springMVC盗链接详解
程序员文章站
2022-06-25 10:19:59
目录springmvc配置文件登录的拦截器logininterceptor:springmvc配置文件
springmvc配置文件
<?xml version="1.0" encoding="utf-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemalocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!--自动扫描包-->
<!-- 开启ioc 注解事务支持-->
<context:component-scan base-package="cn"></context:component-scan>
<!--开启spiring mvc注解支持-->
<mvc:annotation-driven></mvc:annotation-driven>
<!--配置spring 中的视图解析器-->
<bean class="org.springframework.web.servlet.view.internalresourceviewresolver" id="resolver">
<property name="prefix" value="/"></property>
<property name="suffix" value=".jsp"></property>
</bean>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/**"/>
<bean id="logininterceptor" class="cn.hp.interceptor.logininterceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
</beans>
web.xml文件在我上一篇文章中拦截器https://blog.csdn.net/best_p1/article/details/118637785
登陆验证
package cn.hp.action;
import org.springframework.stereotype.controller;
import org.springframework.ui.model;
import org.springframework.web.bind.annotation.requestmapping;
import javax.servlet.http.httpsession;
@controller
public class useraction {
@requestmapping("/test1.do")
public string test01(){
system.out.println("正在执行test1这个业务逻辑");
return "index";
}
@requestmapping("/test2.do")
public string test02(){
system.out.println("正在执行test2这个业务逻辑");
return "index";
}
@requestmapping("/login.do")
public string login(string username, string pwd, model model,httpsession session){
if (username.equals("zs")&&pwd.equals("123")){
session.setattribute("user",username);
return "redirect:/main.do";
}else {
model.addattribute("msg","用户名和密码错误");
return "login";
}
}
@requestmapping("/main.do")
public string main(){
return "main";
}
@requestmapping("/loginout.do")
public string loginout(httpsession session){
session.invalidate();
return "login";
}
}
登录的拦截器logininterceptor:
package cn.hp.interceptor;
import org.springframework.web.servlet.handlerinterceptor;
import org.springframework.web.servlet.modelandview;
import javax.servlet.http.httpservletrequest;
import javax.servlet.http.httpservletresponse;
public class logininterceptor implements handlerinterceptor {
@override
public boolean prehandle(httpservletrequest request, httpservletresponse response, object handler) throws exception {
string path= request.getrequesturi();
if(path.indexof("login.do")>0){
return true;
}
object obj= request.getsession().getattribute("user");
if (obj!=null){
return true;
}else {
request.setattribute("msg","别想歪心思!请登录!");
request.getrequestdispatcher("login.jsp").forward(request,response);
return false;
}
}
@override
public void posthandle(httpservletrequest request, httpservletresponse response, object handler, modelandview modelandview) throws exception {
}
@override
public void aftercompletion(httpservletrequest request, httpservletresponse response, object handler, exception ex) throws exception {
}
}
jsp页面: login.jsp
<%@ page contenttype="text/html;charset=utf-8" language="java" %>
<html>
<head>
<title>title</title>
</head>
<body>
<form action="login.do" method="post">
账号:<input type="text" name="username"><br/>
密码:<input type="password" name="pwd"><br/>
<input type="submit" value="登录">
</form>
${msg}
</body>
</html>
main.jsp
<%@ page contenttype="text/html;charset=utf-8" language="java" %>
<html>
<head>
<title>title</title>
</head>
<body>
${user}
<a href="loginout.do">退出</a>
</body>
</html>
验证账号密码
进行拦截 登录才能访问
登录成功 可以访问test1.do test2.do
点击退出清除session
总结
本篇文章就到这里了,希望能给你带来帮助,也希望能够您能够关注的更多内容!
推荐阅读