如何在spring-servlet.xml内设置拦截器不对上传控制器进行验证

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了如何在spring-servlet.xml内设置拦截器不对上传控制器进行验证相关的知识,希望对你有一定的参考价值。

我估计是想想用拦截器做权限验证,login和main不需要验证吧。我的方法是,定义一个@Auth,可以加些自定义的属性,比如访问这个方法所需要的权限。@Auth加在需要验证的controller方法上。然后定义个AuthorizationInterceptor,实现HandlerInterceptor接口中的preHandle方法,该方法中有个handler参数,对于一般的请求,该参数是HandlerMethod类型,可以从中获取到controller方法上的annotation,如果有@Auth则验证权限,否则放行。你想的是拦截页面,我想的是拦截方法。因为页面也是由方法跳转过去的。 参考技术A 你好:
如果配置拦截类似于*.do格式的拦截规则,则对静态资源的访问是没有问题的,但是如果配置拦截了所有的请求(如我们上面配置的“/”),就会造成js文件、css文件、图片文件等静态资源无法访问。
拦截器的主要作用是是用于权限管理,拦截不合理的URL,所以不对静态资源进行拦截
主要过滤方式有以下几种:
方案一:使用<mvc:resources/> (mapping:请求,location:映射地址,注意必须是webapp根目录下的路径。)  
spring配置文件:applicationContext-mvc.xml
<mvc:resources mapping="/css/**" location="/css/"/>
<mvc:resources mapping="/images/**" location="/img/"/>
<mvc:resources mapping="/js/**" location="/js/"/>
方案二:激活 Tomcat 的 defaultServlet 来处理静态资源

web.xml
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/js/*</url-pattern>
<url-pattern>*.css</url-pattern>
<url-pattern>/images/*</url-pattern>
</servlet-mapping>

spring-servlet.xml简单示例

spring-servlet.xml简单示例

某个项目中的spring-servlet.xml 记下来以后研究用

  1 <!-- springMVC简单配置 -->
  2 <?xml version="1.0" encoding="UTF-8"?>
  3 <beans xmlns="http://www.springframework.org/schema/beans"
  4     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  5     xmlns:context="http://www.springframework.org/schema/context"
  6     xmlns:mvc="http://www.springframework.org/schema/mvc"
  7     xmlns:aop="http://www.springframework.org/schema/aop"
  8     xmlns:dwr="http://www.directwebremoting.org/schema/spring-dwr"
  9     xmlns:beans="http://www.springframework.org/schema/beans"
 10     xsi:schemaLocation="
 11       http://www.springframework.org/schema/beans
 12       http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
 13       http://www.springframework.org/schema/context
 14       http://www.springframework.org/schema/context/spring-context-3.2.xsd
 15       http://www.springframework.org/schema/mvc
 16       http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd
 17       http://www.springframework.org/schema/aop
 18       http://www.springframework.org/schema/aop/spring-aop-3.2.xsd
 19       http://www.directwebremoting.org/schema/spring-dwr 
 20       http://www.directwebremoting.org/schema/spring-dwr-3.0.xsd
 21        http://www.springframework.org/schema/beans 
 22        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
 23       ">
 24     
 25     <mvc:annotation-driven />
 26     <aop:aspectj-autoproxy /> 
 27     
 28     <!-- 自动扫描并注入 -->
 29     <context:component-scan base-package="net.crm" ></context:component-scan>
 30 
 31     <!-- 文件上传 -->
 32     <bean id="multipartResolver"   class="org.springframework.web.multipart.commons.CommonsMultipartResolver">  
 33         <!-- 设置上传文件的最大尺寸为1MB -->  
 34     <property name="maxUploadSize">  
 35         <value>101048576</value>  
 36     </property>  
 37 </bean>  
 38 
 39 <!-- SpringMVC在超出上传文件限制时,会抛出org.springframework.web.multipart.MaxUploadSizeExceededException -->  
 40     <!-- 该异常是SpringMVC在检查上传的文件信息时抛出来的,而且此时还没有进入到Controller方法中 -->  
 41     <bean id="exceptionResolver"  
 42         class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">  
 43         <property name="exceptionMappings">  
 44             <props>  
 45                 <!-- 遇到MaxUploadSizeExceededException异常时,自动跳转到/WEB-INF/page/500.jsp页面 -->  
 46                 <prop  
 47                     key="org.springframework.web.multipart.MaxUploadSizeExceededException">500</prop>  
 48             </props>  
 49         </property>  
 50     </bean>
 51     
 52     <!-- 对静态资源的访问 -->
 53     <mvc:resources location="/" mapping="/**/*.html"/>
 54     <mvc:resources location="/font/" mapping="/font/**"/>
 55     <mvc:resources location="/images/" mapping="/images/**"/>
 56     <mvc:resources location="/javascripts/" mapping="/javascripts/**"/>
 57     <mvc:resources location="/stylesheets/" mapping="/stylesheets/**"/>
 58     
 59 <!-- 个人登录过滤器    -->
 60     <mvc:interceptors>
 61          <!-- 拦截器 -->
 62          <mvc:interceptor>
 63               <mvc:mapping path="/user/**"/> 
 64                <mvc:mapping path="/role/**"/>
 65                <mvc:mapping path="/systerm/**"/> 
 66               <mvc:mapping path="/manage/**"/>  
 67                <mvc:mapping path="/customer/**"/>   
 68                 <mvc:mapping path="/resume/**"/>    
 69                 <bean class="net.crm.base.interceptor.UserLoginInterceptor"></bean>
 70         </mvc:interceptor> 
 71          <mvc:interceptor>
 72               <mvc:mapping path="/user/**"/>
 73               <mvc:mapping path="/role/**"/>
 74                <mvc:mapping path="/systerm/**"/>    
 75               <mvc:mapping path="/manage/**"/>  
 76                <mvc:mapping path="/customer/**"/>   
 77                 <mvc:mapping path="/resume/**"/>    
 78                 <bean class="net.crm.base.interceptor.RoleInterceptor"></bean>
 79         </mvc:interceptor> 
 80         
 81     </mvc:interceptors>
 82 
 83     <bean id="viewResolver"
 84         class="org.springframework.web.servlet.view.InternalResourceViewResolver">
 85         <!-- <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" /> -->
 86         <property name="prefix" value="/WEB-INF/page/" />
 87         <property name="suffix" value=".jsp" />
 88         <property name="order" value="1" />
 89     </bean>
 90     
 91     
 92   <!-- 从这行往下是要添加的 -->
 93     <context:annotation-config />
 94     <dwr:configuration />
 95     <dwr:annotation-config />
 96     <dwr:url-mapping />
 97     <dwr:controller id="dwrController" debug="true">
 98         <dwr:config-param name="allowScriptTagRemoting"
 99             value="true" />
100         <dwr:config-param name="crossDomainSessionSecurity"
101             value="false" />
102     </dwr:controller>
103     <beans:bean
104         class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
105         <beans:property name="order" value="1" />
106     </beans:bean>
107     <beans:bean
108         class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping">
109         <beans:property name="order" value="2" />
110     </beans:bean>
111     <!--添加结束-->
112     
113     
114 </beans>

