spring mvc定義登入攔截器(不登入不讓訪問相關資源),為什麼要放權/login.do(就是不攔截/login.do)?
spring.xml攔截器配置如下:
<mvc:interceptor>
<mvc:mapping path="/**" /><mvc:exclude-mapping path="/login.do" />
<bean class="org.bjlx.base.login.AuthInterceptor"></bean>
</mvc:interceptor>
攔截器類配置如下:
public class AuthInterceptor implements HandlerInterceptor {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) throws Exception {
Object sessionObj = request.getSession().getAttribute("USERDETAIL");
if(sessionObj!=null) {
return true;
}
response.sendRedirect("login.do");
return false;
}
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object obj, ModelAndView mav) throws Exception { }
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object obj, Exception e) throws Exception { }
}
如果對login.do進行放權的話,輸入任何一個地址如:http://127.0.0.1:8080/test,就會一直在AuthInterceptor中挑不出來。
因為如果不放權/login.do,執行過程是這樣的:
1輸入http://127.0.0.1:8080/test
2被攔截器攔截,執行AuthInterceptor 程式碼,response.sendRedirect("login.do"); 即執行http://127.0.0.1:8080/login.do,而login.do又被攔截器攔截,再次執行AuthInterceptor 程式碼程式碼,如此迴圈往復!