生活随笔
收集整理的這篇文章主要介紹了
SpringMVC拦截器2(资源和权限管理)(作为补充说明)
小編覺得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.
SpringMVC攔截器(資源和權(quán)限管理)
1.DispatcherServlet
?? ?SpringMVC具有統(tǒng)一的入口DispatcherServlet,所有的請(qǐng)求都通過DispatcherServlet。
?? ?DispatcherServlet是前置控制器,配置在web.xml文件中的。攔截匹配的請(qǐng)求,Servlet攔截匹配規(guī)則要自已定義,把攔截下來的請(qǐng)求,依據(jù)某某規(guī)則分發(fā)到目標(biāo)Controller來處理。? 所以我們現(xiàn)在web.xml中加入以下配置:
[html]?view plaincopy print?
<!--?初始化?DispatcherServlet時(shí),該框架在?web應(yīng)用程序WEB-INF目錄中尋找一個(gè)名為[servlet-名稱]-servlet.xml的文件,???????????并在那里定義相關(guān)的Beans,重寫在全局中定義的任何Beans?-->?????<servlet>???????<servlet-name>springMybatis</servlet-name>???????<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>???????<load-on-startup>1</load-on-startup>?????</servlet>?????<servlet-mapping>???????<servlet-name>springMybatis</servlet-name>????????????<url-pattern>/</url-pattern>?????</servlet-mapping>?? ?
2.靜態(tài)資源不攔截
?????? 如果只配置攔截類似于*.do格式的url,則對(duì)靜態(tài)資源的訪問是沒有問題的,但是如果配置攔截了所有的請(qǐng)求(如我們上面配置的“/”),就會(huì)造成js文件、css文件、圖片文件等靜態(tài)資源無法訪問。
????? 一般實(shí)現(xiàn)攔截器主要是為了權(quán)限管理,主要是攔截一些url請(qǐng)求,所以不對(duì)靜態(tài)資源進(jìn)行攔截。要過濾掉靜態(tài)資源一般有兩種方式,
??????第一種是采用<mvc:default-servlet-handler />,(一般Web應(yīng)用服務(wù)器默認(rèn)的Servlet名稱是"default",所以這里我們激活Tomcat的defaultServlet來處理靜態(tài)文件,在web.xml里配置如下代碼即可:)
[html]?view plaincopy print?
<servlet-mapping>??????<servlet-name>default</servlet-name>??????<url-pattern>/js/*</url-pattern>??????<url-pattern>/css/*</url-pattern>??????<url-pattern>/images/*</url-pattern>??????<url-pattern>/fonts/*</url-pattern>??</servlet-mapping>??
?? ???? Tomcat, Jetty, JBoss, and GlassFish? 默認(rèn) Servlet的名字 -- "default"
?? ??? ?Resin 默認(rèn) Servlet的名字 -- "resin-file"
?? ??? ?WebLogic 默認(rèn) Servlet的名字? -- "FileServlet"
?? ??? ?WebSphere? 默認(rèn) Servlet的名字 -- "SimpleFileServlet"
?? ??? ?
?? ??? 如果你所有的Web應(yīng)用服務(wù)器的默認(rèn)Servlet名稱不是"default",則需要通過default-servlet-name屬性顯示指定:
[html]?view plaincopy print?
<mvc:default-servlet-handler?default-servlet-name="所使用的Web服務(wù)器默認(rèn)使用的Servlet名稱"?/>??
?? ?? 第二種是采用<mvc:resources />,在springmvc的配置文件中加入以下代碼:
[html]?view plaincopy print?
<mvc:resources?mapping="/js/**"?location="/static_resources/javascript/"/>????<mvc:resources?mapping="/styles/**"?location="/static_resources/css/"/>????<mvc:resources?mapping="/images/**"?location="/static_resources/images/"/>?? ?
