[Java教程]spring mvc 实现网站登录与非登录的控制在我们的网站平台上,主要有两类页面,一类是非登录也能查看的页面,另一类是登录后才能查看的页面 通过使用 spring拦截器来实现,当用户没有登录时访问需要登录的页面时自动实现跳转至登录页 1、添加接口用于拦截器与控制器交互数据(包括上下文与登录账号信息)   View Code IWebContext/*** 用于实现上下文连接 用于在过滤器中实现注入Request与Response * @author Administrator * */ public interface IWebContext { /** * 设置请求与应答上下文 * @param request 请求 * @param response 应答 * @param userType 用户类型 * @param loginUrl 登录页面的URL */ public void setWebContext(HttpServletRequest request, HttpServletResponse response, UserTypeEnum userType, String loginUrl); /** * 获取登录账号 * @return 返回当前的登录账号,如果没有登录则返回空 */ public LoginAccount getLoginAccount(); } 2、所有的Controller都继承自BaseController View Code BaseController@Controllerpublic class BaseController implements IWebContext { private static final Logger log = Logger.getLogger(BaseController.class); /*********************获取Request与Response*******************/ /** * 请求上下文 */ private HttpServletRequest request; /** * 应答上下文 */ private HttpServletResponse response; /** * 校验当前登录用户的用户类型 */ private UserTypeEnum userType; /** * 登录的页面 当访问需要登录的页面时,自动转到该页面 */ private String loginUrl; /** * 设置请求与应答的上下文 */ @Override public void setWebContext(HttpServletRequest request, HttpServletResponse response, UserTypeEnum userType, String loginUrl){ this.request = request; this.response = response; this.userType = userType; this.loginUrl = loginUrl; //重置当前访问的数据 this.loginAccount = null; this.remoteIp = null; } /** * 当前的请求对象 * @return */ protected HttpServletRequest getRequest(){ //((ServletRequestAttributes)RequestContextHolder.currentRequestAttributes()).getRequest(); return this.request; } /** * 获取当前的应答对象 * @return */ protected HttpServletResponse getResponse(){ return this.response; } /*********************获取Request与Response*******************/ /*********************用户登录相关*******************/ /** * 当前登录的账号 */ private LoginAccount loginAccount = null; /** * 该对象在调用isLogged方法后才有效 * @return */ @Override public LoginAccount getLoginAccount(){ if (this.loginAccount == null){ this.loginAccount = new LoginAccount(); if (!this.getCookieObject(LoginAccount.USERCOOKINAME, this.loginAccount)){ this.loginAccount = null; return null; } if (!UserLoginBLL.verifyToken(this.loginAccount, this.userType)){//校验令牌 this.loginAccount = null; return null; } } return this.loginAccount; } /** * 判断用户是否已经登录 * @return */ protected boolean isLogged(){ return this.getLoginAccount() != null; } /** * 跳转到登录页面 * @return */ protected ModelAndView toLoginView(){ return new ModelAndView(new RedirectView(this.loginUrl), "tourl", this.getRequest().getRequestURI()); } /*********************用户登录相关*******************/ /*********************获取访问IP*******************/ /** * 获取远程访问IP */ private String remoteIp = null; /** * 获取远程访问IP * @return */ protected String getRemoteIp(){ HttpServletRequest request = this.getRequest(); if (this.remoteIp==null || this.remoteIp.length()==0) { this.remoteIp = request.getHeader("x-forwarded-for"); if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getHeader("X-Real-IP"); } if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getHeader("Proxy-Client-IP"); } if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getHeader("WL-Proxy-Client-IP"); } if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getHeader("HTTP_CLIENT_IP"); } if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getHeader("HTTP_X_FORWARDED_FOR"); } if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getRemoteAddr(); } if (this.remoteIp == null || this.remoteIp.isEmpty() || "unknown".equalsIgnoreCase(this.remoteIp)) { this.remoteIp= request.getRemoteHost(); } } return remoteIp; } /*********************获取访问IP*******************/ /*********************获取访问参数*******************/ /** * 获取所有参数 * @return */ protected Map<String,String[]> getParams(){ HttpServletRequest request = this.getRequest(); return request.getParameterMap(); } /** * 获取指定的配置 * @param name * @return */ protected String getParam(String name){ return getParam(name, ""); } /** * 根据参数名称获取参数值,如果没有找到则以默认值返回 * @param name * @param defaultValue * @return */ protected String getParam(String name, String defaultValue){ HttpServletRequest request = this.getRequest(); String strValue = request.getParameter(name); return strValue == null ? defaultValue : strValue; } /** * 获取整形的参数值 * @param name * @param defaultValue * @return */ protected int getIntParam(String name){ return getParam(name, 0); } /** * 获取整形的参数值 * @param name * @param defaultValue * @return */ protected int getParam(String name, Integer defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Integer.