Spring MVC,拦截器实现session控制
2012-10-18 22:30
429 查看
未登录,不允许访问background文件夹内的页面,那如何判断是否登录呢?background是关键目录,每个操作该目录的人都需要写在日志表中,如何实现呢?拦截器是实现方案之一。
(1) 在com.geloin.spring.interceptor包中添加SystemInterceptor,并使其继承HandlerInterceptor
/**
*
* @author geloin
* @date 2012-3-27 下午2:29:35
*/
package com.geloin.spring.interceptor;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Repository;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.embest.ruisystem.form.SystemLoggerForm;
import com.embest.ruisystem.form.SystemUserForm;
import com.embest.ruisystem.service.SystemLoggerService;
import com.embest.ruisystem.util.Constants;
import com.embest.ruisystem.util.DataUtil;
/**
*
* @author geloin
* @date 2012-3-27 下午2:29:35
*/
@Repository
public class SystemInterceptor extends HandlerInterceptorAdapter {
@Resource(name = "systemLoggerService")
private SystemLoggerService systemLoggerService;
/*
* (non-Javadoc)
*
* @see
* org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle
* (javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, java.lang.Object)
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
// 后台session控制
String[] noFilters = new String[] { "login.html", "veriCode.html",
"index.html", "logout.html" };
String uri = request.getRequestURI();
if (uri.indexOf("background") != -1) {
boolean beFilter = true;
for (String s : noFilters) {
if (uri.indexOf(s) != -1) {
beFilter = false;
break;
}
}
if (beFilter) {
Object obj = request.getSession().getAttribute(
Constants.LOGINED);
if (null == obj) {
// 未登录
PrintWriter out = response.getWriter();
StringBuilder builder = new StringBuilder();
builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");
builder.append("alert(\"页面过期,请重新登录\");");
builder.append("window.top.location.href=\"");
builder.append(Constants.basePath);
builder.append("/background/index.html\";</script>");
out.print(builder.toString());
out.close();
return false;
} else {
// 添加日志
String operateContent = Constants.operateContent(uri);
if (null != operateContent) {
String url = uri.substring(uri.indexOf("background"));
String ip = request.getRemoteAddr();
Integer userId = ((SystemUserForm) obj).getId();
SystemLoggerForm form = new SystemLoggerForm();
form.setUserId(userId);
form.setIp(ip);
form.setOperateContent(operateContent);
form.setUrl(url);
this.systemLoggerService.edit(form);
}
}
}
}
Map paramsMap = request.getParameterMap();
for (Iterator<Map.Entry> it = paramsMap.entrySet().iterator(); it
.hasNext();) {
Map.Entry entry = it.next();
Object[] values = (Object[]) entry.getValue();
for (Object obj : values) {
if (!DataUtil.isValueSuccessed(obj)) {
throw new RuntimeException("有非法字符:" + obj);
}
}
}
return super.preHandle(request, response, handler);
}
}
(2) 修改context-dispatcher.xml,让spring管理拦截器
<mvc:interceptors>
<bean class="com.geloin.spring.interceptor.SystemInterceptor" />
</mvc:interceptors>
(1) 导入包,包结构如下图所示:
(2) 配置web.xml,如下所示:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>spring_test</display-name>
<!-- 配置文件位置,默认为/WEB-INF/applicationContext.xml -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<!-- 字符集过滤器 -->
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 上下文Spring监听器 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- servlet控制跳转 -->
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<!-- 配置文件 -->
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:context-dispatcher.xml</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
</web-app>
(3) 配置dispatcher文件src/context-dispatcher.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans default-lazy-init="true"
xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<!-- 使用注解的包,包括子集 -->
<context:component-scan base-package="com.geloin.spring" />
<!-- 通过注解,把URL映射到Controller上,该标签默认注册DefaultAnnotationHandlerMapping和AnnotationMethodHandlerAdapter -->
<mvc:annotation-driven />
<!-- 视图解析器 -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.JstlView" />
<property name="prefix" value="/WEB-INF/pages/" />
<property name="suffix" value=".jsp"></property>
</bean>
</beans>
(4) 配置src/applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
</beans>
(5) 在src下添加包com.geloin.spring(与context-dispatcher.xml一致),其下添加controller子包,在com.geloin.spring.controller下添加一个controller,如下所示:
/**
*
* @author geloin
* @date 2012-5-5 上午9:31:52
*/
package com.geloin.spring.controller;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
/**
*
* @author geloin
* @date 2012-5-5 上午9:31:52
*/
@Controller
@RequestMapping(value = "background")
public class LoginController {
/**
*
*
* @author geloin
* @date 2012-5-5 上午9:33:22
* @return
*/
@RequestMapping(value = "to_login")
public void toLogin(HttpServletResponse response) throws Exception {
response.getWriter().print(" this is to logging 1");
}
}
(6) 启动服务,在浏览器中输入http://localhost:8080/spring_test/background/to_login.html(http://localhost:8080/spring_test为项目路径,background与LoginController上的@RequestMapping值一致,to_login与toLogin方法上的@RequestMapping值一致,.html为web.xml中DispatcherServlet的url-mapping值),显示结果如下图所示:
(1) 在com.geloin.spring.interceptor包中添加SystemInterceptor,并使其继承HandlerInterceptor
/**
*
* @author geloin
* @date 2012-3-27 下午2:29:35
*/
package com.geloin.spring.interceptor;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Repository;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.embest.ruisystem.form.SystemLoggerForm;
