springboot配置拦截器不能放行静态资源

Posted 请叫我靓仔

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了springboot配置拦截器不能放行静态资源相关的知识,希望对你有一定的参考价值。

新建一个拦截器类,实现 org.springframework.web.servlet.HandlerInterceptor 接口,重写preHandle、postHandle、afterCompletion方法分别是处理前、处理中、处理后。

public class RequestInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        System.out.println("目标方法执行前!");
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
        System.out.println("目标方法执行时!");
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
        System.out.println("目标方法执行后!");
    }
}

在配置类中添加该拦截器,如下:

方式一:根据后缀放行,这样要是文件类型很多的话是不是就很麻烦呢

@Configuration
public class WebConfig implements WebMvcConfigurer {
    
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //注册TestInterceptor拦截器
        InterceptorRegistration registration = registry.addInterceptor(new RequestInterceptor());
        registration.addPathPatterns("/**");                      //所有路径都被拦截
        registration.excludePathPatterns(                         //添加不拦截路径            
                                         "/**/*.html",            
                                         "/**/*.js",              //js静态资源
                                         "/**/*.css",             //css静态资源
                                         "/**/*.woff",
                                         "/**/*.ttf"
                                         );    
    }
}

 

方式二:有个问题就是:静态资源是默认static下的,请求路径中没有static,所以放行不成功
@Configuration
public class WebConfig implements WebMvcConfigurer {
    
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
       
    registry.addInterceptor(new     RequestInterceptor()).addPathPatterns("/**").excludePathPatterns("/toLogin","/login","/logout","/static/**");
}

方式三:就是直接配置拦截所有,然后在拦截器中对url筛选,只要是请求的静态资源就直接返回true,但是感觉做了一些无用功

@Configuration
public class WebConfig implements WebMvcConfigurer {
    
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
      registration.addInterceptor(new RequestInterceptor()).addPathPatterns("/**");
  }
}

 //拦截器中

 @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        boolean check = false;
        StringBuffer url = request.getRequestURL();
       if(isStatic(url)){
           check = true;
       }else{
           Object auth = request.getSession().getAttribute("auth");
           if(auth == null){
               String scheme = request.getScheme();
               String serverName = request.getServerName();
               int port = request.getServerPort();
               String context = request.getContextPath();
               String path = scheme+"://"+serverName+":"+port+context+"/";
               String str = "<script language=‘javascript‘>alert(‘登录状态过期,请重新登陆!‘);"
                       +"if (window != top){top.location.href = ‘"+ path +"login‘;}location.href=‘"+path+"login‘"
                       +"</script>";
               response.setContentType("text/html;charset=UTF-8");// 解决中文乱码
               try {
                   PrintWriter writer = response.getWriter();
                   writer.write(str);
                   writer.flush();
                   writer.close();
               } catch (Exception e) {e.printStackTrace();}
           }else{
               check = true;
           }
       }
       return  check;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
  
    public boolean isStatic(StringBuffer url) {
        boolean result = false;
        String[] arr = { //定义一个需要放行的数组
                "/login",
                "/css",
                "/images",//图片
                "/js" //js脚本
        };
        for (String a : arr) {
            if (url.indexOf(a) != -1) {
                result = true;
            }
        }
        return result;
    }

 

//excludePathPatterns放行是? 请求路径中包含你所配置的就ok,还是你请求的是这个目录下的资源就可以呢?

 

以上是关于springboot配置拦截器不能放行静态资源的主要内容,如果未能解决你的问题,请参考以下文章

springboot 静态资源放行安全吗?

spring boot整合security 4,怎么设置忽略的静态资源?

关于Spring boot2.0+配置拦截器拦截静态资源的问题

spring boot修改静态资源能不能不用重启

Spring boot 静态资源无法加载

Spring boot 静态资源无法加载