springmvc 攔截器

項目目錄結構：

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
	<display-name></display-name>
	<welcome-file-list>
		<welcome-file>index.jsp</welcome-file>
	</welcome-file-list>
	<servlet>
		<servlet-name>web</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<init-param>
			<param-name>contextConfigLocation</param-name>
			<param-value>classpath:/SpringMVC123.xml</param-value>
		</init-param>
		<load-on-startup>0</load-on-startup>
	</servlet>
	<servlet-mapping>
		<servlet-name>web</servlet-name>
		<url-pattern>/</url-pattern>
	</servlet-mapping>
</web-app>

SpringMVC123.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
	xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:task="http://www.springframework.org/schema/task"
	xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd
	    http://www.springframework.org/schema/tx
       http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd
		 http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-4.0.xsd">

	<!-- 打開註解驅動開關 -->
	<context:annotation-config />

	<context:component-scan base-package="com.zhxjz.controller" />

	<!-- 配置文件 -->
	<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
		<property name="locations">
			<array>
				<value>classpath:/configs.properties</value>
			</array>
		</property>
	</bean>

	<!-- jsp渲染 -->
	<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
		<property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
		<property name="prefix" value="/WEB-INF/jsp/" />
		<property name="suffix" value=".jsp" />
	</bean>

	<!-- mvc攔截器 -->
	<mvc:interceptors>
		<mvc:interceptor>
			<mvc:mapping path="/**" />
			<bean class="com.zhxjz.common.PermissionInterceptor" />
		</mvc:interceptor>
	</mvc:interceptors>

	<!-- mvc 註解 -->
	<mvc:annotation-driven />

	<!-- 靜態資源 -->
	<mvc:resources mapping="/js/**" location="/js/" />
	<mvc:resources mapping="/css/**" location="/css/" />
	<mvc:resources mapping="/font/**" location="/font/" />
	<mvc:resources mapping="/images/**" location="/images/" />
	<mvc:resources mapping="/installPackage/**" location="/installPackage/" />
	<mvc:resources mapping="/conf/**" location="/conf/" />
	
</beans>

configs.properties

## C3P0 configuration
jdbc.driverClassName=oracle.jdbc.driver.OracleDriver
jdbc.url=jdbc:oracle:thin:@210.10.5.189:1521:orcl
jdbc.username=mapframe
jdbc.password=mapframe
#show sql
showSql=true
#the type of db
dbType=oracle


#administrator
administrator.username=66d4aaa5ea177ac32c69946de3731ec0
administrator.password=91d4b760bf3bf963b775955e12d0a3c2
key=test

default.pwd=5a2e54ee57e5b7273b9a8fed78c1ebd8

login.interceptor.exclude=/login/toLogin.do,/login/login.do,/buss/execute.do,/css/**,/images/**,/js/**,/font/**,/installPackage/getNewest.do,/installPackage/**/*.apk,/conf/**,/config/getFileModifyTime.do,/info/upload.do
permission.interceptor.exclude=/login/toLogin.do,/login/login.do,/login/logout.do,/buss/execute.do,/css/**,/images/**,/js/**,/font/**,/menu/listChildrenMenu.do,/installPackage/getNewest.do,/installPackage/**/*.apk,/conf/**,,/config/getFileModifyTime.do,/info/upload.do


install.package.upload.dir=installPackage

PermissionInterceptor.java

package com.zhxjz.common;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.zhxjz.framework.util.common.PathUtil;

/**
 * 權限攔截器
 * 
 * @author yxyu
 */
public class PermissionInterceptor implements HandlerInterceptor {

	@Value("${permission.interceptor.exclude}")
	private String excludeUrl;

	private List<String> excludeUrls = new ArrayList<String>();

	@PostConstruct
	private void init() {
		String[] urls = excludeUrl.split(",");
		for (String url : urls) {
			excludeUrls.add(url);
		}
	}

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
		
		HttpSession session = request.getSession();
		String requestUri = request.getRequestURI();
		String contextPath = request.getContextPath();
		requestUri = requestUri.substring(contextPath.length());
		
		for (String excludeUrl : excludeUrls) {
			if (PathUtil.match(requestUri, excludeUrl)) {
				return true;
			}
		}
		
		if ((Boolean) session.getAttribute("sessAdmin")) {
			return true;
		}
		
		session.setAttribute("sessAdmin", true);
		
		throw new RuntimeException("攔截成功");
	}

	@Override
	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
	}

	@Override
	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
	}

}

LoginController.java

package com.zhxjz.controller;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;

/**
 * 登錄控制器
 * 
 * @author caozj
 * 
 */
@Controller
@RequestMapping("/login")
public class LoginController {

	@Value("${administrator.username}")
	private String adminUserName;

	@Value("${administrator.password}")
	private String adminPassword;

	@Value("${key}")
	private String key;

	/**
	 * 登錄
	 * 
	 * @param userName
	 * @param password
	 * @param model
	 * @param request
	 * @return
	 */
	@RequestMapping("/login.do")
	public String login(String userName, String password, ModelMap model,
			HttpServletRequest request) {
		return "index";
	}

}

PathUtil.java

package com.zhxjz.framework.util.common;

import org.springframework.util.AntPathMatcher;

/**
 * url路徑工具類
 * 
 * @author caozj
 * 
 */
public class PathUtil {

	private static AntPathMatcher match = new AntPathMatcher();

	/**
	 * 判斷目標url和ant的url路徑是否匹配
	 * 
	 * @param targetUrl
	 *            目標url
	 * @param antPath
	 *            ant路徑
	 * @return
	 */
	public static boolean match(String targetUrl, String antPath) {
		return match.match(antPath, targetUrl);
	}

	public static void main(String[] args) {
		System.out.println(PathUtil.match("/a/b.do", "/a/**"));
		System.out.println(PathUtil.match("/a/b.do", "/a/*.do"));
		System.out.println(PathUtil.match("/a/b.do", "/b/*.do"));
		System.out.println(PathUtil.match("/a/b.do", "/b/**"));
		System.out.println(PathUtil.match("/a/b.do", "/a/c.do"));
		System.out.println(PathUtil.match("/a/b.do", "/a/b.do"));
	}

}