SSM之登陆拦截与退出

一 : 配置文件中设置拦截

<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:tx="http://www.springframework.org/schema/tx" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd"> <!-- 指定扫描创建bean --> <context:component-scan base-package="com.zhiyou100"/> <!-- 注册注解的处理器适配器和处理器映射器 --> <mvc:annotation-driven/> <!-- 配置视图解析器 --> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="prefix" value="/"/> <property name="suffix" value=".jsp"/> </bean> <!-- 配置多部件表单的解析器 --> <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"> <!--上传文件的最大大小，单位为字节 --> <property name="maxUploadSize" value="17367648787"/> <!-- 上传文件的编码 --> <property name="defaultEncoding" value="UTF-8"/> </bean> <!-- 配置拦截器 --> <mvc:interceptors> <mvc:interceptor> <mvc:mapping path="/**"/> <bean class="com.zhiyou100.inteceptor.Lanjie" /> </mvc:interceptor> </mvc:interceptors> </beans>

二 : 设置拦截类

@Component public class Lanjie extends HandlerInterceptorAdapter { @Override public boolean preHandle(HttpServletRequest req, HttpServletResponse resp, Object o) throws Exception { if (req.getRequestURL().indexOf("/login.action")!=-1&& req.getMethod().toUpperCase().equals("POST")){ return true; } Worker worker=(Worker) req.getSession().getAttribute("user"); System.out.println(worker); if (worker!=null&&worker.getWid() != null){ return true; } req.setAttribute("login_message", "请先登录在进行操作!"); //获取请求的servlet路径 System.out.println(req.getRequestURL()); resp.sendRedirect(req.getContextPath()+"/login.jsp"); return false; } }

三 : 登录

@Controller public class LoginController { @Autowired private WorkerLoginService service; /** * 获取HttpSession对象,由spring注入 */ @Autowired HttpSession session; @RequestMapping(value = "/login.action", produces = "text/json;charset=utf-8") public String getOneByWnameAndWpwd(String wname, String wpwd, HttpServletRequest req) throws Exception { if (wname == null || wname.equals("")) { session.setAttribute("login_message", "用户名不能为空!"); return "redirect:/login.jsp"; } else if (wpwd == null || wpwd.equals("")) { session.setAttribute("login_message", "密码不能为空!"); return "redirect:/login.jsp"; } Worker worker = service.getOneByWname(wname); System.out.println(wname); System.out.println("pwd=" + worker.getWpwd()); //判断是否登录成功 if (Md5Util.verify(wpwd, Tool.KEY, worker.getWpwd())) { session.setAttribute("user", worker); return "redirect:/admin.jsp"; } //登录加密,直接刷新 if (!worker.getWpwd().equals(wpwd)) { session.setAttribute("login_message", "密码错误!"); return "redirect:/login.jsp"; } String md5Pwd = Md5Util.md5(worker.getWpwd(), Tool.KEY); worker.setWpwd(md5Pwd); service.changePwd(worker); System.out.println("xxxxx" + worker.getWpwd()); session.setAttribute("user", worker); session.setAttribute("login_message", "登录成功!"); return "redirect:/admin.jsp"; } //退出登录:清空session域 @RequestMapping("/exit.action") public String exit(HttpServletRequest req) { req.getSession().invalidate(); return "redirect:/login.action"; } }

退出之后,想要禁止回退的话,请参考我的另外一篇博客 禁止回退的解决方法

---

如果出现回退之后陷入登录页面的死循环的话,可以参考以下这篇博客 回退登陆死循环的解决方法