评论

收藏

[Java] SpringMVC 如何使用注解完成登录拦截

编程语言 编程语言 发布于:2021-09-11 22:04 | 阅读数:468 | 评论:0

这篇文章主要介绍了SpringMVC 如何使用注解完成登录拦截,帮助大家更好的理解和学习使用springMVC,感兴趣的朋友可以了解下

为了实现用户登录拦截你是否写过如下代码呢?

1. 基于Filter
import java.io.IOException;
 
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
 
public class AuthenticationFilter implements Filter {
  private FilterConfig filterConfig;
  private String onErrorUrl;
 
  public void init(FilterConfig filterConfig) throws ServletException {
    // 从 filterConfig 中的得到错误页
    this.filterConfig = filterConfig;
    this.onErrorUrl = filterConfig.getInitParameter("onError");
    if(this.onErrorUrl == null || "".equals(this.onErrorUrl))
      this.onErrorUrl = "onError";
  }
  
  public void doFilter(ServletRequest request, ServletResponse response,
      FilterChain chain) throws IOException, ServletException {
    
    HttpServletRequest httpRequest = (HttpServletRequest)request;
    session = httpRequest.getSession();
    if(null == session.getAttribute("_LOGIN_USER_") && !"/login".equals(httpRequest.getServletPath())) {
      httpRequest.getRequestDispatcher("/"+this.onErrorUrl).forward(request, response);
    }else{
      chain.doFilter(request, response);
    }
  }
  
  public void destroy() {
 
  }
 
}
2. 基于Struts
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
import org.apache.struts2.ServletActionContext;
 
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
 
@SuppressWarnings("serial")
public class LoginInterceptor extends AbstractInterceptor {
 
  @Override
  public String intercept(ActionInvocation invocation) throws Exception {
    String currentUser="currentUser";
    HttpServletRequest request=ServletActionContext.getRequest();
    HttpServletResponse response=ServletActionContext.getResponse();
    HttpSession session=request.getSession();           
  if(request.getRequestURI().endsWith("login.action")){
   return invocation.invoke();
  } else {
       if(session.getAttribute(currentUser)!=null){
        return invocation.invoke();
       }else{
         response.sendRedirect(request.getContextPath()+"/login.jsp");
       }
  }
   return null;
  }
}
3. 基于SpringMVC
import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
 
import cn.edu.hdc.util.Constants;
 
/**
 * @ClassName: LoginInterceptor 
 * @Description: 登录拦截器
 * @author loweir hbloweir@163.com
 * @date 2016年4月27日 上午8:06:11 
 */
public class LoginInterceptor implements HandlerInterceptor {
  /**
   * 在目标方法前被调用,返回 true 继续 
   */
  @Override
  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception {
    try {
      String url = request.getRequestURI();
      // 如果不是登录操作 判断 session
      if (!url.endsWith("login")) {
        if (request.getSession().getAttribute(Constants.CURRENT_USER) == null) {
        response.sendRedirect(request.getContextPath() + "/login.jsp");
          return false;
        }   
      }       } 
      return true;
    } catch (Exception e) {
      e.printStackTrace();
      return false;
    }
  }
 
  @Override
  public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
      throws Exception {
  }
 
  @Override
  public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
      throws Exception {
    
  }
}
如何使用自定义注解完成自定义拦截呢?

登录注解
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
 
/**
 * Created by loweir on 2017/5/14 17:19
 * <p>
 * author: 张瑀楠
 * email: hbloweir@163.com
 * 负责登录拦截
 */
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE,ElementType.METHOD})
public @interface WebLoginRequired {
 String value() default ""; // 未登录时需要跳转的路径
}
SpringMVC 拦截器设置
import com.ainsoft.globalshoperp.component.constant.WebLogin;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
/**
 * Created by loweir on 2017/5/14 17:14
 * <p>
 * author: 张瑀楠
 * email: hbloweir@163.com
 */
public class LoginInterceptor implements HandlerInterceptor {
 
 private static Log logger = LogFactory.getLog(LoginInterceptor.class);
 
 public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object handler) throws Exception {
 
  if (logger.isDebugEnabled()) {
   logger.debug("拦截器启动");
  }
  /* 
  * 判断是否为 HandlerMethod.class
  * 如果不是说明当前请求并不是 SpringMVC 管理,
  * 如果不是再自行根据业务做响应操作,这里直接返回 true
  */
  if (HandlerMethod.class.isInstance(handler)) {
   HandlerMethod handlerMethod = (HandlerMethod) handler;
 
   // 判断该 handler 是否有WebLoginRequired注解
   WebLoginRequired webLoginRequired = handlerMethod.getMethod().getDeclaredAnnotation(WebLoginRequired.class);
 
      // 如果该 handler 没有WebLoginRequired注解,判断所属Controller 是否包含注解
   if (null == webLoginRequired) {
  webLoginRequired = handlerMethod.getBeanType().getAnnotation(WebLoginRequired.class);
   }
 
      // 如果需要 WebLoginRequired 判断 session
   if (null != webLoginRequired) {
  if (httpServletRequest.getSession().getAttribute(WebLogin.CURRENTUSER) == null) {
   String executeURL = webLoginRequired.value();
   if (StringUtils.isBlank(executeURL)) {
    executeURL = WebLogin.LOGIN;
   }
   
   httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + executeURL);
   return false;
  }
   }
  }
  return true;
 }
 
 public void postHandle(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
  if (logger.isDebugEnabled()) {
   logger.debug("postHandler");
  }
 }
 
 public void afterCompletion(javax.servlet.http.HttpServletRequest httpServletRequest, javax.servlet.http.HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
  if (logger.isDebugEnabled()) {
   logger.debug("afterCompletion");
  }
 }
}
最终 controller 写法

1. 不需要登录权限的
类和方法都不需要注解
@Controller
@RequestMapping("auth")
public class AuthController {
 
 @RequestMapping("login")
 public String login() {
  return "login";
 }
}
2. 整个 controller 内都需要登录权限
在类上添加注解即可
@Controller
@WebLoginRequired
@RequestMapping("order")
public class OrderController {
 
 @RequestMapping("index")
 public String index() {
  return "index";
 }
}
3. controller 某个方法需要登录权限
只在需要登录权限的方法上添加注解
在注解上可以指定需要重定向的链接
如果不指定则默认到 login
@Controller
@RequestMapping("order")
public class OrderController {
 
 @RequestMapping("index")
 public String index() {
  return "index";
 }
 
  // 需要登录
  @WebLoginRequired
  @RequestMapping("add")
 public String index() {
  return "index";
 }
  
  // 需要登录,如果未登录跳到 error
  @WebLoginRequired("error")
  @RequestMapping("delete")
 public String index() {
  return "index";
 }
}
以上就是SpringMVC 如何使用注解完成登录拦截的详细内容,更多关于SpringMVC 使用注解完成登录拦截的资料请关注CodeAE代码之家其它相关文章!
原文链接:https://www.cnblogs.com/zyndev/p/7613006.html

关注下面的标签,发现更多相似文章