歡迎來到Linux教程網
Linux教程網
Linux教程網
Linux教程網
您现在的位置: Linux教程網 >> UnixLinux >  >> Linux編程 >> Linux編程

Spring MVC,攔截器實現session控制

本文基於Spring MVC 注解,讓Spring跑起來

未登錄,不允許訪問background文件夾內的頁面,那如何判斷是否登錄呢?background是關鍵目錄,每個操作該目錄的人都需要寫在日志表中,如何實現呢?攔截器是實現方案之一。

(1) 在com.geloin.spring.interceptor包中添加SystemInterceptor,並使其繼承HandlerInterceptor

  1. /** 
  2.  * 
  3.  * @author geloin 
  4.  * @date 2012-3-27 下午2:29:35 
  5.  */  
  6. package com.geloin.spring.interceptor;  
  7.   
  8. import java.io.PrintWriter;  
  9. import java.util.Iterator;  
  10. import java.util.Map;  
  11.   
  12. import javax.annotation.Resource;  
  13. import javax.servlet.http.HttpServletRequest;  
  14. import javax.servlet.http.HttpServletResponse;  
  15.   
  16. import org.springframework.stereotype.Repository;  
  17. import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;  
  18.   
  19. import com.embest.ruisystem.form.SystemLoggerForm;  
  20. import com.embest.ruisystem.form.SystemUserForm;  
  21. import com.embest.ruisystem.service.SystemLoggerService;  
  22. import com.embest.ruisystem.util.Constants;  
  23. import com.embest.ruisystem.util.DataUtil;  
  24.   
  25. /** 
  26.  *  
  27.  * @author geloin 
  28.  * @date 2012-3-27 下午2:29:35 
  29.  */  
  30. @Repository  
  31. public class SystemInterceptor extends HandlerInterceptorAdapter {  
  32.   
  33.     @Resource(name = "systemLoggerService")  
  34.     private SystemLoggerService systemLoggerService;  
  35.   
  36.     /* 
  37.      * (non-Javadoc) 
  38.      *  
  39.      * @see 
  40.      * org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle 
  41.      * (javax.servlet.http.HttpServletRequest, 
  42.      * javax.servlet.http.HttpServletResponse, java.lang.Object) 
  43.      */  
  44.     @SuppressWarnings({ "rawtypes""unchecked" })  
  45.     @Override  
  46.     public boolean preHandle(HttpServletRequest request,  
  47.             HttpServletResponse response, Object handler) throws Exception {  
  48.   
  49.         request.setCharacterEncoding("UTF-8");  
  50.         response.setCharacterEncoding("UTF-8");  
  51.         response.setContentType("text/html;charset=UTF-8");  
  52.   
  53.         // 後台session控制   
  54.         String[] noFilters = new String[] { "login.html""veriCode.html",  
  55.                 "index.html""logout.html" };  
  56.         String uri = request.getRequestURI();  
  57.   
  58.         if (uri.indexOf("background") != -1) {  
  59.             boolean beFilter = true;  
  60.             for (String s : noFilters) {  
  61.                 if (uri.indexOf(s) != -1) {  
  62.                     beFilter = false;  
  63.                     break;  
  64.                 }  
  65.             }  
  66.             if (beFilter) {  
  67.                 Object obj = request.getSession().getAttribute(  
  68.                         Constants.LOGINED);  
  69.                 if (null == obj) {  
  70.   
  71.                     // 未登錄   
  72.                     PrintWriter out = response.getWriter();  
  73.                     StringBuilder builder = new StringBuilder();  
  74.                     builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");  
  75.                     builder.append("alert(\"頁面過期,請重新登錄\");");  
  76.                     builder.append("window.top.location.href=\"");  
  77.                     builder.append(Constants.basePath);  
  78.                     builder.append("/background/index.html\";</script>");  
  79.                     out.print(builder.toString());  
  80.                     out.close();  
  81.                     return false;  
  82.                 } else {  
  83.                     // 添加日志   
  84.                     String operateContent = Constants.operateContent(uri);  
  85.                     if (null != operateContent) {  
  86.                         String url = uri.substring(uri.indexOf("background"));  
  87.                         String ip = request.getRemoteAddr();  
  88.                         Integer userId = ((SystemUserForm) obj).getId();  
  89.                         SystemLoggerForm form = new SystemLoggerForm();  
  90.                         form.setUserId(userId);  
  91.                         form.setIp(ip);  
  92.                         form.setOperateContent(operateContent);  
  93.                         form.setUrl(url);  
  94.                         this.systemLoggerService.edit(form);  
  95.                     }  
  96.                 }  
  97.             }  
  98.         }  
  99.   
  100.         Map paramsMap = request.getParameterMap();  
  101.   
  102.         for (Iterator<Map.Entry> it = paramsMap.entrySet().iterator(); it  
  103.                 .hasNext();) {  
  104.             Map.Entry entry = it.next();  
  105.             Object[] values = (Object[]) entry.getValue();  
  106.             for (Object obj : values) {  
  107.                 if (!DataUtil.isValueSuccessed(obj)) {  
  108.                     throw new RuntimeException("有非法字符:" + obj);  
  109.                 }  
  110.             }  
  111.         }  
  112.   
  113.         return super.preHandle(request, response, handler);  
  114.     }  
  115.   
  116. }  
        (2) 修改context-dispatcher.xml,讓spring管理攔截器
  1. <mvc:interceptors>  
  2.     <bean class="com.geloin.spring.interceptor.SystemInterceptor" />  
  3. </mvc:interceptors>  
Copyright © Linux教程網 All Rights Reserved