principle: The session in the new page to save token random code, when the save validation, after the deletion, when the click on the save again due to the server side of the session no longer exists, all can not be verified through. Note that if you are clustered, you need to put tokens into the cache. Note Token code:java source Java code Copy Code collection code1[email protected] (Elementtype.method)2[email protected] (retentionpolicy.runtime)3. Public@interface Token {4. 5. Boolean Needsavetoken ()default false ; 6. 7. Boolean Needremovetoken ()default false ; 8.} Interceptor Tokeninterceptor Code: Java code Copy Code collection code1. Public classTokeninterceptor extends Handlerinterceptoradapter {2. 3. @Override4. Publicboolean prehandle (httpservletrequest request, httpservletresponse response, Object handler) throwsexception {5.if(Handler instanceof Handlermethod) {6. Handlermethod Handlermethod =(Handlermethod) handler; 7. Method method =Handlermethod.getmethod (); 8. token annotation = method.getannotation (token.class ); 9.if(Annotation! =NULL ) { Ten. Boolean needsavesession =Annotation.save (); One.if(needsavesession) { A. Request.getsession (false). SetAttribute ("token", Uuid.randomuuid (). toString ()); -. } -. Boolean needremovesession =Annotation.remove (); the.if(needremovesession) { -.if(Isrepeatsubmit (Request)) { -.return false ; -. } +. Request.getsession (false). RemoveAttribute ("token" ); -. } +. } A.return true ; at. }Else { -.returnsuper. Prehandle (Request, response, handler); -. } -. } -. -.Privateboolean isrepeatsubmit (HttpServletRequest request) { in. String servertoken = (string) request.getsession (false). getattribute ("token" ); -.if(Servertoken = =NULL ) { to.return true ; +. } -. String Clinettoken = Request.getparameter ("token" ); the.if(Clinettoken = =NULL ) { *.return true ; $. } Panax Notoginseng.if(!servertoken.equals (Clinettoken)) { -.return true ; the. } +.return false ; A. } the.} Then add in the Spring MVC configuration file: XML code copy Code collection code1.<!--Interceptor Configuration--2.< mvc:interceptors >3. <!--Configure the Shiro Interceptor, which enables the injection of registered users4. < Mvc:interceptor >5. < mvc:mapping Path ="/**"/>6. < beansclass="Com.storezhang.video.shiro.ShiroInterceptor"/>7. </mvc:interceptor >8. <!--configure token blocker to prevent users from repeating data--9. < Mvc:interceptor >Ten. < mvc:mapping Path ="/**"/> One. < beansclass="Com.storezhang.web.spring.TokenInterceptor"/> A. </mvc:interceptor > -. </mvc:interceptors >the relevant code has been commented, I believe you can read. The use of this method is to add @token to the controller that needs to generate tokens (save=true), and add @token on the controller that needs to check for duplicate submissions (remove=true) on it. In addition, you need to add the following code to the form in the view: HTML code Copy Code collection code1.< input type ="Hidden"Name ="token"Value ="${token}"/>adding annotations to related methods Java code Copy Code collection code1[Email protected] ("/save") 2. @AvoidDuplicateSubmission (Needremovetoken =true) 3. Publicsynchronized Modelandview Save (executionunit unit, httpservletrequest request, httpservletresponse response)4. Throws Exception {5. 6[Email protected] ("/edit") 7. @AvoidDuplicateSubmission (Needsavetoken =true) 8. PublicModelandview edit (Integer ID, httpservletrequest request) throws Exception {has finished, try to see if your data can be submitted again.
Spring MVC Interceptor + annotation method to prevent form repeating submission
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
