2. 技术
    3. Servlet过滤器、Spring拦截器组件Interceptor应用

    Servlet过滤器、Spring拦截器组件Interceptor应用

    技术2026-01-13  15

    登录权限检查 需求 未登录用户不允许使用前面的aad.do update.do delete.do 可以使用list.do view.do

    过滤器、拦截器

    使用servle提供的过滤器进行过滤

    web.xml配置

    <filter> <filter-name>userCheck</filter-name> <filter-class>com.tracy.filter.UserLoginFilter</filter-class> </filter> <filter-mapping> <filter-name>userCheck</filter-name> <url-pattern>/delete.do</url-pattern> </filter-mapping> <filter-mapping> <filter-name>userCheck</filter-name> <url-pattern>/tpUpdate.do</url-pattern> </filter-mapping> <filter-mapping> <filter-name>userCheck</filter-name> <url-pattern>/toadd.do</url-pattern> </filter-mapping>

    UserLoginFilter

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { //强制类型转换 HttpServletRequest httpRequest=(HttpServletRequest) request; HttpServletResponse httpResponse=(HttpServletResponse) response; Object user= httpRequest.getSession().getAttribute("user"); if(user!=null) { chain.doFilter(request, response); }else { httpResponse.sendRedirect("login.do"); } }

    SpringMVC 拦截器

    作用 :可以在原有的SpringMVC处理流程上进行拦截,插入处理逻辑 浏览器 —DispatcherServlet— HandlerMapping — Controller viewResolver 生成HTML响应界面----浏览器

    浏览器客户端---- Tomcat服务器 服务端 HandlerMapping处理 之后 controller处理之后 生成页面响应之后

    拦截器3个方法拦截

    interceptor 实现HandlerInterceptor接口 重写其方法 preHandle postHandle afterCompletion

    public class UserCheckInterceptor implements HandlerInterceptor{ @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object obj, Exception arg3) throws Exception { } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object obj, ModelAndView arg3) throws Exception { } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception { Object user=request.getSession().getAttribute("user"); //处理前进行拦截 因为返回的是boolean类型 如果true放行 if(user!=null) return true; else { response.sendRedirect("Login.do"); return false;//阻止后续组件Controller组件通过 } } }

    在Spring-mvc.xml配置拦截请求

    <mvc:interceptors> <mvc:interceptor> <!-- 拦截组件配置 --> <mvc:mapping path="toadd.do"/> <mvc:mapping path="toUpdate.do"/> <mvc:mapping path="delete.do"/> <!-- 不拦截的组件 --> <mvc:exclude-mapping path="toList.do"/> <!-- 拦截指定组件 --> <bean class="com.tracy.interceptor.UserCheckInterceptor"></bean> </mvc:interceptor> </mvc:interceptors>

    <拦截组件>批量拦截组件 <mvc:mapping path="*.do"> 放过谁哪个组件 <mvc:exclude-mapping path=”“>

    Processed: 0.025, SQL: 9