Springmvc mvc:exclude-mapping不拦截 无效
最近在使用ssm框架搭建一个后台,需要判断每个请求都判断是否登录,未登录跳转到登录页面,
使用发现 mvc:exclude-mapping 不拦截,发现,怎么都无效,依然是进行拦截。查了很多资料,总算解决了。
<mvc:interceptors> <mvc:interceptor> <!-- 需拦截的地址 一级目录 --> <mvc:mapping path="/*.do" /> <mvc:mapping path="/*.ajax" /> <!-- <mvc:mapping path="/*.html" /> --> <!-- 二级目录 --> <mvc:mapping path="/*/*.do" /> <mvc:mapping path="/*/*.ajax" /> <!-- <mvc:mapping path="/*/*.html" /> --> <!-- 需排除拦截的地址 --> <!-- <mvc:exclude-mapping path="/manager/login.do"/> --> <!-- <mvc:exclude-mapping path="/myblog/login.do"/> 这种写法拦截不了--> <mvc:exclude-mapping path="/login.do"/> <mvc:exclude-mapping path="/manager/login.html"/> <bean class="com.sun.common.base.SecurityInterceptor" /> </mvc:interceptor> </mvc:interceptors>
原因是: 如果把项目的路径一起带上是拦截不了的。
<mvc:exclude-mapping path="/myblog/login.do"/> 这种写法拦截不了
要写成这样才行:
<mvc:exclude-mapping path="/login.do"/>
拦截器代码;
package com.sun.common.base; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; /** * 拦截器,拦截未登录用户 * @author Administrator * */ public class SecurityInterceptor implements HandlerInterceptor { private static final String LOGIN_URL = "/manager/login.html"; @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { // TODO Auto-generated method stub } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception { // TODO Auto-generated method stub } @Override public boolean preHandle(HttpServletRequest req, HttpServletResponse resp, Object arg2) throws Exception { // TODO Auto-generated method stub HttpSession session = req.getSession(true); // 从session 里面获取用户名的信息 Object obj = session.getAttribute("loginUser"); System.err.println("-----------------------------------------进入拦截器---------------------------"); // 判断如果没有取到用户信息,就跳转到登陆页面,提示用户进行登陆 if (obj == null || "".equals(obj.toString())) { resp.sendRedirect(LOGIN_URL); return false; } return true; } }