在SpringMVC中的拦截器和Servlet过滤器Filter有些相似,可以对处理器进行预处理和后处理。
我们可以自定义自己的拦截器,我们可以继承实现了HandlerInterceptor接口的类。
在HandlerInterceptor中有三个方法:
public interface HandlerInterceptor {
default boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
return true;
}
default void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
}
default void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
}
}
首先,preHandle()方法会在业务处理器处理请求之前被调用,返回值是boolean类型。当返回值为false时,表示请求结束,后续的HandlerInterceptor以及Controller的方法都不会执行;当返回值为true时,preHandle()放行,会一次执行后续的HandlerInterceptor以及Controller的方法;
其次,postHandle()方法会在请求方法执行之后被调用,也就是Controller方法执行之后被调用。postHandle()会在DispatcherServlet 进行视图返回渲染之前被调用;
然后,afterCompletion()方法在整个请求结束后才执行,用于资源的清理。
在springmvc.xml文件中配置拦截器:
<!--拦截器配置-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/><!--要拦截的路径-->
<mvc:exclude-mapping path="/admin/**"/><!--放行的路径,表示不拦截 表示放行admin下所有的请求-->
<bean class="com.yhx.config.MyInterceptor"/><!--注册拦截器的bean-->
</mvc:interceptor>
</mvc:interceptors>
写一个TestController测试:
package com.yhx.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class TestController {
@GetMapping("/t1")
public String test() {
System.out.println("TestController==>test()执行了");
return "OK";
}
}
我们可以用拦截器帮助我们实现一个用户登录的功能,如果不使用拦截器直接写登录的话,就可以不填密码就可以进行登录了。通过直接在url上输入对应请求就可以跳过登录,这样就与我们的设计不符合了,设置登录就是为了身份验证,这样就没有达到我们的需求。
新建一个maven项目,命名为Login:
pom.xml:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>SpringMVC</artifactId>
<groupId>com.yhx</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>Login</artifactId>
<!--依赖-->
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.1.9.RELEASE</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
</dependencies>
<build>
<resources>
<resource>
<directory>src/main/java</directory>
<includes>
<include>**/*.properties</include>
<include>**/*.xml</include>
</includes>
<filtering>false</filtering>
</resource>
<resource>
<directory>src/main/resources</directory>
<includes>
<include>**/*.properties</include>
<include>**/*.xml</include>
</includes>
<filtering>false</filtering>
</resource>
</resources>
</build>
</project>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<filter>
<filter-name>encoding</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>utf-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
applicationContext.xml:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
https://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc
https://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!-- 自动扫描指定的包,下面所有注解类交给IOC容器管理 -->
<context:component-scan base-package="com.yhx.controller"/>
<!--静态资源过滤-->
<mvc:default-servlet-handler/>
<!--JSON乱码问题配置-->
<mvc:annotation-driven>
<mvc:message-converters register-defaults="true">
<bean class="org.springframework.http.converter.StringHttpMessageConverter">
<constructor-arg value="UTF-8"/>
</bean>
<bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="objectMapper">
<bean class="org.springframework.http.converter.json.Jackson2ObjectMapperFactoryBean">
<property name="failOnEmptyBeans" value="false"/>
</bean>
</property>
</bean>
</mvc:message-converters>
</mvc:annotation-driven>
<!-- 视图解析器 -->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"
id="internalResourceViewResolver">
<!-- 前缀 -->
<property name="prefix" value="/WEB-INF/jsp/" />
<!-- 后缀 -->
<property name="suffix" value=".jsp" />
</bean>
<!--拦截器配置-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="goLogin"/>
<mvc:exclude-mapping path="login"/>
<bean class="com.yhx.interceptor.LoginInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
编写一个登录页:
login.jsp:
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<script>
function s() {
var username = document.getElementById("username");
var password = document.getElementById("password");
if (username.value==='') {
alert("用户名不能为空");
return false;
} else if (password.value==='') {
alert("密码不能为空");
return false;
} else return true;
}
</script>
<body>
<span style="color: red;">${msg}</span>
<form action="${pageContext.request.contextPath}/login" method="post" onsubmit="return s()">
用户名:<input type="text" name="username" id="username" /><br/>
密码:<input type="password" name="password" id="password" /><br/>
<input type="submit" value="提交">
</form>
</body>
</html>
编写一个首页main.jsp:
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
${msg}
<a href="${pageContext.request.contextPath}/goOut">注销</a>
</body>
</html>
写一个登录的控制器LoginController.java:
package com.yhx.controller;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import javax.servlet.http.HttpSession;
@Controller
public class LoginController {
@RequestMapping("/main")
public String main() {
return "main";
}
@RequestMapping("/goLogin")
public String login() {
return "login";
}
@RequestMapping("/login")
public String login(HttpSession session, String username, String password , Model model) {
if (username.equals("admin")&&password.equals("123456")) {
session.setAttribute("user",username);
session.setAttribute("username",username);
session.setAttribute("password",password);
model.addAttribute("msg","登录成功");
return "main";
} else {
model.addAttribute("msg","登录失败");
return "login";
}
}
@RequestMapping("/goOut")
public String goOUt(HttpSession session) {
session.invalidate();
return "login";
}
}
拦截器LoginInterceptor.java:
package com.yhx.interceptor;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class LoginInterceptor implements HandlerInterceptor {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HttpSession session = request.getSession();
if (request.getRequestURI().contains("goLogin")) {
return true;
}
if (request.getRequestURI().contains("login")) {
return true;
}
if (session.getAttribute("user")!=null) {
return true;
} else {
request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request,response);
return false;
}
}
}
服务器的欢迎首页index.jsp直接到goLogin请求:
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>$Title$</title>
</head>
<body>
<jsp:forward page="/goLogin"></jsp:forward>
</body>
</html>
项目的目录结构如下:
直接输入main并不会跳转: