1.首先什么是拦截器?
主要用于拦截用户请求并做出相应的处理,例如拦截器可以判断用户是否登录,权限验证等等.
2.如何实现?
首先拦截器类是通过HandlerIntercepter接口或继承的实现类来定义,我们主要讲这种接口.
下面通过简单的例子才实际操作
模拟一个实现用户登录权限的验证,非常简单
1.配置jar包环境,这个和前面大致相同,所以我就只展现文件目录
2.创建一个User类,有id,username,password
3.创建UserCOntroller控制器类,并在该类中定义页面跳转等等的方法
package com.itheima.controller; import javax.servlet.http.HttpSession; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import com.itheima.po.User; @Controller public class UserController { @RequestMapping("/testJson") @ResponseBody public User testJson(@RequestBody User user){ System.out.println(user); return user; } /** * 登录界面跳转 * @return */ @RequestMapping(value="/login",method=RequestMethod.GET) public String toLogin(){ return "login"; } /** * 用户登录 */ @RequestMapping(value="/login",method=RequestMethod.POST) public String login(User user,Model model,HttpSession session){ String username = user.getUsername(); String password = user.getPassword(); if(username!=null&&username.equals("leonard")&&password!=null&&password.equals("123456")){ session.setAttribute("USER_SESSION", user); return "redirect:main"; } model.addAttribute("msg", "用户密码错误,请重新登录"); return "login"; } /** * 向用户主页面跳转 * @return */ @RequestMapping(value="/main") public String toMain(){ return "main"; } /** * 退出登录 */ @RequestMapping(value="/logout") public String logout(HttpSession session){ //清除session session.invalidate(); //重定向套登陆页面的跳转方法 return "redirect:login"; } }
4.创捷拦截器类
package com.itheima.interceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import com.itheima.po.User; public class LoginInterceptor implements HandlerInterceptor{ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { //获取请求URL String url = request.getRequestURI(); //URL:除了login.jsp可以访问,其他都进行拦截 if(url.indexOf("/login")>=0){ return true; } //获取Session HttpSession session = request.getSession(); User user = (User) session.getAttribute("USER_SESSION"); if(user!=null){ return true; } request.setAttribute("msg", "你还没有登录,请先登录"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); return false; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3) throws Exception { // TODO Auto-generated method stub } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3) throws Exception { // TODO Auto-generated method stub } }
其中拦截器对象类继承接口有三个方法,他的执行顺序和多个拦截器的实现顺序这个知识点自己在心中要有个概念
5.配置文件
<!-- 配置自定义的拦截器 --> <mvc:interceptors> <bean class="com.itheima.interceptor.LoginInterceptor" /> </mvc:interceptors>
6.下面是两个前端页面
<body> ${msg} <form action="${pageContext.request.contextPath }/login" method="POST"> 用户名:<input type="text" name="username"/><br /> 密 码: <input type="password" name="password"/><br /> <input type="submit" value="登录" /> </form> </body>
当前用户:${USER_SESSION.username} <a href="${pageContext.request.contextPath }/logout">退出</a>
7.结果演示
直接进入main
2.输入密码后
3.安全退出后再次访问main
