编写自己的拦截器
1、编写一个SecurityInterceptor拦截器
import org.assertj.core.annotations.Nullable;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class SecurityInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println(">>>>>> SecurityInterceptor.preHandle");
return true;
}
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
@Nullable ModelAndView modelAndView) throws Exception {
System.out.println(">>>>>> SecurityInterceptor.postHandle");
}
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex)
throws Exception {
System.out.println(">>>>>> SecurityInterceptor.afterCompletion");
}
}
1、编写一个RoleAuthorizationInterceptor拦截器
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.assertj.core.annotations.Nullable;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class RoleAuthorizationInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
System.out.println(">>>>>> RoleAuthorizationInterceptor.preHandle");
return true;
}
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
System.out.println(">>>>>> RoleAuthorizationInterceptor.postHandle");
}
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
System.out.println(">>>>>> RoleAuthorizationInterceptor.afterCompletion");
}
}
注册拦截器
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
@Configuration
public class WebSecurityConfig extends WebMvcConfigurationSupport {
@Bean
public SecurityInterceptor getSecurityInterceptor() {
return new SecurityInterceptor();
}
@Bean
public RoleAuthorizationInterceptor getRoleAuthorizationInterceptor() {
return new RoleAuthorizationInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor());
// 排除配置
addInterceptor.excludePathPatterns("/"+ HttpStatus.FORBIDDEN.value());
addInterceptor.excludePathPatterns("/toLogin");
addInterceptor.excludePathPatterns("/login**");
addInterceptor.excludePathPatterns("/register**");
// 拦截配置
addInterceptor.addPathPatterns("/**");
InterceptorRegistration roleInter = registry.addInterceptor(getRoleAuthorizationInterceptor());
// 拦截配置
roleInter.addPathPatterns("/**");
}
}