Spring+Session+interceptor+ajax(攔截器)的登陸和退出
阿新 • • 發佈:2017-11-13
register servle output http con cal 異常 header get
方法一使用servlet自帶的HttpSession
註意點: HttpSession應該作為方法的參數
//登入
public boolean customerLogin(HttpSession httpSession) { httpSession.setAttribute( "customer" , customer); }
// 退出 public String customerOut(HttpSession httpSession) { httpSession.removeAttribute( "customer" );return "login" ; }
方法二:使用spring的@SessionAttributes("logincustomer")
//登入
@Controller @SessionAttributes("logincustomer") public class CustomerController { public JSONObject customerLogin(@RequestBody JSONObject json, ModelMap model,HttpServletResponse response) { model.addAttribute("logincustomer", logincustomer); } }
//退出 @RequestMapping(value = "customerout") public String customerOut(SessionStatus sessionStatus) { sessionStatus.setComplete();// 只對@SessionAttributes("customer")有用,對HttpSession沒用 // 使用sessionStatus.setComplete();會將所有的session全部清掉, return "login"; }
攔截器(interceptor)
註意:攔截器跟ajax結合用的話使用這條語句response.sendRedirect(request. getContextPath()+"/login.jsp");實現不了調轉,要把結果傳給前端,再在前端上實現跳轉
因此要判斷請求是否是ajax請求
package com.dessert.interceptor; import java.io.OutputStream; import java.io.PrintStream; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; public class CommonInterceptor extends HandlerInterceptorAdapter { /* * 在攔截器中中有三個方法: * preHandler:在進入Handler方法之前執行了,使用於身份認證,身份授權,登陸校驗等,比如身份認證,用戶沒有登陸,攔截不再向下執行, * 返回值為false,即可實現攔截;否則,返回true時,攔截不進行執行; postHandler * :進入Handler方法之後,返回ModelAndView之前執行,使用場景從ModelAndView參數出發,比如,將公用的模型數據在這裏傳入到視圖, * 也可以統一指定顯示的視圖等; afterHandler : 在執行Handler完成後執行此方法,使用於統一的異常處理,統一的日誌處理等; */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { HttpSession session = request.getSession(); if (session.getAttribute("logincustomer") != null) { // System.out.println(session.getAttribute("costomer")); return true; } // 如果是ajax請求,請求頭會有x-requested-with String requestWith = request.getHeader("x-requested-with"); if (requestWith != null && requestWith.equalsIgnoreCase("XMLHttpRequest")){ if(session.getAttribute("customer") == null) { return false; } else if (session.getAttribute("logincustomer") != null) { return true; } } else { response.sendRedirect(request. getContextPath()+"/login.jsp"); } return false; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } }
springmvc中對攔截器的配置
<mvc:interceptors> <mvc:interceptor> <!-- 匹配的是url路徑, 如果不配置或/**,將攔截所有的Controller --> <mvc:mapping path="/**" /> <!-- <mvc:exclude-mapping path="/index.jsp" /> --> <mvc:exclude-mapping path="/*login" /> <mvc:exclude-mapping path="/forgotpwd" /> <mvc:exclude-mapping path="/customerregister" /> <mvc:exclude-mapping path="/vaildtel" /> <mvc:exclude-mapping path="/css/**" /> <mvc:exclude-mapping path="/js/**" /> <mvc:exclude-mapping path="/myutil/**" /> <mvc:exclude-mapping path="/images/**" /> <!-- <mvc:exclude-mapping path="/*.html" /> --> <bean class="com.dessert.interceptor.CommonInterceptor"> </bean> </mvc:interceptor> <!-- 當設置多個攔截器時,先按順序調用preHandle方法,然後逆序調用每個攔截器的postHandle和afterCompletion方法 --> </mvc:interceptors>
Spring+Session+interceptor+ajax(攔截器)的登陸和退出