The interceptor implements authentication for user login and login timeout

This article takes spring as an example, the other framework principle is the same, please find your own Spring3 in the mvc:interceptors tag configuration interceptor This tag is used to register a custom interceptor or webrequestinterceptors.

You can use the URL to define the path request interception, can achieve finer granularity interception control.

For example, in configuration file join

<?xml version= "1.0" encoding= "UTF-8"?>

<beans xmlns= "Http://www.springframework.org/schema/beans"

Xmlns:mvc= "Http://www.springframework.org/schema/mvc"

Xmlns:xsi= "Http://www.w3.org/2001/XMLSchema-instance"

Xsi:schemalocation= "

Http://www.springframework.org/schema/beans

Http://www.springframework.org/schema/beans/spring-beans-3.0.xsd

Http://www.springframework.org/schema/mvc

Http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd ">

<!--The following configuration will intercept all URL requests--

<mvc:interceptors>

<bean class= "Org.springframework.web.servlet.i18n.LocaleChangeInterceptor"/>

</mvc:interceptors>

<!--The following configuration will intercept unique URL requests--

<mvc:interceptors>

<mvc:interceptor>

<mvc:mapping path= "/secure/*"/>

<bean class= "Org.example.SecurityInterceptor"/>

</mvc:interceptor>

<mvc:interceptor>

<mvc:mapping path= "/admin/*.do"/>

<bean class= "Org.example.admin.ControlInterceptor"/>

</mvc:interceptor>

</mvc:interceptors>

</beans>

The interceptor defined only needs to be implemented

@Override

public boolean prehandle (HttpServletRequest req,httpservletresponse res, Object handler)

Give a practical example to illustrate:

1. In the Spring-mvc.xml configuration file

<!--user Login checksum
<mvc:interceptors>
<bean class= "Com.shxt.framework.utils.LoggedInterceptor" ></bean>
</mvc:interceptors>

2, the corresponding interceptor class:

@Repository
public class Loggedinterceptor extends Handlerinterceptoradapter {

/**
* Action before execution
*/
@Override
public boolean prehandle (HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {

Request.setcharacterencoding ("UTF-8");
Response.setcharacterencoding ("UTF-8");
Response.setcontenttype ("Text/html;charset=utf-8");

Background session Control
string[] nofilters = new string[] {"Login", "Handle"}; If login and handle are not intercepted in the URL
String uri = Request.getrequesturi ();

if (Uri.indexof ("common")! =-1) {
Boolean befilter = true;
for (String s:nofilters) {
if (Uri.indexof (s)! =-1) {
Befilter = false;
Break
}
}
if (befilter) {
Object obj = Request.getsession (). getattribute (systemconstants.logined);
if (null = = obj) {
Not logged in
PrintWriter out = Response.getwriter ();
StringBuilder builder = new StringBuilder ();
Builder.append ("<script type=\" text/javascript\ "charset=\" utf-8\ ">");
Builder.append ("Alert (\" page expires, please re-login \ ");");
Builder.append ("window.top.location.href=\");
Builder.append (Systemconstants.basepath); This is the http://ip:port/project name.
Builder.append ("/common/user/login\";</script> "); Here is the URL of the re-login page
Out.print (Builder.tostring ());
Out.close ();
return false;
}
}
}
return Super.prehandle (Request, response, handler);
}

/**
* Execute before generating view
*/
@Override
public void Posthandle (HttpServletRequest request,
HttpServletResponse response, Object handler,
Modelandview Modelandview) throws Exception {
}

/**
* Last execution, can be used to release resources
*/
@Override
public void Aftercompletion (HttpServletRequest request,
HttpServletResponse response, Object handler, Exception ex)
Throws Exception {
}
}

3. Configure the duration of the session

Add in Web. xml

<session-config>
<session-timeout>30</session-timeout>
</session-config>

In 30 minutes, the session is valid, in the test can be changed to 1, a minute after the visit, will be prompted to "re-login" window

The interceptor implements validation of user login and login timeout