前言
SpringMVC 中的Interceptor 拦截器主要用于拦截用户的请求并进行相应的处理,定义一个Interceptor主要有两种方式:
- 实现HandlerInterceptor 接口,或者是继承实现了HandlerInterceptor 接口的类,例如HandlerInterceptorAdapter;
-
实现Spring的WebRequestInterceptor接口,或者是继承实现了WebRequestInterceptor的类。
拦截流程
拦截器应用场景
以qq邮箱登录为例,登录成功后,会进入到个人邮箱页面。在短时间内,即使关闭了登录页面(不退出),再打开登录页,也会跳转到个人邮箱页面。如果退出,再打开个人邮箱页面链接,则会跳转到登录页面。以上登录状态的检查其实就是测试过程中常听说的session检查了,也就是说每一个 Controller 方法执行前(上图的preHandle)都需要进行 session 登录态的检查,如果存在登录态,则继续执行
Controller 的方法,如果不存在,则直接返回。
QQ邮箱登录
拦截器示例
参考《开发测试spring应用》书中提到的登录案例,对拦截器的应用做以下说明。
项目结构
pom依赖
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.springDemo</groupId>
<artifactId>springMVCDemo</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>war</packaging>
<name>springMVCDemo Maven Webapp</name>
<!-- FIXME change it to the project's website -->
<url>http://www.example.com</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
<spring.version>4.2.8.RELEASE</spring.version>
<!-- 解决mvn编译乱码问题
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-->
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.1</version>
<scope>provided</scope>
</dependency>
<!-- springframe start -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-orm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- springframe end -->
</dependencies>
<build>
<finalName>springMVCDemo</finalName>
<pluginManagement><!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
<plugins>
<plugin>
<artifactId>maven-clean-plugin</artifactId>
<version>3.1.0</version>
</plugin>
<!-- see http://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_war_packaging -->
<plugin>
<artifactId>maven-resources-plugin</artifactId>
<version>3.0.2</version>
</plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.0</version>
</plugin>
<plugin>
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.1</version>
</plugin>
<plugin>
<artifactId>maven-war-plugin</artifactId>
<version>3.2.2</version>
</plugin>
<plugin>
<artifactId>maven-install-plugin</artifactId>
<version>2.5.2</version>
</plugin>
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.8.2</version>
</plugin>
<!--
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
</plugin>
-->
</plugins>
</pluginManagement>
</build>
</project>
新建jsp及controller
login.jsp:登录页面
<%--
Created by IntelliJ IDEA.
User: lenovo
Date: 2019/2/25
Time: 15:03
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>测试系统</title>
</head>
<body>
<form action="/login" method="get">
<table>
<tr>
<td>用户名:</td>
<td><input type="text" name="username"></td>
</tr>
<tr>
<td>密码:</td>
<td><input type="password" name="password"></td>
</tr>
<tr>
<td colspan="2">
<button type="submit">登录</button>
</td>
</tr>
</table>
</form>
</body>
</html>
welcome.jsp:需注意,某些版本的isELIgnored默认为true,此时需要设置为isELIgnored="false",否则${username}变量无法传递到页面展现。
<%--
Created by IntelliJ IDEA.
User: lenovo
Date: 2019/2/25
Time: 15:20
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" isELIgnored="false" %>
<html>
<head>
<title>测试系统</title>
</head>
<body>
<div>欢迎${username}登录测试系统啊!</div>
<div><a href="/logout">退出</a> </div>
</body>
</html>
LoginController.java:“redirect:+路径”表示重定向跳转。代码中用到的session,有效时间可以在web.xml中设置。
<!--session有效时间为30分钟-->
<session-config>
<session-timeout>30</session-timeout>
</session-config>
package example.controller;
import example.info.LoginInfo;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import javax.servlet.http.HttpSession;
import java.util.Map;
@Controller
public class LoginController {
@RequestMapping(value = "/", method = RequestMethod.GET)
public String login(Map<String, Object> map) {
return "login";
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(LoginInfo loginInfo, HttpSession httpSession) { //此处的参数传递使用的是LoginInfo 实体对象
System.out.println("username:"+loginInfo.getUsername());
if (loginInfo.getUsername() != null){
httpSession.setAttribute("username", loginInfo.getUsername());
return "redirect:/welcome"; //点击登录按钮后,重定向跳转到 /welcome 路径
}else
return "redirect:/"; //如果直接访问/login路径,则跳转到登录页
}
@RequestMapping(value = "/welcome", method = RequestMethod.GET)
public String welcome(Map<String, Object> map, HttpSession httpSession) {
String username = "";
if (httpSession.getAttribute("username") != null)
