spring-content.xml
<!-- 配置用于session验证的拦截器 -->
<!--
如果有多个拦截器满足拦截处理的要求,则依据配置的先后顺序来执行
-->
<mvc:interceptors>
<mvc:interceptor>
<!-- 拦截所有的请求,这个必须写在前面,也就是写在【不拦截】的上面 -->
<mvc:mapping path="/**" />
<!-- 但是排除下面这些,也就是不拦截请求 -->
<mvc:exclude-mapping path="/login.html" />
<mvc:exclude-mapping path="/account/login.do" />
<mvc:exclude-mapping path="/account/regist.do" />
<bean class="com.msym.cloudnote.interceptors.SessionInterceptor" />
</mvc:interceptor>
<!--可有多个mvc:interceptor-->
</mvc:interceptors>
package com.msym.cloudnote.interceptors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
/**
* 判断是否登录的拦截器
*/
public class SessionInterceptor implements HandlerInterceptor {
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception {
}
@Override
public boolean preHandle(HttpServletRequest req, HttpServletResponse res, Object handel) throws Exception {
HttpSession session = req.getSession();
// 从session当中获取特定的数据
Object obj = session.getAttribute("userInfo");
if (obj == null) {
// 未登录,重定向到登录页面
res.sendRedirect(req.getContextPath()+"/login.html");
return false;
}
// 已登录,继续向后调用
return true;
}
}
注:3个方法的调用顺序请查看 https://www.cnblogs.com/wdw31210/p/10535843.html