【问题标题】:How to prioritize interceptors in Spring web mvc如何在 Spring web mvc 中对拦截器进行优先级排序
【发布时间】:2014-03-27 10:17:06
【问题描述】:

我的应用程序中有三个拦截器,我只想确定它们的优先级,实际上我想通过查询参数从另一个应用程序自动登录我的应用程序。

如果用户没有有效会话,此拦截器正在验证用户会话,然后它将用户重定向到登录页面并且它工作正常。

public class ValidateSessionInterceptor extends HandlerInterceptorAdapter {

    private Logger log = Logger.getLogger(getClass());

    @Value("${http.port}")
    private int httpPort;

    @Value("${https.port}")
    private int httpsPort;

    @Value("${use.ssl}")
    private boolean useSsl;

    //before the actual handler will be executed
    public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {    
        HttpSession session = request.getSession();     

        if(session.getAttribute("user")==null){         
            String forwardTo = (String) request.getAttribute("org.springframework.web.servlet.HandlerMapping.pathWithinHandlerMapping");
            String params = "";

            if(request.getQueryString()!=null){
                params = "?" + request.getQueryString();
            }

            String url = getApplicationUrl(request,useSsl)+forwardTo+params;
            log.info("redirect url: " + request.getContextPath()+"/login/index.mars?forwardTo="+URLEncoder.encode(url, "UTF-8"));
            response.sendRedirect(request.getContextPath()+"/login/index.mars?forwardTo="+URLEncoder.encode(url, "UTF-8"));
            return false;           
        }else{
            Map<String,String> owners = new LinkedHashMap<String,String>();
            owners.put("NA", "NA");
            owners.put("AK", "AK");
            request.setAttribute("ownerList", owners);
        }

        return true;
    }

    private String getApplicationUrl(HttpServletRequest request,boolean useSsl){
        if(useSsl){
            return "https://"+request.getServerName()+":"+httpsPort+request.getContextPath();
        }else{
            return "http://"+request.getServerName()+":"+httpPort+request.getContextPath();
        }
    }
}

这被另一个应用程序调用,并将 autoUsr 和 autoPwd 参数传递给自动登录的应用程序。

public class AutoLoginInterceptor extends HandlerInterceptorAdapter{
    private final Logger log = Logger.getLogger(getClass());

    @Autowired
    public UserService userService;

    @Autowired
    public WebService webService;


    public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws IOException, UserException {
        HttpSession session = request.getSession();

        if(session.getAttribute("user")==null){
            String forwardTo = request.getParameter("forwardTo");
            if(forwardTo!=null && !forwardTo.equals("")){               
                User user = checkLoginCrendential(forwardTo);
                log.info("user-> " + user);
                this.webService.buildWebService(request);
                if(userService.login(request, user)){
                    session.setAttribute("user", user);
                    return true;
                }   
            }       
        }

        return true;
    }

    public User checkLoginCrendential(String url){      
        String decURL;

        User user = new User();
        try 
        {
            decURL = URLDecoder.decode(url,"utf-8");
            String params[] = (decURL.split("\\?")[1]).split("&");
            String loginParams[] = {"autoUsr","autoPwd"};


            for(String lgnParam : loginParams){
                for(int i = 0 ; i < params.length ; i++){
                    String param[] = params[i].split("=");
                    if(lgnParam.equals(param[0])){
                        if(param.length > 1){                           
                            if(lgnParam.equals("autoUsr")){
                                user.setUsername(param[1]);
                            }else if(lgnParam.equals("autoPwd")){
                                user.setPassword(param[1]);
                            }
                        }else{
                            if(lgnParam.equals("autoUsr")){
                                user.setUsername("");
                            }else if(lgnParam.equals("autoPwd")){
                                user.setPassword("");
                            }
                        }

                    }
                }
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }       

        return user;
    }
}

【问题讨论】:

  • 请提供更多信息,哪些拦截器?弹簧安全?
  • 不,我没有使用 spring security
  • 好的。显示您的配置快照以了解拦截器周围的情况
  • 不幸的是,你不能优先考虑拦截器。你最好实现一个Filter 或添加一个DelegatingFilterProxy 到你的ServletContext,它代表一个上下文管理的bean。
  • 其实你可以,你可以指定顺序。基本上HandlerInterceptors 是按照它们定义的顺序执行的。

标签: spring model-view-controller web


【解决方案1】:

您可以在 XXX-servlet.xml 中使用标签来订购拦截器。例如:

<mvc:interceptors>
  <mvc:interceptor>
    <mvc:mapping path="/**" />
    <bean class="ValidateSessionInterceptor" />
  </mvc:interceptor>
  <mvc:interceptor>
    <mvc:mapping path="/**" />
    <bean class="AutoLoginInterceptor" />
  </mvc:interceptor>
</mvc:interceptors>

拦截器将按顺序调用

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2015-04-17
    • 2018-02-10
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多