import com.embest.ruisystem.form.SystemUserForm;
import com.embest.ruisystem.service.SystemLoggerService;
import com.embest.ruisystem.util.Constants;
import com.embest.ruisystem.util.DataUtil;
/**
*
* @author geloin
* @date 2012-3-27 下午2:29:35
*/
@Repository
public class SystemInterceptor extends HandlerInterceptorAdapter {
@Resource(name = "systemLoggerService")
private SystemLoggerService systemLoggerService;
/*
* (non-Javadoc)
*
* @see
* org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle
* (javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, java.lang.Object)
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
// 后台session控制
String[] noFilters = new String[] { "login.html", "veriCode.html",
"index.html", "logout.html" };
String uri = request.getRequestURI();
if (uri.indexOf("background") != -1) {
boolean beFilter = true;
for (String s : noFilters) {
if (uri.indexOf(s) != -1) {
beFilter = false;
break;
}
}
if (beFilter) {
Object obj = request.getSession().getAttribute(
Constants.LOGINED);
if (null == obj) {
// 未登录
PrintWriter out = response.getWriter();
StringBuilder builder = new StringBuilder();
builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");
builder.append("alert(\"页面过期,请重新登录\");");
builder.append("window.top.location.href=\"");
builder.append(Constants.basePath);
builder.append("/background/index.html\";</script>");
out.print(builder.toString());
out.close();
return false;
} else {
// 添加日志
String operateContent = Constants.operateContent(uri);
if (null != operateContent) {
String url = uri.substring(uri.indexOf("background"));
String ip = request.getRemoteAddr();
Integer userId = ((SystemUserForm) obj).getId();
SystemLoggerForm form = new SystemLoggerForm();
form.setUserId(userId);
form.setIp(ip);
form.setOperateContent(operateContent);
form.setUrl(url);
this.systemLoggerService.edit(form);
}
}
}
}
Map paramsMap = request.getParameterMap();
for (Iterator<Map.Entry> it = paramsMap.entrySet().iterator(); it
.hasNext();) {
Map.Entry entry = it.next();
Object[] values = (Object[]) entry.getValue();
for (Object obj : values) {
if (!DataUtil.isValueSuccessed(obj)) {
throw new RuntimeException("有非法字符:" + obj);
}
}
}
return super.preHandle(request, response, handler);
}
}
(2) 修改context-dispatcher.xml,让spring管理拦截器
<mvc:interceptors>
<bean class="com.geloin.spring.interceptor.SystemInterceptor" />
</mvc:interceptors>
(1) 导入包,包结构如下图所示:
(2) 配置web.xml,如下所示:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>spring_test</display-name>
<!-- 配置文件位置,默认为/WEB-INF/applicationContext.xml -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>
<!-- 字符集过滤器 -->
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 上下文Spring监听器 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- servlet控制跳转 -->
<servlet>
<servlet-name>spring</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<!-- 配置文件 -->
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:context-dispatcher.xml</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>spring</servlet-name>
<url-pattern>*.html</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
</web-app>
(3) 配置dispatcher文件src/context-dispatcher.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans default-lazy-init="true"
xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<!-- 使用注解的包,包括子集 -->
<context:component-scan base-package="com.geloin.spring" />
<!-- 通过注解,把URL映射到Controller上,该标签默认注册DefaultAnnotationHandlerMapping和AnnotationMethodHandlerAdapter -->
<mvc:annotation-driven />
<!-- 视图解析器 -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.JstlView" />
<property name="prefix" value="/WEB-INF/pages/" />
<property name="suffix" value=".jsp"></property>
</bean>
</beans>
(4) 配置src/applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
</beans>
(5) 在src下添加包com.geloin.spring(与context-dispatcher.xml一致),其下添加controller子包,在com.geloin.spring.controller下添加一个controller,如下所示:
/**
*
* @author geloin
* @date 2012-5-5 上午9:31:52
*/
package com.geloin.spring.controller;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
/**
*
* @author geloin
* @date 2012-5-5 上午9:31:52
*/
@Controller
@RequestMapping(value = "background")
public class LoginController {
/**
*
*
* @author geloin
* @date 2012-5-5 上午9:33:22
* @return
*/
@RequestMapping(value = "to_login")
public void toLogin(HttpServletResponse response) throws Exception {
response.getWriter().print(" this is to logging 1");
}
}
(6) 启动服务,在浏览器中输入http://localhost:8080/spring_test/background/to_login.html(http://localhost:8080/spring_test为项目路径,background与LoginController上的@RequestMapping值一致,to_login与toLogin方法上的@RequestMapping值一致,.html为web.xml中DispatcherServlet的url-mapping值),显示结果如下图所示:
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Spring MVC,拦截器实现session控制
- 详解Spring MVC拦截器实现session控制
- Spring MVC,拦截器实现session控制
- Spring MVC拦截器实现session控制,权限控制
- Spring MVC,拦截器实现session控制
- Spring MVC,拦截器实现session控制
- 【Spring MVC】教程——使用拦截器实现权限控制
- 【Spring MVC】教程——使用拦截器实现权限控制
- 【Spring MVC】教程——使用拦截器实现权限控制
- Spring MVC使用拦截器实现权限控制
- Spring MVC代码实例系列-11:Spring MVC实现简单的权限控制拦截器和请求信息统计拦截器
- ExtJS4.2.1与Spring MVC实现Session超时控制
- ExtJS4.2.1与Spring MVC实现Session超时控制
- struts2拦截器实现权限控制
- CXF自定义拦截器实现权限控制
- java SpringMVC+Spring+mybatis自定义aop拦截器实现入参出参控制
- struts2 实现权限控制拦截器
- (转)基于 Struts 2 拦截器实现细粒度的基于角色的存取控制
- 在struts2.1中使用注解和拦截器实现权限细粒度控制