username = httpSession.getAttribute("username").toString();
map.put("username", username); //传递变量给welcome.jsp的${username}
return "welcome";
}
@RequestMapping(value = "/logout", method = RequestMethod.GET)
public String logout(HttpSession httpSession) {
httpSession.setAttribute("username", null);
return "redirect:/";
}
}
新建实体类LoginInfo
需注意的是,LoginInfo 定义的变量必须与login.jsp标签里的 name 属性对应,并且要有getter/setter 方法,这样才能在表单提交时自动赋值。
login.jsp标签属性
package example.info;
public class LoginInfo {
private String username;
private String password;
public String getUsername() {
return this.username;
}
public String getPassword() {
return this.password;
}
public void setUsername(String username) {
this.username = username;
}
public void setPassword(String password) {
this.password = password;
}
}
回看LoginController类的login方法,除了通过实体类LoginInfo来传递参数,
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(LoginInfo loginInfo, HttpSession httpSession) {
System.out.println("username:"+loginInfo.getUsername());
if (loginInfo.getUsername() != null){
httpSession.setAttribute("username", loginInfo.getUsername());
return "redirect:/welcome"; //重定向跳转到 /welcome 路径
}else
return "redirect:/"; //如果直接访问/login路径,则跳转到登录页
}
还可以通过以下两种方式来实现同样的效果。
方式一:变量名依旧和login.jsp标签的name属性名一致。
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(String username,String password, HttpSession httpSession) {
if (username != null){
httpSession.setAttribute("username", username);
return "redirect:/welcome"; //重定向跳转到 /welcome 路径
}else
return "redirect:/"; //如果直接访问/login路径,则跳转到登录页
}
方式二:通过@RequestParam注解来实现,此方式不要求变量名与login.jsp标签属性一致。
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login(@RequestParam("username")String name, HttpSession httpSession) {
if (name != null){
httpSession.setAttribute("username", name);
return "redirect:/welcome"; //重定向跳转到 /welcome 路径
}else
return "redirect:/"; //如果直接访问/login路径,则跳转到登录页
}
新建拦截类DemoInterceptor
前文提到每一个Controller方法执行前都需要进行session登录态的检查,此时便需要用到拦截器了,接下来以实现HandlerInterceptor 接口为例说明。
package example.interceptor;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class DemoInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
String username = (String) httpServletRequest.getSession().getAttribute("username");
System.out.println("name:"+username);
if (StringUtils.isEmpty(username)) {
httpServletResponse.sendRedirect(httpServletRequest.getContextPath());
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
- preHandle 是拦截前置处理,在请求进入 action 之前执行,通过重写preHandle 方法,判断了 session 信息是否存在,如果存在,则返回 true,然后进入 action,如果不存在,则 sendRedirect,,即进行重定向,request.getContextPath() 的值就是站点根目录”http://localhost:8082/”,所以会进入登录页面。
- postHandle 就是拦截后置处理。
- afterCompletion 就是拦截完成处理。
配置拦截器
配置dispatcher-servlet.xml,增加拦截器interceptor配置。
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<context:component-scan base-package="example.controller"/>
<mvc:default-servlet-handler/>
<!--启用spring的一些annotation -->
<context:annotation-config/>
<!-- 配置注解驱动 可以将request参数与绑定到controller参数上 -->
<mvc:annotation-driven/>
<!--静态资源映射-->
<!--本项目把静态资源放在了webapp的statics目录下,资源映射如下-->
<!--statics目录下所有文件不会被DispatcherServlet拦截,直接访问,当做静态资源交给Servlet处理-->
<mvc:resources mapping="/statics/**" location="/WEB-INF/statics/"/>
<!--mvc:resources mapping="/js/**" location="/WEB-INF/statics/js/"/-->
<!--mvc:resources mapping="/image/**" location="/WEB-INF/statics/image/"/-->
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
<property name="prefix" value="/WEB-INF/view/"/><!--设置JSP文件的目录位置-->
<property name="suffix" value=".jsp"/>
<property name="exposeContextBeansAsAttributes" value="true"/>
</bean>
<!--mvc:mapping 表示要拦截的请求路径,”/**”表示拦截所有的路径-->
<!--mvc:exclude-mapping 表示要排除拦截的路径,即不拦截的路径-->
<!--bean 表示拦截后要做的事,都写在了 DemoInterceptor 这个类里-->
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<mvc:exclude-mapping path="/"/>
<mvc:exclude-mapping path="/login"/>
<mvc:exclude-mapping path="/view/**"/>
<bean class="example.interceptor.DemoInterceptor"/>
</mvc:interceptor>
</mvc:interceptors>
</beans>
增加拦截器后,未登录前,打开 http://localhost:8082/welcome会跳转到登录页面。如果不增加拦截器,未登录前打开 http://localhost:8082/welcome 则会跳转到欢迎页面。
页面验证
做完以上处理后,一个登录页面基本完成了,启动Tomcat服务。
输入http://locathost:8082,展现登录页面如下:
点击登录按钮,进入welcome页面。
欢迎页面
点击退出按钮,回到登录页面。
退出后页面
参考资料
《开发测试的spring应用》
网友评论