springmvc+shiro自定義過濾器
阿新 • • 發佈:2018-12-18
實現需求:
1.使用者未登入,跳轉到登入頁,登入完成後會跳到初始訪問頁。
2.使用者自定義處理(如需要啟用),跳轉到啟用頁面,啟用完成後會跳到初始訪問頁。
使用到的框架
springmvc 的攔截器
shiro 自定義過濾器
實現:
1.編寫攔截器通過session儲存初始訪問的頁面地址,便於後面回跳這個頁面做準備。
import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; /** * 使用者登入以後跳轉回之前頁面的攔截器 攔截物件: 除登入,註冊之外的所有跳轉頁面的請求 因為使用者隨時可能進行登入操作 * * @version 1.0.0 * @date 2018 -10-19 */ public class ForwardBeforeUrlInteceptor implements HandlerInterceptor { private Logger logger = LoggerFactory.getLogger(this.getClass()); @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception { } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { // 過濾掉ajax請求 if (request.getHeader("x-requested-with") != null && request.getHeader("x-requested-with").equalsIgnoreCase("XMLHttpRequest")) { return true; } // 獲取當前會話 HttpSession session = request.getSession(true); // 拿到上一個頁面地址 String uri = request.getRequestURI(); // 去掉專案地址長度的字元(因為我的預設專案地址是給出的) String path = uri.substring(request.getContextPath().length()); // 得到引數 String query = request.getQueryString(); if (query == null) { query = ""; } else { query = "?" + query; } String beforePath = path + query; session.setAttribute("beforePath", beforePath); session.setAttribute("method", request.getMethod()); logger.debug("beforePath :{}, method:{}", beforePath, request.getMethod()); return true; } }
2.在spring的xml配置檔案中配置攔截器,例如application.xml
<mvc:interceptors> <!-- 使用bean定義一個Interceptor,直接定義在mvc:interceptors根下面的Interceptor將攔截所有的請求 --> <!-- 配置用於跳回登入之前的頁面的攔截器--> <mvc:interceptor> <!-- 進行攔截:/**表示攔截所有url及其子路徑 --> <mvc:mapping path="/**" /> <!-- ajax請求的action不進行攔截 --> <mvc:exclude-mapping path="/*.ajax" /> <mvc:exclude-mapping path="/resources/**" /> <mvc:exclude-mapping path="/activation" /> <bean class="com.xxx.xxx.xxx.interceptor.ForwardBeforeUrlInteceptor" /> </mvc:interceptor> </mvc:interceptors>
注意:<mvc:exclude-mapping path="/activation" /> 此處是介面可以直接進入啟用頁面,此處是排除攔截啟用頁面,防止頁面出現不停的回跳到自己頁面。
3.自定義過濾器。
import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * 課程攔截器,當會員過期或未啟用時自動跳轉到啟用頁面 * * @version 1.0.0 * @date 2018 -10-19 */ public class MemberFilter extends com.bwjf.framework.shiro.filter.UserFilter { @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { HttpServletResponse httpServletResponse = (HttpServletResponse) response; HttpServletRequest httpServletRequest = (HttpServletRequest) request; if (httpServletRequest.getRequestURI().indexOf("activation") > 0) { return true; } MyShiroUser myShiroUser = MyUserUtil.getCurrentShiroUser(); if (!CheckEmptyUtil.isEmpty(myShiroUser) && CheckEmptyUtil.isEmpty(myShiroUser.getActiveDate())) { try { // 瀏覽器跳轉到啟用頁面 httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/activation"); } catch (IOException e) { e.printStackTrace(); } } return true; } }
4.shiro.xml配置自定義過濾器
5.controller啟用處理後跳轉到初始頁面
