在进行登录操作时我们都要使用拦截器拦截用户的访问,以避免用户未登录操作。
以下是对登录操作的简单拦截,自己可针对自己的业务进行扩展。
自定义LoginInterceptor 实现HandlerInterceptor,用户发送的每个请求都会被preHandle()方法拦截,我们就可以在preHandle方法中实现自己的业务员逻辑,哪些不需要被拦截等等操作。
package com.light.ac.web.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.light.ac.domain.User;
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
Object obj) throws Exception {
Subject subject = SecurityUtils.getSubject();
User user = (User) subject.getPrincipal();
if (user != null) {
return true;
}
response.sendRedirect("/index.jsp");
return false;
}
@Override
public void afterCompletion(HttpServletRequest arg0,
HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {
}
@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1,
Object arg2, ModelAndView arg3) throws Exception {
}
}
springmvc.xml中的配置为:
<!-- 拦截器 --> <mvc:interceptors> <!-- 登陆拦截器 --> <mvc:interceptor> <mvc:mapping path="/**" /> <mvc:exclude-mapping path="/resources/**"/> <mvc:exclude-mapping path="/login"/> <mvc:exclude-mapping path="/logout"/> <bean class="com.light.ac.web.interceptor.LoginInterceptor"></bean> </mvc:interceptor> </mvc:interceptors>