If it is a background management project, some things can not be directly accessible, you must log in before you can go in, so you need to do a login to intercept, only the logged on users can be normal access.
Login interception is not a way to intercept JSP pages, so we need to write a method in the controller to make the page call, and the JSP page from the WebApp folder to the Web-inf, because the file under WebApp can be directly accessed: file directory
,
First, create a webconfig.class file for the interceptor creation, the interceptor needs to implement the Webmvcconfigureradapter class, inherit the Applicationcontextaware class,
The code is as follows:
Packagecom
ImportOrg.springframework.beans.BeansException;
ImportOrg.springframework.context.ApplicationContext;
ImportOrg.springframework.context.ApplicationContextAware;
ImportOrg.springframework.context.annotation.Configuration;
ImportOrg.springframework.util.ResourceUtils;
ImportOrg.springframework.web.servlet.config.annotation.InterceptorRegistry;
ImportOrg.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
ImportOrg.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
ImportCom.interceptor.LoginInterceptor;
@Configuration
Public class webconfig extends webmvcconfigureradapter implements Applicationcontextaware {
PrivateApplicationContext ApplicationContext;
Public Webconfig(){
Super();
}
@Override
Public void addresourcehandlers(Resourcehandlerregistry Registry) {
System.out.println ("1");
Registry.addresourcehandler ("/static/**"). Addresourcelocations (resourceutils.classpath_url_prefix+"/static/");
Registry.addresourcehandler ("/templates/**"). Addresourcelocations (resourceutils.classpath_url_prefix+"/templates/");
Super. Addresourcehandlers (registry);
}
@Override
Public void Setapplicationcontext(ApplicationContext ApplicationContext)throwsbeansexception {
System.out.println ("One");
This. ApplicationContext = ApplicationContext;
}
@Override
Public void addinterceptors(Interceptorregistry Registry) {
System.out.println ("111");
//Intercept rule: Other than login, intercept and Judge
Registry.addinterceptor (NewLogininterceptor ()). Addpathpatterns ("/**"). Excludepathpatterns ("/user/login","/user/gologin");Super. Addinterceptors (registry);
}
}
The above file except/user/login (login information authentication method),/user/gologin (Return to login page method) These two methods do not intercept, the other intercept judgment
Then write a custom validation rule to determine whether the intercepted request passed
PackageCom.interceptor;
ImportJavax.servlet.http.HttpServletRequest;
ImportJavax.servlet.http.HttpServletResponse;
ImportJavax.servlet.http.HttpSession;
ImportOrg.slf4j.Logger;
ImportOrg.slf4j.LoggerFactory;
ImportOrg.springframework.web.servlet.HandlerInterceptor;
ImportOrg.springframework.web.servlet.ModelAndView;
Public class logininterceptor implements handlerinterceptor {
Private Static FinalLogger log = Loggerfactory.getlogger (Logininterceptor.class);
@Override
Public Boolean Prehandle(HttpServletRequest request, httpservletresponse response, Object handler)
throwsException {
//TODO auto-generated method stub
Log.info ("------prehandle------");
//Get session
HttpSession session = Request.getsession (true);
//Determine if user ID exists, skip to login interface if not present
if(Session.getattribute ("UserId") ==NULL) {
Log.info ("------: Jump to the login page! ");
System.out.println (Request.getcontextpath () +"/login");
Response.sendredirect ("/user/gologin");
return false;
}Else{
return true;
}
}
@Override
Public void Posthandle(HttpServletRequest request, httpservletresponse response, Object handler,
Modelandview Modelandview)throwsException {
//TODO auto-generated method stub
}
@Override
Public void aftercompletion(HttpServletRequest request, httpservletresponse response, Object handler, Exception ex)
throwsException {
//TODO auto-generated method stub
}
}
When the user login is successful, the user's information is stored in the session, after the visit, will go to the session to determine if there is no user information, if there is no user information, then jump to the login page, user login
Login interception mechanism of web development----Springboot