package com.github.carter659.spring13;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
/**
* 登录配置 博客出处:http://www.cnblogs.com/GoodHelper/
*
*/
@Configuration
public class WebSecurityConfig extends WebMvcConfigurerAdapter {
/**
* 登录session key
*/
public final static String SESSION_KEY = "user";
@Bean
public SecurityInterceptor getSecurityInterceptor() {
return new SecurityInterceptor();
}
public void addInterceptors(InterceptorRegistry registry) {
InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor());
// 排除配置
addInterceptor.excludePathPatterns("/error");
addInterceptor.excludePathPatterns("/login**");
// 拦截配置
addInterceptor.addPathPatterns("/**");
}
private class SecurityInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
HttpSession session = request.getSession();
if (session.getAttribute(SESSION_KEY) != null)
return true;
// 跳转登录
String url = "/login";
response.sendRedirect(url);
return false;
}
}
}
排除配置那里,千万别把,发送过去验证登录的网址,也给拦截了,这个原因,折腾了我大半个小时
// 排除配置
addInterceptor.excludePathPatterns("/login**");
https://www.cnblogs.com/GoodHelper/p/6343190.html