详解Spring MVC拦截器实现session控制
未登录,不允许访问background文件夹内的页面,那如何判断是否登录呢?background是关键目录,每个操作该目录的人都需要写在日志表中,如何实现呢?拦截器是实现方案之一。
(1)在com.geloin.spring.interceptor包中添加SystemInterceptor,并使其继承HandlerInterceptor
/**
*
*@authorgeloin
*/
packagecom.geloin.spring.interceptor;
importjava.io.PrintWriter;
importjava.util.Iterator;
importjava.util.Map;
importjavax.annotation.Resource;
importjavax.servlet.http.HttpServletRequest;
importjavax.servlet.http.HttpServletResponse;
importorg.springframework.stereotype.Repository;
importorg.springframework.web.servlet.handler.HandlerInterceptorAdapter;
importcom.embest.ruisystem.form.SystemLoggerForm;
importcom.embest.ruisystem.form.SystemUserForm;
importcom.embest.ruisystem.service.SystemLoggerService;
importcom.embest.ruisystem.util.Constants;
importcom.embest.ruisystem.util.DataUtil;
/**
*
*@authorgeloin
*/
@Repository
publicclassSystemInterceptorextendsHandlerInterceptorAdapter{
@Resource(name="systemLoggerService")
privateSystemLoggerServicesystemLoggerService;
/*
*(non-Javadoc)
*
*@see
*org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle
*(javax.servlet.http.HttpServletRequest,
*javax.servlet.http.HttpServletResponse,java.lang.Object)
*/
@SuppressWarnings({"rawtypes","unchecked"})
@Override
publicbooleanpreHandle(HttpServletRequestrequest,
HttpServletResponseresponse,Objecthandler)throwsException{
request.setCharacterEncoding("UTF-8");
response.setCharacterEncoding("UTF-8");
response.setContentType("text/html;charset=UTF-8");
//后台session控制
String[]noFilters=newString[]{"login.html","veriCode.html",
"index.html","logout.html"};
Stringuri=request.getRequestURI();
if(uri.indexOf("background")!=-1){
booleanbeFilter=true;
for(Strings:noFilters){
if(uri.indexOf(s)!=-1){
beFilter=false;
break;
}
}
if(beFilter){
Objectobj=request.getSession().getAttribute(
Constants.LOGINED);
if(null==obj){
//未登录
PrintWriterout=response.getWriter();
StringBuilderbuilder=newStringBuilder();
builder.append("<scripttype=\"text/javascript\"charset=\"UTF-8\">");
builder.append("alert(\"页面过期,请重新登录\");");
builder.append("window.top.location.href=\"");
builder.append(Constants.basePath);
builder.append("/background/index.html\";</script>");
out.print(builder.toString());
out.close();
returnfalse;
}else{
//添加日志
StringoperateContent=Constants.operateContent(uri);
if(null!=operateContent){
Stringurl=uri.substring(uri.indexOf("background"));
Stringip=request.getRemoteAddr();
IntegeruserId=((SystemUserForm)obj).getId();
SystemLoggerFormform=newSystemLoggerForm();
form.setUserId(userId);
form.setIp(ip);
form.setOperateContent(operateContent);
form.setUrl(url);
this.systemLoggerService.edit(form);
}
}
}
}
MapparamsMap=request.getParameterMap();
for(Iterator<Map.Entry>it=paramsMap.entrySet().iterator();it
.hasNext();){
Map.Entryentry=it.next();
Object[]values=(Object[])entry.getValue();
for(Objectobj:values){
if(!DataUtil.isValueSuccessed(obj)){
thrownewRuntimeException("有非法字符:"+obj);
}
}
}
returnsuper.preHandle(request,response,handler);
}
}
(2)修改context-dispatcher.xml,让spring管理拦截器
<mvc:interceptors> <beanclass="com.geloin.spring.interceptor.SystemInterceptor"/> </mvc:interceptors>
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。