Spring MVC,拦截器实现session控制

未登录,不允许访问background文件夹内的页面,那如何判断是否登录呢?background是关键目录,每个操作该目录的人都需要写在日志表中,如何实现呢?拦截器是实现方案之一。

(1) 在com.geloin.spring.interceptor包中添加SystemInterceptor,并使其继承HandlerInterceptor

/**   *   * @author geloin   * @date 2012-3-27 下午2:29:35   */   package com.geloin.spring.interceptor;      import Java.io.PrintWriter;   import java.util.Iterator;   import java.util.Map;      import javax.annotation.Resource;   import javax.servlet.http.HttpServletRequest;   import javax.servlet.http.HttpServletResponse;      import org.springframework.stereotype.Repository;   import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;      import com.embest.ruisystem.form.SystemLoggerForm;   import com.embest.ruisystem.form.SystemUserForm;   import com.embest.ruisystem.service.SystemLoggerService;   import com.embest.ruisystem.util.Constants;   import com.embest.ruisystem.util.DataUtil;      /**   *    * @author geloin   * @date 2012-3-27 下午2:29:35   */   @Repository   public class SystemInterceptor extends HandlerInterceptorAdapter {          @Resource(name = "systemLoggerService")       private SystemLoggerService systemLoggerService;          /*       * (non-Javadoc)       *        * @see       * org.springframework.web.servlet.handler.HandlerInterceptorAdapter#preHandle       * (javax.servlet.http.HttpServletRequest,       * javax.servlet.http.HttpServletResponse, java.lang.Object)       */       @SuppressWarnings({ "rawtypes""unchecked" })       @Override       public boolean preHandle(HttpServletRequest request,               HttpServletResponse response, Object handler) throws Exception {              request.setCharacterEncoding("UTF-8");           response.setCharacterEncoding("UTF-8");           response.setContentType("text/html;charset=UTF-8");              // 后台session控制            String[] noFilters = new String[] { "login.html""veriCode.html",                   "index.html""logout.html" };           String uri = request.getRequestURI();              if (uri.indexOf("background") != -1) {               boolean beFilter = true;               for (String s : noFilters) {                   if (uri.indexOf(s) != -1) {                       beFilter = false;                       break;                   }               }               if (beFilter) {                   Object obj = request.getSession().getAttribute(                           Constants.LOGINED);                   if (null == obj) {                          // 未登录                        PrintWriter out = response.getWriter();                       StringBuilder builder = new StringBuilder();                       builder.append("<script type=\"text/javascript\" charset=\"UTF-8\">");                       builder.append("alert(\"页面过期,请重新登录\");");                       builder.append("window.top.location.href=\"");                       builder.append(Constants.basePath);                       builder.append("/background/index.html\";</script>");                       out.print(builder.toString());                       out.close();                       return false;                   } else {                       // 添加日志                        String operateContent = Constants.operateContent(uri);                       if (null != operateContent) {                           String url = uri.substring(uri.indexOf("background"));                           String ip = request.getRemoteAddr();                           Integer userId = ((SystemUserForm) obj).getId();                           SystemLoggerForm form = new SystemLoggerForm();                           form.setUserId(userId);                           form.setIp(ip);                           form.setOperateContent(operateContent);                           form.setUrl(url);                           this.systemLoggerService.edit(form);                       }                   }               }           }              Map paramsMap = request.getParameterMap();              for (Iterator<Map.Entry> it = paramsMap.entrySet().iterator(); it                   .hasNext();) {               Map.Entry entry = it.next();               Object[] values = (Object[]) entry.getValue();               for (Object obj : values) {                   if (!DataUtil.isValueSuccessed(obj)) {                       throw new RuntimeException("有非法字符:" + obj);                   }               }           }              return super.preHandle(request, response, handler);       }      }  

        (2) 修改context-dispatcher.xml,让spring管理拦截器

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:http://www.heiqu.com/ppgdg.html