通过filter来将记住一个月之内的自动登录,通过interceptor来将不在范围之内的请求都让其跳转到指定的页面比如登陆页面
myFilter:
web.xml:
<filter>
<filter-name>myFilter</filter-name>
<filter-class>com.chenghan.yun.mp.filter.SysFilter</filter-class>
</filter>
<!-- 只拦截.do请求 -->
<filter-mapping>
<filter-name>myFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
class:
public class SysFilter implements Filter {
private IMpBasInfoService mpBasInfoService;
private IBasDao basDao;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//To change body of implemented methods use File | Settings | File Templates.
ServletContext context = filterConfig.getServletContext();
ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
mpBasInfoService = (IMpBasInfoService) ctx.getBean("mpBasInfoService");
basDao =(IBasDao)ctx.getBean("basDao");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//To change body of implemented methods use File | Settings | File Templates.
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpSession session = request.getSession(true);
String account = "";
String sessionId = ""; // 此sessionid是上次用户登录时保存于用户端的识别码,用于用户后续访问的自动登录。不是本次访问的session id。
Cookie[] cookies;
CookieManager cm = new CookieManager(); // CookieManager是一个自定义的类,用于从Cookie数组中查找并返回指定名称的Cookie值。
boolean isAutoLogin;
// 如果session中没有user对象,则创建一个。
CrmMicroBusinessCardVO crmMicroBusinessCardVO = (CrmMicroBusinessCardVO) session.getAttribute("crmMicroBusinessCardVO");
// 如果user对象的username为"",表示用户未登录。则执行自动登录过程。
// 否则不自动登录。
if (crmMicroBusinessCardVO == null) {
crmMicroBusinessCardVO = new CrmMicroBusinessCardVO();
// 检查用户浏览器是否发送了上次登录的用户名和sessionid,
// 如果是,则为用户自动登陆。
cookies = request.getCookies();
if(cookies!=null&&cookies.length>0){
account = cm.getCookieValue(cookies, "autoLoginUser");
sessionId = cm.getCookieValue(cookies, "sessionId");
account = "".equals(account)?null:account;
sessionId = "".equals(sessionId)?null:sessionId;
Map<String,Object> map = new HashMap<String,Object>();
map.put("account", account);
map.put("sessionId",sessionId);
boolean isExist = basDao.isExist(MpAccountSessionId.class,map);
if (isExist) {
MpBasInfo userVO = new MpBasInfo();
userVO = basDao.queryOne(MpBasInfo.class,"account",account);
if(userVO!=null){
CrmMicroBusinessCardVO crmMicroBusinessCardVO1 = new CrmMicroBusinessCardVO();
UtilBean.copyBeanAllSimpleProperties(crmMicroBusinessCardVO1,userVO,false);
session.setAttribute("crmMicroBusinessCardVO", crmMicroBusinessCardVO1); // 将user bean添加到session中。
}
}
}
}
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
//To change body of implemented methods use File | Settings | File Templates.
}
}
public class CookieManager {
public static String getCookieValue(Cookie cookies[],String cookieName){
String cookieValue = "";
for(int i=0;i<cookies.length;i++){
Cookie cookie = cookies[i];
if(cookie.getName().equals(cookieName)){
cookieValue = cookie.getValue().toString();
break;
}
}
return cookieValue;
}
}
interceptor:springMVC的
public class SimpleAcInterceptor implements HandlerInterceptor {
public String[] allowUrls;//还没发现可以直接配置不拦截的资源,所以在代码里面来排除
public void setAllowUrls(String[] allowUrls) {
this.allowUrls = allowUrls;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String contextPath=request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+contextPath+"/";
String requestUrl = request.getRequestURI().replace(contextPath, "");
if(allowUrls == null){
//设置模块allowUril
allowUrls = new String[]{"/login.html"};
}
if(null != allowUrls && allowUrls.length>=1){
for(String url : allowUrls) {
if(requestUrl.contains(url)) {
return true;
}
}
}
CrmMicroBusinessCardVO crmMicroBusinessCardVO = (CrmMicroBusinessCardVO) request.getSession().getAttribute("crmMicroBusinessCardVO");
if(crmMicroBusinessCardVO == null){
if (!(request.getHeader("accept").indexOf("application/json") > -1 ||
(request.getHeader("X-Requested-With")!= null &&
request.getHeader("X-Requested-With").indexOf("XMLHttpRequest") > -1))) {
//非JSON请求
response.sendRedirect(basePath + "login.html");
}else{
PrintWriter fs=response.getWriter();
Map<String,String> map = new HashMap<String,String>();
map.put("status","errors");
map.put("message","系统超时,请重新登录。");
response.setContentType("application/json");
fs.write(JsonUtils.getJsonString(map));
fs.flush();
fs.close();
}
return false;
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
//To change body of implemented methods use File | Settings | File Templates.
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
//To change body of implemented methods use File | Settings | File Templates.
}
}
springMVC的配置文件
<mvc:interceptors>
<!-- session超时 -->
<mvc:interceptor>
<mvc:mapping path="/*"/>
<bean class="com.chenghan.yun.mp.filter.SimpleAcInterceptor">
<property name="allowUrls">
<list>
<!-- 如果请求中包含以下路径,则不进行拦截 -->
<value>/login.html</value>
<value>/crm_micro_business_card_loginOut.html</value>
<value>/mp_ajax_vcf.html</value>
<value>/crm_micro_business_card_resetPassword_index_card.do</value>
<value>/crm_micro_business_card_resetPassword_card.do</value>
<value>/crm_micro_business_card_validate_index_card.do</value>
<value>/crm_micro_business_card_validate_card.do</value>
<value>/crm_micro_business_card_login_card.do</value>
<value>/crm_micro_business_card_registor_index_card.do</value>
<value>/crm_micro_business_card_validate_registor_card.do</value>
<value>/crm_micro_business_card_password_registor_card.do</value>
<value>/crm_micro_business_card_registor_setPassword_card.do</value>
<value>/business_card_businessCardFinishRegistor_index.do</value>
<value>/business_card_businessCardFinsishRegistor.json</value>
<value>/crm_micro_business_card_businessCard_index_card.do</value>
<value>/mp_ajax_vcf_index.html</value>
<value>/mp_ajax_vcf.html</value>
<value>/mp_save_relation.json</value>
<value>/crm_micro_business_card_detail.json</value>
</list>
</property>
</bean>
</mvc:interceptor>
</mvc:interceptors>