拦截器

 

 在开发是可能会遇到:某些网站只能希望几个特定的用户浏览,对于这种访问权限控制需要使用拦截器。

 

1、拦截器的概述

 spring MVC的拦截器与java Servlet的过滤器类似,主要用于拦截用户的请求做出响应的处理

通常在权限验证、记录请求信息的日志、判断用户手否登陆功能上。

 

1、拦截器的定义

 在spring MVC框架中定义一个拦截器需要对拦截器进行定义和配置,定义一个拦截器可以通过两种方式:

①、通过实现HandlerInterceptor接口或者HandlerInterceptor接口来实现定义

②、实现WebRequestInterceptor接口或者继承WebRequestInterceptor接口实现来定义。

 

 实例:

public class MyInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}

preHandle:在控制器的处理请求方法前执行,其返回值表示是否中断后续操作,返回true表示继续向下执行,返回为false表示终端后续操作。

postHandle:在控制器的处理请求方法调用之后、解析视图执行之前执行,可以通过此方法对请求域中的模型和视图做进一步的修改。

afterCompletion:在控制器的处理请求完成过后执行,即视图渲染结束后,可以通过此方法来实现一些资源的清理,记录日志信息等工作。

 

 2、拦截器的配置

 让自定义的拦截器生效需要在spring mvc的配置文件中进行配置,配置代码如下:

    <!--配置拦截器-->
    <mvc:interceptors>
        
        <!--配置一个全局的拦截器,拦截所有请求 -->
        <bean class="Interceptor.MyInterceptorAll"></bean>

       <mvc:interceptor>
           <mvc:mapping path="/**"/>
           <!--配置不需要拦截的路径-->
           <mvc:exclude-mapping path="/"></mvc:exclude-mapping>
           <!--表示匹配路径下的请求才进行拦截-->
           <bean class="Interceptor.MyInterceptor"></bean>
       </mvc:interceptor>
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <!--配置不需要拦截的路径-->
            <mvc:exclude-mapping path="/"></mvc:exclude-mapping>
            <!--表示匹配路径下的请求才进行拦截-->
            <bean class="Interceptor.MyInterceptor1"></bean>
        </mvc:interceptor>

    </mvc:interceptors>

<mvc:interceptors>元素用于配置一组拦截器,子元素<bean>定义的时全局拦截器,即拦截所有的请求。

<mvc:interceptor>元素定义的是指定路径的拦截器,子元素<mvc:mapping>用于配置拦截器作用的路径,

        该路径在path属性中定义 /** 代表拦截所有的i请求

<mvc:exclude-mapping path="/">:请求中包含不需要拦截的内容,在path属性中指定。

   

 这里需要注意的是:

这里的每个标签的顺序

 

2、拦截请求执行的流程

1、单个拦截器的执行流程

 直接看代码进行演示:

拦截类:

public class MyInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
        System.out.println("preHandle....");
        return true;
    }
    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
        System.out.println("postHandle....");
    }
    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
        System.out.println("afterCompletion.....");
    }
}

 controller类:

@Controller
public class interceptorController {

    @RequestMapping("/gototest")
    public  String  test(){
        System.out.println("test....");
        return "test";
    }
}

 配置文件:

    <!--配置拦截器-->
    <mvc:interceptors>
       <mvc:interceptor>
           <mvc:mapping path="/gototest"/>
           <!--配置不需要拦截的路径-->
           <mvc:exclude-mapping path="/"></mvc:exclude-mapping>
           <!--表示匹配路径下的请求才进行拦截-->
           <bean class="Interceptor.MyInterceptor"></bean>
       </mvc:interceptor>
    </mvc:interceptors>

 前端页面

<body>
    拦截器的测试视图....
</body>

 访问请求之后:

查看后台的打印顺序:

 

 2、多个拦截器的执行流程

 在单个拦截器的基础上新建一个拦截器:

public class MyInterceptor1 implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
        System.out.println("preHandle11....");
        return true;
    }
    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
        System.out.println("postHandle11....");
    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
        System.out.println("afterCompletion11.....");
    }
}

 配置文件:

    <!--配置拦截器-->
    <mvc:interceptors>
        <mvc:interceptor>
            <mvc:mapping path="/gototest"/>
            <!--配置不需要拦截的路径-->
            <mvc:exclude-mapping path="/"></mvc:exclude-mapping>
            <!--表示匹配路径下的请求才进行拦截-->
            <bean class="Interceptor.MyInterceptor"></bean>
        </mvc:interceptor>

        <mvc:interceptor>
            <mvc:mapping path="/gototest"/>
            <!--配置不需要拦截的路径-->
            <mvc:exclude-mapping path="/"></mvc:exclude-mapping>
            <!--表示匹配路径下的请求才进行拦截-->
            <bean class="Interceptor.MyInterceptor1"></bean>
        </mvc:interceptor>

    </mvc:interceptors>

 测试:

 

 后台的顺序:

 

 3、用户登陆的权限验证

 controller类:

@Controller
public class LoginController {
    //登陆页面初始化
    @RequestMapping("/toLogin")
    public  String logiin(){
        return "tologin";
    }
    //处理登陆功能
    @RequestMapping("/login")
    public String login(Users users, Model model, HttpSession session){
        System.out.println(users);

        if (users.getName().equals("admin") && users.getPwd().equals("123")){
            //登陆成功
            session.setAttribute("user",users);
            return "loginsuccess";
        }else {
            model.addAttribute("msg","账号或者密码错误!!!");
            return "tologin";
        }
    }
}

 拦截器的配置:

public class LoginInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
        System.out.println("preHandle11....");
        Object object = httpServletRequest.getSession().getAttribute("user");
        if (object == null){
            httpServletRequest.getRequestDispatcher(httpServletRequest.getContextPath()+ "/toLogin").
                    forward(httpServletRequest,httpServletResponse);
            httpServletRequest.setAttribute("msg","没有权限进行登陆!!!");
            return  false;
        }else {
            return true;
        }
    }
    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
        System.out.println("postHandle11....");
    }
    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
        System.out.println("afterCompletion11.....");
    }
}

 配置文件:

 <!--配置拦截器-->
    <mvc:interceptors>
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <!--配置不需要拦截的路径-->
            <mvc:exclude-mapping path="/toLogin"></mvc:exclude-mapping>
            <mvc:exclude-mapping path="/login"></mvc:exclude-mapping>
            <!--表示匹配路径下的请求才进行拦截-->
            <bean class="Interceptor.LoginInterceptor"></bean>
        </mvc:interceptor>
    </mvc:interceptors>

 前端页面:

 tologin.jsp

<body>
${msg}
<br>
<form action="<%=request.getContextPath()%>/login"  method="post">
    name:<input type="text" name="name" ><br>
    pwd:<input type="text" name="pwd" ><br>
    <input type="submit" value="submit">
</form>
</body>

 loginsuccess.jsp

<body>
welcome:${user.name}
</body>

 测试数据:

 

结果:

 

posted @ 2019-01-17 12:56  MrChengs  阅读(289)  评论(0编辑  收藏  举报