3.自定義攔截器
?? ?SpringMVC的攔截器HandlerInterceptorAdapter對(duì)應(yīng)提供了三個(gè)preHandle,postHandle,afterCompletion方法。preHandle在業(yè)務(wù)處理器處理請(qǐng)求之前被調(diào)用,
?? ?postHandle在業(yè)務(wù)處理器處理請(qǐng)求執(zhí)行完成后,生成視圖之前執(zhí)行,afterCompletion在DispatcherServlet完全處理完請(qǐng)求后被調(diào)用,可用于清理資源等 。所以要想實(shí)現(xiàn)自己的權(quán)限管理邏輯,需要繼承HandlerInterceptorAdapter并重寫其三個(gè)方法。
?? ?首先在springmvc.xml中加入自己定義的攔截器我的實(shí)現(xiàn)邏輯CommonInterceptor,
[html]?view plaincopy print?
<mvc:interceptors>????????<mvc:interceptor>????????????????????<mvc:mapping?path="/"?/>??????????<mvc:mapping?path="/user/**"?/>??????????<mvc:mapping?path="/test/**"?/>??????????<bean?class="com.alibaba.interceptor.CommonInterceptor"></bean>????????</mvc:interceptor>??????</mvc:interceptors>??
?? ?我的攔截邏輯是“在未登錄前,任何訪問url都跳轉(zhuǎn)到login頁面;登錄成功后跳轉(zhuǎn)至先前的url”,具體代碼如下:
[java]?view plaincopy print?
package?com.alibaba.interceptor;????import?javax.servlet.http.HttpServletRequest;??import?javax.servlet.http.HttpServletResponse;????import?org.slf4j.Logger;??import?org.slf4j.LoggerFactory;??import?org.springframework.web.servlet.ModelAndView;??import?org.springframework.web.servlet.handler.HandlerInterceptorAdapter;????import?com.alibaba.util.RequestUtil;??????public?class?CommonInterceptor?extends?HandlerInterceptorAdapter{??????private?final?Logger?log?=?LoggerFactory.getLogger(CommonInterceptor.class);??????public?static?final?String?LAST_PAGE?=?"com.alibaba.lastPage";??????????????@Override????????public?boolean?preHandle(HttpServletRequest?request,????????????????HttpServletResponse?response,?Object?handler)?throws?Exception?{????????????if?("GET".equalsIgnoreCase(request.getMethod()))?{??????????????RequestUtil.saveRequest();??????????}??????????log.info("==============執(zhí)行順序:?1、preHandle================");????????????String?requestUri?=?request.getRequestURI();??????????String?contextPath?=?request.getContextPath();??????????String?url?=?requestUri.substring(contextPath.length());??????????????????log.info("requestUri:"+requestUri);????????????log.info("contextPath:"+contextPath);????????????log.info("url:"+url);??????????????????????String?username?=??(String)request.getSession().getAttribute("user");???????????if(username?==?null){??????????????log.info("Interceptor:跳轉(zhuǎn)到login頁面!");??????????????request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request,?response);??????????????return?false;??????????}else??????????????return?true;?????????}????????????????@Override????????public?void?postHandle(HttpServletRequest?request,????????????????HttpServletResponse?response,?Object?handler,????????????????ModelAndView?modelAndView)?throws?Exception?{?????????????log.info("==============執(zhí)行順序:?2、postHandle================");????????????if(modelAndView?!=?null){??????????????modelAndView.addObject("var",?"測(cè)試postHandle");????????????}????????}????????????????@Override????????public?void?afterCompletion(HttpServletRequest?request,????????????????HttpServletResponse?response,?Object?handler,?Exception?ex)????????????????throws?Exception?{????????????log.info("==============執(zhí)行順序:?3、afterCompletion================");????????}??????}???? ?
??? 注:上述代碼里我寫了一個(gè)RequestUtil,主要實(shí)現(xiàn)獲取當(dāng)前Request、Session對(duì)象,保存和加密頁面,取出等功能。
至此,攔截器已經(jīng)實(shí)現(xiàn)了,效果如圖:
我直接訪問/test/hello,會(huì)被攔截
登錄成功后會(huì)跳轉(zhuǎn)至/test/hello對(duì)應(yīng)的頁面
轉(zhuǎn)載于:https://www.cnblogs.com/handsome1013/p/5462493.html
總結(jié)
以上是生活随笔為你收集整理的SpringMVC拦截器2(资源和权限管理)(作为补充说明)的全部?jī)?nèi)容,希望文章能夠幫你解決所遇到的問題。
如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò),歡迎將生活随笔推薦給好友。
