springMVC盗链接

Posted 池鱼i_

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了springMVC盗链接相关的知识,希望对你有一定的参考价值。

 springMVC配置文件

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:mvc="http://www.springframework.org/schema/mvc"
       xsi:schemaLocation="
       http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/context
       http://www.springframework.org/schema/context/spring-context.xsd
       http://www.springframework.org/schema/mvc
       http://www.springframework.org/schema/mvc/spring-mvc.xsd">

    <!--自动扫描包-->
    <!-- 开启ioc   注解事务支持-->
    <context:component-scan base-package="cn"></context:component-scan>

    <!--开启spiring mvc注解支持-->
    <mvc:annotation-driven></mvc:annotation-driven>
    <!--配置spring 中的视图解析器-->
    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" id="resolver">
        <property name="prefix" value="/"></property>
        <property name="suffix" value=".jsp"></property>
    </bean>


    <mvc:interceptors>


        
        <mvc:interceptor>
            <mvc:mapping path="/**"/>
            <bean id="loginInterceptor" class="cn.hp.interceptor.LoginInterceptor"></bean>
        </mvc:interceptor>
    </mvc:interceptors>


</beans>

web.xml文件在我上一篇文章中拦截器https://blog.csdn.net/best_p1/article/details/118637785

登陆验证

package cn.hp.action;

import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.servlet.http.HttpSession;

@Controller
public class UserAction 
    @RequestMapping("/test1.do")
    public  String test01()
        System.out.println("正在执行test1这个业务逻辑");
        return "index";
    
    @RequestMapping("/test2.do")
    public  String test02()
        System.out.println("正在执行test2这个业务逻辑");
        return "index";
    
    @RequestMapping("/login.do")
    public  String login(String userName, String pwd, Model model,HttpSession session)
      if (userName.equals("zs")&&pwd.equals("123"))
          session.setAttribute("user",userName);
          return "redirect:/main.do";
      else 
          model.addAttribute("msg","用户名和密码错误");
          return "login";
      
    
    @RequestMapping("/main.do")
    public String main()
        return "main";
    
    @RequestMapping("/loginOut.do")
    public String loginOut(HttpSession session)
        session.invalidate();
        return "login";
    

登录的拦截器LoginInterceptor:

package cn.hp.interceptor;

import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class LoginInterceptor implements HandlerInterceptor 
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception 
     String path= request.getRequestURI();
     if(path.indexOf("login.do")>0)
         return true;
     
    Object obj= request.getSession().getAttribute("user");
     if (obj!=null)

         return  true;
     else 
          request.setAttribute("msg","别想歪心思!请登录!");
          request.getRequestDispatcher("login.jsp").forward(request,response);
         return false;
     



    

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception 

    

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception 

    

jsp页面:

login.jsp


<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
<form action="login.do" method="post">
    账号:<input type="text" name="userName"><br/>
    密码:<input type="password" name="pwd"><br/>
    <input type="submit" value="登录">
</form>
$msg
</body>
</html>

main.jsp


<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Title</title>
</head>
<body>
$user
<a href="loginOut.do">退出</a>
</body>
</html>

验证账号密码

 

进行拦截  登录才能访问

 

登录成功  可以访问test1.do   test2.do   

点击退出清除session

 

以上是关于springMVC盗链接的主要内容,如果未能解决你的问题,请参考以下文章

SpringMVC拦截器盗链接

SpringMVC拦截器盗链接

SpringMVC拦截器盗链接

怪盗基德的滑翔翼

盗链是什么?如何防止盗链?

图片盗链的攻与防