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取长整形的参数值 * @param name * @param defaultValue * @return */ protected long getLongParam(String name){ return getParam(name, 0L); } /** * 获取长整形的参数值 * @param name * @param defaultValue * @return */ protected long getParam(String name, Long defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Long.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取单精度的参数值 * @param name * @param defaultValue * @return */ protected float getFloatParam(String name){ return getParam(name, 0F); } /** * 获取单精度的参数值 * @param name * @param defaultValue * @return */ protected float getParam(String name, Float defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Float.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取双精度的参数值 * @param name * @param defaultValue * @return */ protected double getDoubleParam(String name){ return getParam(name, 0D); } /** * 获取双精度的参数值 * @param name * @param defaultValue * @return */ protected double getParam(String name, Double defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Double.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取字节的参数值 * @param name * @param defaultValue * @return */ protected byte getByteParam(String name){ return getParam(name, (byte)0); } /** * 获取字节的参数值 * @param name * @param defaultValue * @return */ protected byte getParam(String name, Byte defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Byte.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取字节的参数值 * @param name * @param defaultValue * @return */ protected short getShortParam(String name){ return getParam(name, (short)0); } /** * 获取字节的参数值 * @param name * @param defaultValue * @return */ protected short getParam(String name, Short defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Short.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取布尔的参数值 * @param name * @param defaultValue * @return */ protected boolean getBooleanParam(String name){ return getParam(name, false); } /** * 获取布尔的参数值 * @param name * @param defaultValue * @return */ protected boolean getParam(String name, Boolean defaultValue){ String strValue = getParam(name, defaultValue.toString()); try{ return Boolean.valueOf(strValue); } catch(Exception e){ return defaultValue; } } /** * 获取日期的参数值 * @param name * @param defaultValue * @return */ protected Date getDateParam(String name){ return getParam(name, new Date()); } /** * 获取日期的参数值 * @param name * @param defaultValue * @return */ protected Date getParam(String name, Date defaultValue){ String strValue = getParam(name); if (strValue == null || strValue.length() == 0) return defaultValue; try{ return DateUtil.getDateFromString(strValue); } catch(Exception e){ return defaultValue; } } /*********************获取访问参数*******************/ /*******************操作Cookie********************/ /** * 获取指定键的Cookie * @param cookieName * @return 如果找到Cookie则返回 否则返回null */ protected Cookie getCookie(String cookieName){ if (StringUtil.isNullOrWhiteSpace(cookieName) || this.getRequest().getCookies() == null) return null; for(Cookie cookie : this.getRequest().getCookies()){ if (cookieName.equals(cookie.getName())) return cookie; } return null; } /** * 获取指定键的Cookie值 * @param cookieName * @return 如果找到Cookie则返回 否则返回null */ protected String getCookieValue(String cookieName){ Cookie cookie = this.getCookie(cookieName); return cookie == null ? null : cookie.getValue(); } /** * 删除指定的Cookie * @param cookieName */ protected void removeCookie(String cookieName){ HttpServletResponse response = this.getResponse(); Cookie cookie = new Cookie(cookieName, null); cookie.setMaxAge(0); response.addCookie(cookie); } /** * 保存一个对象到Cookie里 Cookie只在会话内有效 * @param cookieName * @param inst */ protected void setCookie(String cookieName, Object inst){ this.setCookie(cookieName, "/", inst); } /** * 保存一个对象到Cookie Cookie只在会话内有效 * @param cookieName * @param path * @param inst */ protected void setCookie(String cookieName, String path, Object inst){ if (StringUtil.isNullOrWhiteSpace(cookieName) || inst == null) return; String strCookieString = this.object2CookieString(inst); this.setCookie(cookieName, path, strCookieString); } /** * 保存一个对象到Cookie * @param cookieName * @param inst * @param expiry (秒)设置Cookie的有效时长, 负数不保存,0删除该Cookie */ protected void setCookie(String cookieName, Object inst, int expiry){ this.setCookie(cookieName, "/", inst, expiry); } /** * 保存一个对象到Cookie * @param cookieName * @param path * @param inst * @param expiry (秒)设置Cookie的有效时长, 负数不保存,0删除该Cookie */ protected void setCookie(String cookieName, String path, Object inst, int expiry){ if (StringUtil.isNullOrWhiteSpace(cookieName) || inst == null || expiry < 0) return; String strCookieString = this.object2CookieString(inst); this.setCookie(cookieName, path, strCookieString, expiry); } /** * 保存一个对象到Cookie里 Cookie只在会话内有效 * @param cookieName * @param cookieValue */ protected void setCookie(String cookieName, String cookieValue){ this.setCookie(cookieName, "/", cookieValue); } /** * 保存一个对象到Cookie Cookie只在会话内有效 * @param cookieName * @param path * @param cookieValue */ protected void setCookie(String cookieName, String path, String cookieValue){ HttpServletResponse response = this.getResponse(); if (StringUtil.isNullOrWhiteSpace(cookieName) || cookieValue == null) return; Cookie cookie = new Cookie(cookieName, cookieValue); if (!StringUtil.isNullOrWhiteSpace(path)){ cookie.setPath(path); } response.addCookie(cookie); } /** * 保存一个对象到Cookie * @param cookieName * @param cookieValue * @param expiry (秒)设置Cookie的有效时长, 负数不保存,0删除该Cookie */ protected void setCookie(String cookieName, String cookieValue, int expiry){ this.setCookie(cookieName, "/", cookieValue, expiry); } /** * 保存一个对象到Cookie * @param cookieName * @param path * @param cookieValue * @param expiry (秒)设置Cookie的有效时长, 负数不保存,0删除该Cookie */ protected void setCookie(String cookieName, String path, String cookieValue, int expiry){ if (StringUtil.isNullOrWhiteSpace(cookieName) || cookieValue == null || expiry < 0) return; HttpServletResponse response = this.getResponse(); if (StringUtil.isNullOrWhiteSpace(cookieName) || cookieValue == null) return; Cookie cookie = new Cookie(cookieName, cookieValue); if (!StringUtil.isNullOrWhiteSpace(path)){ cookie.setPath(path); } cookie.setMaxAge(expiry); response.addCookie(cookie); } /** * 把对象转换为Cookie存贮字串 * @param inst * @return */ private String object2CookieString(Object inst){ if (inst == null) return ""; StringBuilder strCookieValue = new StringBuilder(); for(java.lang.reflect.Field field : inst.getClass().getDeclaredFields()){ try{ if (java.lang.reflect.Modifier.isStatic(field.getModifiers()) || java.lang.reflect.Modifier.isFinal(field.getModifiers())){ continue; } if (!this.isSimpleProperty(field.getType())) continue;//不是元数据 field.setAccessible(true);// 提升权限 Object objValue = field.get(inst); String strValue; if (field.getType().equals(Date.class)){ strValue = DateUtil.getLongStrFromDate((Date)objValue); }else{ strValue = objValue == null ? "" : objValue.toString(); } if (strCookieValue.length() > 0){ strCookieValue.append(String.format("&%s=%s", field.getName(), URLEncoder.encode(strValue,"UTF-8"))); } else{ strCookieValue.append(String.format("%s=%s", field.getName(), URLEncoder.encode(strValue,"UTF-8"))); } } catch(Exception e){ log.fatal("object2CookieString faild", e); continue; } } return strCookieValue.toString(); } /** * 从Cookie中获对对象 * @param cookieName * @param inst * @return 如果获取转换成功,则返回true, 否则返回false */ protected boolean getCookieObject(String cookieName, Object inst){ if (inst == null){ return false; } String cookieValue = this.getCookieValue(cookieName); if (cookieValue == null){ return false; } for(java.lang.reflect.Field field : inst.getClass().getDeclaredFields()){ try{ if (java.lang.reflect.Modifier.isStatic(field.getModifiers()) || java.lang.reflect.Modifier.isFinal(field.getModifiers())){ continue; } if (!this.isSimpleProperty(field.getType())) continue;//不是元数据 field.setAccessible(true);// 提升权限 Pattern pattern = Pattern.compile(String.format("(^|&)%s=([^(&|$)]+)", field.getName())); Matcher matcher = pattern.matcher(cookieValue); String strValue = ""; if (matcher.find()){ strValue = matcher.group(2); strValue = URLDecoder.decode(strValue, "UTF-8"); } field.set(inst, ConvertUtil.convertSimpleValue(field.getType(), strValue)); } catch(Exception e){ log.fatal("getCookieObject faild", e); return false; } } return true; } /** * 是否是简单的数据类型 * @param type * @return */ private boolean isSimpleProperty(Class<?> propType){ if (!propType.isPrimitive() && !propType.isEnum() && (!propType.equals(String.class) && !propType.equals(Date.class))) { return false; } return true; } /*******************操作Cookie********************/ } 3、编写拦截器 View Code LoggedInterceptor/*** 已经登录拦截器 * @author Administrator * */ public class LoggedInterceptor extends HandlerInterceptorAdapter { /** * 登录页面的URL */ private UserTypeEnum userType = UserTypeEnum.Personal; /** * 登录的页面URL 当未登录访问已登录的页面时,自动跳转到该页面 * @param loginUrl */ public void setUserType(UserTypeEnum userType){ this.userType = userType; } /** * 登录页面的URL */ private String loginUrl; /** * 登录的页面URL 当未登录访问已登录的页面时,自动跳转到该页面 * @param loginUrl */ public void setLoginUrl(String loginUrl){ this.loginUrl = loginUrl; } /** * 利用正则映射到需要拦截的路径 */ private String[] regexUrls; /** * 利用正则映射到需要拦截的路径 * @param mappingURL */ public void setRegexUrls(String[] regexUrls) { this.regexUrls = regexUrls; } /** * 在Controller方法前进行拦截 */ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { //如果handler controller实现了接口,则设置上下文 LoginAccount loginAccount = null; if (handler != null && handler instanceof IWebContext){ ((IWebContext)handler).setWebContext(request, response, userType, this.loginUrl); loginAccount = ((IWebContext)handler).getLoginAccount(); } String strUrl = request.getRequestURI(); if (loginAccount == null && !StringUtil.isNullOrEmpty(strUrl) && regexUrls != null && regexUrls.length >0){ for(String regex : regexUrls){ if (StringUtil.isNullOrEmpty(regex)){ continue; } if (strUrl.matches(regex)){ //当前页面需要登录 String strToUrl = "/login.htm?tourl=" + URLEncoder.encode(strUrl, "utf-8"); if ("GET".equalsIgnoreCase(request.getMethod())){ response.sendRedirect(strToUrl);//转到登录页 }else{ //Json返回数据 JsonResponse jsonResponse = new JsonResponse(); jsonResponse.setFaildMsg(JsonResponse.Nologin, "请登录后操作", strToUrl); Gson gson = null; PrintWriter printWriter = null; try{ gson = new Gson(); String strJson = gson.toJson(jsonResponse); response.setContentType("application/json"); printWriter = response.getWriter(); printWriter.print(strJson); printWriter.flush(); } finally{ if (printWriter != null){ printWriter.close(); } gson = null; } } return false; } } } return true; } /** * This implementation is empty. */ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { if (handler != null && handler instanceof IWebContext && modelAndView != null && "GET".equalsIgnoreCase(request.getMethod())){ //当get的时候,系统自动封闭loginAccount到modelAndView里 modelAndView.addObject("loginAccount", ((IWebContext)handler).getLoginAccount()); } } /** * 在Controller方法后进行拦截 */ public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } } 4、修改配置文件 View Code SpringMvc-servelet.<!-- 以下正则符合的页面必须登录后才能访问 --><bean id="loggedInterceptor" > <!-- 用户类型 注入 --> <property name="userType"> <bean factory-method="fromValue"> <constructor-arg> <value>1</value> </constructor-arg> </bean> </property> <!-- 登录页面 --> <property name="loginUrl" value="login.htm"/> <!-- 必须登录后才能访问的页面 --> <property name="regexUrls"> <list> <value>/rentlist.*</value> <value>/rentdetail.*</value> <value>/getrentpagelist.*</value> <value>/cancelrentrecord.*</value> </list> </property> </bean> <bean > <property name="interceptors"> <list> <ref bean="loggedInterceptor"/> </list> </property> </bean> <!-- Json支持 --> <bean id="jacksonMessageConverter" /> <bean > <property name="messageConverters"> <list> <ref bean="jacksonMessageConverter"/> </list> </property> </bean>
标签:
|
|
|
来自: feimishiwo > 《spring》
