如何在spring-servlet.xml内设置拦截器不对上传控制器进行验证
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了如何在spring-servlet.xml内设置拦截器不对上传控制器进行验证相关的知识,希望对你有一定的参考价值。
我估计是想想用拦截器做权限验证,login和main不需要验证吧。我的方法是,定义一个@Auth,可以加些自定义的属性,比如访问这个方法所需要的权限。@Auth加在需要验证的controller方法上。然后定义个AuthorizationInterceptor,实现HandlerInterceptor接口中的preHandle方法,该方法中有个handler参数,对于一般的请求,该参数是HandlerMethod类型,可以从中获取到controller方法上的annotation,如果有@Auth则验证权限,否则放行。你想的是拦截页面,我想的是拦截方法。因为页面也是由方法跳转过去的。 参考技术A 你好:如果配置拦截类似于*.do格式的拦截规则,则对静态资源的访问是没有问题的,但是如果配置拦截了所有的请求(如我们上面配置的“/”),就会造成js文件、css文件、图片文件等静态资源无法访问。
拦截器的主要作用是是用于权限管理,拦截不合理的URL,所以不对静态资源进行拦截
主要过滤方式有以下几种:
方案一:使用<mvc:resources/> (mapping:请求,location:映射地址,注意必须是webapp根目录下的路径。)
spring配置文件:applicationContext-mvc.xml
<mvc:resources mapping="/css/**" location="/css/"/>
<mvc:resources mapping="/images/**" location="/img/"/>
<mvc:resources mapping="/js/**" location="/js/"/>
方案二:激活 Tomcat 的 defaultServlet 来处理静态资源
web.xml
<servlet-mapping>
<servlet-name>default</servlet-name>
<url-pattern>/js/*</url-pattern>
<url-pattern>*.css</url-pattern>
<url-pattern>/images/*</url-pattern>
</servlet-mapping>
spring-servlet.xml简单示例
spring-servlet.xml简单示例
某个项目中的spring-servlet.xml 记下来以后研究用
1 <!-- springMVC简单配置 --> 2 <?xml version="1.0" encoding="UTF-8"?> 3 <beans xmlns="http://www.springframework.org/schema/beans" 4 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 5 xmlns:context="http://www.springframework.org/schema/context" 6 xmlns:mvc="http://www.springframework.org/schema/mvc" 7 xmlns:aop="http://www.springframework.org/schema/aop" 8 xmlns:dwr="http://www.directwebremoting.org/schema/spring-dwr" 9 xmlns:beans="http://www.springframework.org/schema/beans" 10 xsi:schemaLocation=" 11 http://www.springframework.org/schema/beans 12 http://www.springframework.org/schema/beans/spring-beans-3.2.xsd 13 http://www.springframework.org/schema/context 14 http://www.springframework.org/schema/context/spring-context-3.2.xsd 15 http://www.springframework.org/schema/mvc 16 http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd 17 http://www.springframework.org/schema/aop 18 http://www.springframework.org/schema/aop/spring-aop-3.2.xsd 19 http://www.directwebremoting.org/schema/spring-dwr 20 http://www.directwebremoting.org/schema/spring-dwr-3.0.xsd 21 http://www.springframework.org/schema/beans 22 http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 23 "> 24 25 <mvc:annotation-driven /> 26 <aop:aspectj-autoproxy /> 27 28 <!-- 自动扫描并注入 --> 29 <context:component-scan base-package="net.crm" ></context:component-scan> 30 31 <!-- 文件上传 --> 32 <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"> 33 <!-- 设置上传文件的最大尺寸为1MB --> 34 <property name="maxUploadSize"> 35 <value>101048576</value> 36 </property> 37 </bean> 38 39 <!-- SpringMVC在超出上传文件限制时,会抛出org.springframework.web.multipart.MaxUploadSizeExceededException --> 40 <!-- 该异常是SpringMVC在检查上传的文件信息时抛出来的,而且此时还没有进入到Controller方法中 --> 41 <bean id="exceptionResolver" 42 class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> 43 <property name="exceptionMappings"> 44 <props> 45 <!-- 遇到MaxUploadSizeExceededException异常时,自动跳转到/WEB-INF/page/500.jsp页面 --> 46 <prop 47 key="org.springframework.web.multipart.MaxUploadSizeExceededException">500</prop> 48 </props> 49 </property> 50 </bean> 51 52 <!