springMVC盗链接详解 springMVC盗链接详解

springMVC配置文件

登陆验证
登录的拦截器LoginInterceptor：
jsp页面： login.jsp
main.jsp
验证账号密码
进行拦截登录才能访问
点击退出清除session

总结

springMVC配置文件

web.xml文件在我上一篇文章中拦截器https://blog.csdn.net/best_p1/article/details/118637785

登陆验证

package cn.hp.action; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import javax.servlet.http.HttpSession; @Controllerpublic class UserAction {@RequestMapping("/test1.do")publicString test01(){System.out.println("正在执行test1这个业务逻辑"); return "index"; }@RequestMapping("/test2.do")publicString test02(){System.out.println("正在执行test2这个业务逻辑"); return "index"; }@RequestMapping("/login.do")publicString login(String userName, String pwd, Model model,HttpSession session){if (userName.equals("zs")&&pwd.equals("123")){session.setAttribute("user",userName); return "redirect:/main.do"; }else {model.addAttribute("msg","用户名和密码错误"); return "login"; }}@RequestMapping("/main.do")public String main(){return "main"; }@RequestMapping("/loginOut.do")public String loginOut(HttpSession session){session.invalidate(); return "login"; }}

登录的拦截器LoginInterceptor：

package cn.hp.interceptor; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class LoginInterceptor implements HandlerInterceptor {@Overridepublic boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {String path= request.getRequestURI(); if(path.indexOf("login.do")>0){return true; }Object obj= request.getSession().getAttribute("user"); if (obj!=null){returntrue; }else {request.setAttribute("msg","别想歪心思！请登录！"); request.getRequestDispatcher("login.jsp").forward(request,response); return false; }}@Overridepublic void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {}@Overridepublic void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {}}

jsp页面： login.jsp