 

第二个

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:mvc="http://www.springframework.org/schema/mvc"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="
        http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/tx   
        http://www.springframework.org/schema/tx/spring-tx.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/mvc
        http://www.springframework.org/schema/mvc/spring-mvc.xsd">

    <!-- 拦截器 -->
    <mvc:interceptors>
        <mvc:interceptor>
            <!-- 拦截类型 -->
            <mvc:mapping path="/**" />
            <!-- 排除拦截的内容 -->
            <mvc:exclude-mapping path="/login" />
            <mvc:exclude-mapping path="/register" />
            <mvc:exclude-mapping path="/verifycode" />
            <mvc:exclude-mapping path="/js/**" />
            <mvc:exclude-mapping path="/css/**" />
            <mvc:exclude-mapping path="/layer/**" />
            <mvc:exclude-mapping path="/style/**" />
            <bean
                class="com.jieyou.login_register.AuthorityInterceptor.AuthorityInterceptor" />
        </mvc:interceptor>
    </mvc:interceptors>



    <!-- 默认首页 -->
    <mvc:view-controller path="/" view-name="redirect:/login" />

    <!-- 用于支持Servlet、JSP视图解析 -->
    <bean
        class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <!-- 表示JSP模板页面需要使用JSTL标签库,classpath中必须包含jstl的相关jar包 -->
        <property name="viewClass"
            value="org.springframework.web.servlet.view.JstlView" />
        <!-- 查找视图页面的前缀和后缀 -->
        <property name="prefix" value="/WEB-INF/view/" />
        <property name="suffix" value=".jsp" />
    </bean>




    <!-- 对静态资源文件的访问 -->
    <mvc:resources location="/css/" mapping="/css/**"
        cache-period="31556926" />
   <mvc:resources location="/js/" mapping="/js/**"
        cache-period="31556926" />
    <mvc:resources location="/style/" mapping="/style/**"
        cache-period="31556926" />

    <mvc:default-servlet-handler />

</beans>

 

以上是关于如何在spring-servlet.xml内设置拦截器不对上传控制器进行验证的主要内容,如果未能解决你的问题,请参考以下文章

Spring Framework中applicationContext.xml和spring-servlet.xml的区别

Spring Framework中applicationContext.xml和spring-servlet.xml的区别

web.xml 中spring-servlet.xml 和 application.xml 配置位置及含义

spring-servlet.xml简单示例

spring-servlet.xml

applicationcontext.xml和spring-servlet.xml怎么配置