-- 对静态资源的访问 --> 53 <mvc:resources location="/" mapping="/**/*.html"/> 54 <mvc:resources location="/font/" mapping="/font/**"/> 55 <mvc:resources location="/images/" mapping="/images/**"/> 56 <mvc:resources location="/javascripts/" mapping="/javascripts/**"/> 57 <mvc:resources location="/stylesheets/" mapping="/stylesheets/**"/> 58 59 <!-- 个人登录过滤器 --> 60 <mvc:interceptors> 61 <!-- 拦截器 --> 62 <mvc:interceptor> 63 <mvc:mapping path="/user/**"/> 64 <mvc:mapping path="/role/**"/> 65 <mvc:mapping path="/systerm/**"/> 66 <mvc:mapping path="/manage/**"/> 67 <mvc:mapping path="/customer/**"/> 68 <mvc:mapping path="/resume/**"/> 69 <bean class="net.crm.base.interceptor.UserLoginInterceptor"></bean> 70 </mvc:interceptor> 71 <mvc:interceptor> 72 <mvc:mapping path="/user/**"/> 73 <mvc:mapping path="/role/**"/> 74 <mvc:mapping path="/systerm/**"/> 75 <mvc:mapping path="/manage/**"/> 76 <mvc:mapping path="/customer/**"/> 77 <mvc:mapping path="/resume/**"/> 78 <bean class="net.crm.base.interceptor.RoleInterceptor"></bean> 79 </mvc:interceptor> 80 81 </mvc:interceptors> 82 83 <bean id="viewResolver" 84 class="org.springframework.web.servlet.view.InternalResourceViewResolver"> 85 <!-- <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" /> --> 86 <property name="prefix" value="/WEB-INF/page/" /> 87 <property name="suffix" value=".jsp" /> 88 <property name="order" value="1" /> 89 </bean> 90 91 92 <!-- 从这行往下是要添加的 --> 93 <context:annotation-config /> 94 <dwr:configuration /> 95 <dwr:annotation-config /> 96 <dwr:url-mapping /> 97 <dwr:controller id="dwrController" debug="true"> 98 <dwr:config-param name="allowScriptTagRemoting" 99 value="true" /> 100 <dwr:config-param name="crossDomainSessionSecurity" 101 value="false" /> 102 </dwr:controller> 103 <beans:bean 104 class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping"> 105 <beans:property name="order" value="1" /> 106 </beans:bean> 107 <beans:bean 108 class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping"> 109 <beans:property name="order" value="2" /> 110 </beans:bean> 111 <!--添加结束--> 112 113 114 </beans>
第二个
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd"> <!-- 拦截器 --> <mvc:interceptors> <mvc:interceptor> <!-- 拦截类型 --> <mvc:mapping path="/**" /> <!-- 排除拦截的内容 --> <mvc:exclude-mapping path="/login" /> <mvc:exclude-mapping path="/register" /> <mvc:exclude-mapping path="/verifycode" /> <mvc:exclude-mapping path="/js/**" /> <mvc:exclude-mapping path="/css/**" /> <mvc:exclude-mapping path="/layer/**" /> <mvc:exclude-mapping path="/style/**" /> <bean class="com.jieyou.login_register.AuthorityInterceptor.AuthorityInterceptor" /> </mvc:interceptor> </mvc:interceptors> <!-- 默认首页 --> <mvc:view-controller path="/" view-name="redirect:/login" /> <!-- 用于支持Servlet、JSP视图解析 --> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <!-- 表示JSP模板页面需要使用JSTL标签库,classpath中必须包含jstl的相关jar包 --> <property name="viewClass" value="org.springframework.web.servlet.view.JstlView" /> <!-- 查找视图页面的前缀和后缀 --> <property name="prefix" value="/WEB-INF/view/" /> <property name="suffix" value=".jsp" /> </bean> <!-- 对静态资源文件的访问 --> <mvc:resources location="/css/" mapping="/css/**" cache-period="31556926" /> <mvc:resources location="/js/" mapping="/js/**" cache-period="31556926" /> <mvc:resources location="/style/" mapping="/style/**" cache-period="31556926" /> <mvc:default-servlet-handler /> </beans>
以上是关于如何在spring-servlet.xml内设置拦截器不对上传控制器进行验证的主要内容,如果未能解决你的问题,请参考以下文章
Spring Framework中applicationContext.xml和spring-servlet.xml的区别
Spring Framework中applicationContext.xml和spring-servlet.xml的区别