最近打算配置一下spring boot security,在此之前先将过去写的拦截器总结一下。
使用工具:
1.spring boot 2.1.0
2.HandlerInterceptor
使用目的:权限校验、防重复提交等等一系列的事情
基本的使用方法就是,1.新建方法类实现HandlerInterceptor接口
@Component
public class LoginInterceptor implements HandlerInterceptor{
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//这里使用session验证用户是否登录,根据情况返回boolean类型值
HttpSession session = request.getSession();
if(session.getAttribute("username") == null) {
String url = "login";
response.sendRedirect(url);
return false;
}else {
return true;
}
}
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
}
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
}
}
2.新建配置类实现WebMvcConfigurer接口
@Configuration
public class WebConfigurer implements WebMvcConfigurer {
@Autowired
private LoginInterceptor loginInterceptor;
// 配置静态资源
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
}
// 注册拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
// addPathPatterns("/**") 拦截所有的请求,
// excludePathPatterns("/login") 不拦截登录页面
registry.addInterceptor(loginInterceptor).addPathPatterns("/**").excludePathPatterns("/login");
}
}
额,在拦截器配置的同时,顺带配置一下静态资源
在application.properties配置文件中写
#虚拟路径
web.upload-path=
spring.mvc.static-path-pattern=/**
spring.resources.static-locations=classpath:/META-INF/resources/,classpath:/resources/,classpath:/static/,file:${web.upload-path}
在addResourceHandlers中配置静态文件
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/static/**").addResourceLocations("classpath:/static/");
registry.addResourceHandler("/templates/**").addResourceLocations("classpath:/templates/");
}
如何在浏览器可以直接访问静态资源了