServlet来处理静态文件,在web.xml里
配置如下代码即可:)
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/js/*</url-pattern>
<url-pattern>/css/*</url-pattern>
<url-pattern>/images/*</url-pattern>
<url-pattern>/fonts/*</url-pattern>
</servlet-mapping>
第二种是采用<mvc:resources />,在springmvc的配置文件中加入以下代码:
<mvc:resources mapping="/js/**" location="/static_resources/javascript/"/>
<mvc:resources mapping="/styles/**" location="/static_resources/css/"/>
<mvc:resources mapping="/images/**" location="/static_resources/images/"/>
4.url中的/和/*的区别
1.<url-pattern>/</url-pattern>
会匹配到/springmvc这样的路径型url,不会匹配到模式为*.jsp这样的后缀型url。
2.<url-pattern>/*</url-pattern>
会匹配所有的url:路径型的和后缀型的url(包括/springmvc,.jsp,.js和*.html等)。
5.拦截器的执行流程
如图所示:
(二)单个拦截器的执行流程
项目结构图:
01.HelloController.java
package com.wang;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class HelloController {
@RequestMapping("/test")
public String Hi() {
System.out.println("---------three:控制类的处理方法执行---------");
return "hello";
}
}
02.HelloInterceptor.java
package com.wang;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class HelloInterceptor implements HandlerInterceptor {
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
System.out.println("---------four:afterCompletion()被执行---------");
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
System.out.println("---------three:postHandle()被执行---------");
}
@Override
public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2) throws Exception {
System.out.println("---------one:preHandle()被执行---------");
return true;
}
}
03.spring-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.3.xsd">
<!-- 定义组件扫描器,指定需要扫描的包 -->
<context:component-scan base-package="com.wang" />
<!-- 定义视图解析器 -->
<bean id="viewResolver" class=
"org.springframework.web.servlet.view.InternalResourceViewResolver">
<!-- 设置前缀 -->
<property name="prefix" value="/WEB-INF/jsp/" />
<!-- 设置后缀 -->
<property name="suffix" value=".jsp" />
</bean>
<mvc:interceptors>
<!--拦截所有请求-->
<bean class="com.wang.HelloInterceptor"/>
</mvc:interceptors>
</beans>
04.web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:web="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd http://xmlns.jcp.org/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.4">
<display-name>Spring MVC Application</display-name>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>HelloWeb1</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>HelloWeb1</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
结果演示
---------one:preHandle()被执行---------
---------three:控制类的处理方法执行---------
---------three:postHandle()被执行---------
---------four:afterCompletion()被执行---------
(三)多个拦截器的拦截顺序
注:.拦截器的执行顺序由配置文件配置拦截器的先后顺序决定。
项目结构
1.定义2个拦截器类
2.在spring-config.xml配置多个拦截器
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<!--拦截所有请求-->
<bean id="Interceptor01" class="com.wang.HelloInterceptor01"/>
</mvc:interceptor>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<!--拦截所有请求-->
<bean id="Interceptor02" class="com.wang.HelloInterceptor02"/>
</mvc:interceptor>
</mvc:interceptors>
3.执行结果
---------HelloInterceptor01:preHandle()被执行---------
---------HelloInterceptor02:preHandle()被执行---------
---------HelloController控制类的处理方法执行---------
---------HelloInterceptor02:postHandle()被执行---------
---------HelloInterceptor01:postHandle()被执行---------
---------HelloInterceptor02:afterCompletion()被执行---------
---------HelloInterceptor01:afterCompletion()被执行---------
(四)实现用户登陆权限验证
项目结构图:
1.User.java
package com.wang;
public class User {
private int id;
private String username;
private String password;
----省略setter和getter方法-------
}
2.UserController.java
package com.wang;
import javax.servlet.http.HttpSession;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
@Controller
public class UserController {
//目的是跳转到Login.jsp页面
@RequestMapping(value="login",method=RequestMethod.GET)
public String toLogin() {
return "login";
}
//处理表单提交的数据
@RequestMapping(value="/login",method=RequestMethod.POST)
public String login(User user,Model model,HttpSession session) {
if(user.getUsername()!=null&&user.getUsername().equals("凯耐")
&&user.getPassword()!=null&&user.getPassword().equals("123"))
{
//保存用户信息
session.setAttribute("user", user);
//跳转到主页面
return "redirect:main";
}
model.addAttribute("msg", "用户名或密码错误!");
return "login";
}
//请求参数为main目的是跳转到main.jsp页面
@RequestMapping(value="main")
public String toMain() {
return "main";
}
@RequestMapping(value="/logout",method=RequestMethod.GET)
public String logout(HttpSession session) {
//清除session中的user信息
session.invalidate();
return "redirect:login";
}
}
3.LoginInterceptor.java
package com.wang;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
public class LoginInterceptor implements HandlerInterceptor{
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception {
//获取请求url
String url=request.getRequestURI();
//URL:除了login.jsp可以公开访问,其他URL都进行拦截
if(url.indexOf("/login")>=0) {
return true;
}
//获得session对象
HttpSession session=request.getSession();
User user=(User)session.getAttribute("user");
if(user!=null) {
return true;
}
request.setAttribute("msg","您还未登陆,请先登陆!");
//跳转页面
request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response);
return false;
}
@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
}
}
4.spring-config.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-4.3.xsd">
<!-- 定义组件扫描器,指定需要扫描的包 -->
<context:component-scan base-package="com.wang" />
<!-- 定义视图解析器 -->
<bean id="viewResolver" class=
"org.springframework.web.servlet.view.InternalResourceViewResolver">
<!-- 设置前缀 -->
<property name="prefix" value="/WEB-INF/jsp/" />
<!-- 设置后缀 -->
<property name="suffix" value=".jsp" />
</bean>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<!--拦截所有请求-->
<bean id="Interceptor" class="com.wang.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
5.WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:web="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" id="WebApp_ID" version="2.4">
<display-name>Spring MVC Application</display-name>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>SprinMVC</servlet-name>
<servlet-class>
org.springframework.web.servlet.DispatcherServlet
</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>SprinMVC</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
6.login.jsp
<body>
${msg}
<form action="${pageContext.request.contextPath }/login" method="post">
用户名<input type="text" name="username"/><br/><br/>
密 码:<input type="password" name="password"/><br/><br/>
<input type="submit"value="提交" />
</form>
</body>
7.main.jsp
<body>
当前用户:${user.username}-------
<a href="${pageContext.request.contextPath}/logout">退出</a>
</body>
结果: