前言

spring拦截器能帮我们实现验证是否登陆、验签校验请求是否合法、预先设置数据等功能,那么该如何设置拦截器以及它的原理如何呢,下面将进行简单的介绍

1.设置

HandlerInterceptor接口 
public interface HandlerInterceptor {

	/**

	 * Intercept the execution of a handler. Called after HandlerMapping determined

	 * an appropriate handler object, but before HandlerAdapter invokes the handler.

	 * <p>DispatcherServlet processes a handler in an execution chain, consisting

	 * of any number of interceptors, with the handler itself at the end.

	 * With this method, each interceptor can decide to abort the execution chain,

	 * typically sending a HTTP error or writing a custom response.

	 * <p><strong>Note:</strong> special considerations apply for asynchronous

	 * request processing. For more details see

	 * {@link org.springframework.web.servlet.AsyncHandlerInterceptor}.

	 * <p>The default implementation returns {@code true}.

	 * @param request current HTTP request

	 * @param response current HTTP response

	 * @param handler chosen handler to execute, for type and/or instance evaluation

	 * @return {@code true} if the execution chain should proceed with the

	 * next interceptor or the handler itself. Else, DispatcherServlet assumes

	 * that this interceptor has already dealt with the response itself.

	 * @throws Exception in case of errors

	 */

	default boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)

			throws Exception {

		return true;

	}

	/**

	 * Intercept the execution of a handler. Called after HandlerAdapter actually

	 * invoked the handler, but before the DispatcherServlet renders the view.

	 * Can expose additional model objects to the view via the given ModelAndView.

	 * <p>DispatcherServlet processes a handler in an execution chain, consisting

	 * of any number of interceptors, with the handler itself at the end.

	 * With this method, each interceptor can post-process an execution,

	 * getting applied in inverse order of the execution chain.

	 * <p><strong>Note:</strong> special considerations apply for asynchronous

	 * request processing. For more details see

	 * {@link org.springframework.web.servlet.AsyncHandlerInterceptor}.

	 * <p>The default implementation is empty.

	 * @param request current HTTP request

	 * @param response current HTTP response

	 * @param handler handler (or {@link HandlerMethod}) that started asynchronous

	 * execution, for type and/or instance examination

	 * @param modelAndView the {@code ModelAndView} that the handler returned

	 * (can also be {@code null})

	 * @throws Exception in case of errors

	 */

	default void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,

			@Nullable ModelAndView modelAndView) throws Exception {

	}

	/**

	 * Callback after completion of request processing, that is, after rendering

	 * the view. Will be called on any outcome of handler execution, thus allows

	 * for proper resource cleanup.

	 * <p>Note: Will only be called if this interceptor's {@code preHandle}

	 * method has successfully completed and returned {@code true}!

	 * <p>As with the {@code postHandle} method, the method will be invoked on each

	 * interceptor in the chain in reverse order, so the first interceptor will be

	 * the last to be invoked.

	 * <p><strong>Note:</strong> special considerations apply for asynchronous

	 * request processing. For more details see

	 * {@link org.springframework.web.servlet.AsyncHandlerInterceptor}.

	 * <p>The default implementation is empty.

	 * @param request current HTTP request

	 * @param response current HTTP response

	 * @param handler handler (or {@link HandlerMethod}) that started asynchronous

	 * execution, for type and/or instance examination

	 * @param ex exception thrown on handler execution, if any

	 * @throws Exception in case of errors

	 */

	default void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,

			@Nullable Exception ex) throws Exception {

	}

}

自定义拦截器需要实现HandlerInteceptor接口,该接口有三个方法:

preHandle:主要在映射适配器执行handler之前调用,若返回为true则继续往下执行handler,若返回为false则直接返回不继续处理请求

postHandle:主要在适配器执行handler之后调用

afterCompletion:在postHandle后调用可清理一些数据,若preHandle返回false那么会调用完此方法后再返回

@Component

public class CustomInterceptor implements HandlerInterceptor {

  @Override

  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)

      throws Exception {

    System.out.println("-------------拦截请求:" + request.getRequestURI() + "-------------");

    // 可以根据request设置请求头、或从请求头提取信息等等...

    return true;

  }

  @Override

  public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,

      @Nullable ModelAndView modelAndView) throws Exception {

    System.out.println("postHandle ....");

  }

  @Override

  public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,

      @Nullable Exception ex) throws Exception {

    System.out.println("afterCompletion ....");

  }

}

接着创建配置类,实现WebMvcConfigurer接口,重写addInterceptors方法将自定义拦截器添加,并且加上@EnableWebMvc注解 (springboot项目会自动配置)

@Configuration

@EnableWebMvc

public class MyMvcConfigurer implements WebMvcConfigurer {

  @Resource

  private CustomInterceptor customInterceptor;

  @Override

  public void addInterceptors(InterceptorRegistry registry) {

    registry.addInterceptor(customInterceptor)

        .addPathPatterns("/**");

  }

}

配置完之后启动项目访问某个url路径,从控制台可以看到拦截器确实生效了

2.原理

首先是@EnableWebMvc注解,spring会解析并导入DelegatingWebMvcConfiguration这个bean,继承关系如下,主要逻辑都写在父类WebMvcConfigurationSupport中

@Retention(RetentionPolicy.RUNTIME)

@Target(ElementType.TYPE)

@Documented

@Import(DelegatingWebMvcConfiguration.class)

public @interface EnableWebMvc {

}

WebMvcConfigurationSupport中会创建一个映射处理器RequestMappingHandlerMapping

@Bean

public RequestMappingHandlerMapping requestMappingHandlerMapping() {

	RequestMappingHandlerMapping mapping = createRequestMappingHandlerMapping();

	mapping.setOrder(0);

	// 设置拦截器到mapping

	mapping.setInterceptors(getInterceptors());

	// 设置内容协商管理器

	mapping.setContentNegotiationManager(mvcContentNegotiationManager());

	// 跨域配置

	mapping.setCorsConfigurations(getCorsConfigurations());

	// 路径匹配设置

	PathMatchConfigurer configurer = getPathMatchConfigurer();

	Boolean useSuffixPatternMatch = configurer.isUseSuffixPatternMatch();

	if (useSuffixPatternMatch != null) {

		mapping.setUseSuffixPatternMatch(useSuffixPatternMatch);

	}

	Boolean useRegisteredSuffixPatternMatch = configurer.isUseRegisteredSuffixPatternMatch();

	if (useRegisteredSuffixPatternMatch != null) {

		mapping.setUseRegisteredSuffixPatternMatch(useRegisteredSuffixPatternMatch);

	}

	Boolean useTrailingSlashMatch = configurer.isUseTrailingSlashMatch();

	if (useTrailingSlashMatch != null) {

		mapping.setUseTrailingSlashMatch(useTrailingSlashMatch);

	}

	UrlPathHelper pathHelper = configurer.getUrlPathHelper();

	if (pathHelper != null) {

		mapping.setUrlPathHelper(pathHelper);

	}

	PathMatcher pathMatcher = configurer.getPathMatcher();

	if (pathMatcher != null) {

		mapping.setPathMatcher(pathMatcher);

	}

	return mapping;

}

#获取拦截器

protected final Object[] getInterceptors() {

	if (this.interceptors == null) {

		InterceptorRegistry registry = new InterceptorRegistry();

		// 调用DelegatingWebMvcConfiguration.addInterceptors 添加自定义的拦截器

		addInterceptors(registry);

		registry.addInterceptor(new ConversionServiceExposingInterceptor(mvcConversionService()));

		registry.addInterceptor(new ResourceUrlProviderExposingInterceptor(mvcResourceUrlProvider()));

		// 获取拦截器并根据order排序,若有匹配路径则封装成MappedInterceptor

		this.interceptors = registry.getInterceptors();

	}

	return this.interceptors.toArray();

}

注意这一行代码mapping.setInterceptors(getInterceptors());  getInterceptors方法会调用子类DelegatingWebMvcConfiguration的addInterceptors方法,接着会调用委托类即我们自定义配置类MyMvcConfigurer类的addInterceptors方法,将自定义的拦截器添加到拦截器注册类中,而后通过拦截器注册类获取到拦截器列表,最后将拦截器添加到映射处理器handlerMapping中,供后续使用。

最后看下请求处理的DispatcherServlet#doDispatch方法 (为了看的更清楚一点删掉了一些代码)

protected void doDispatch(HttpServletRequest request, HttpServletResponse response) throws Exception {

	HttpServletRequest processedRequest = request;

	// 处理程序执行链

	HandlerExecutionChain mappedHandler = null;

	try {

		ModelAndView mv = null;

		Exception dispatchException = null;

		try {

			// Determine handler for the current request.

			// 遍历handlerMapping获取能处理request的处理器,mappedHandler里封装着之前我们定义的拦截器供后续调用

			mappedHandler = getHandler(processedRequest);

			if (mappedHandler == null) {

				noHandlerFound(processedRequest, response);

				return;

			}

			// Determine handler adapter for the current request.

			// 确定处理当前请求的处理适配器 RequestMappingHandlerAdapter

			HandlerAdapter ha = getHandlerAdapter(mappedHandler.getHandler());

			// 执行handler之前应用拦截器执行拦截器的后置方法 返回为false表示请求不合理直接返回了

			if (!mappedHandler.applyPreHandle(processedRequest, response)) {

				return;

			}

			// Actually invoke the handler.

			// 真正执行这个HandlerMethod

			mv = ha.handle(processedRequest, response, mappedHandler.getHandler());

			applyDefaultViewName(processedRequest, mv);

			// 执行拦截器的后置方法

			mappedHandler.applyPostHandle(processedRequest, response, mv);

		}

		catch (Exception ex) {

			dispatchException = ex;

		}

		catch (Throwable err) {

			// As of 4.3, we're processing Errors thrown from handler methods as well,

			// making them available for @ExceptionHandler methods and other scenarios.

			dispatchException = new NestedServletException("Handler dispatch failed", err);

		}

		processDispatchResult(processedRequest, response, mappedHandler, mv, dispatchException);

	}

	catch (Exception ex) {

		triggerAfterCompletion(processedRequest, response, mappedHandler, ex);

	}

	catch (Throwable err) {

		triggerAfterCompletion(processedRequest, response, mappedHandler,

				new NestedServletException("Handler processing failed", err));

	}

	finally {

	}

}

#mappedHandler.applyPreHandle

boolean applyPreHandle(HttpServletRequest request, HttpServletResponse response) throws Exception {

	HandlerInterceptor[] interceptors = getInterceptors();

	if (!ObjectUtils.isEmpty(interceptors)) {

		for (int i = 0; i < interceptors.length; i++) {

			HandlerInterceptor interceptor = interceptors[i];

			// 前置处理为false时

			if (!interceptor.preHandle(request, response, this.handler)) {

				// 触发拦截器的afterCompletion方法

				triggerAfterCompletion(request, response, null);

				return false;

			}

			this.interceptorIndex = i;

		}

	}

	return true;

}

可以看到再真正执行handler之前会调用mappedHandler.applyPreHandle 方法,遍历拦截器执行preHandle方法,若返回false则根据先前执行过的拦截器顺序倒序执行afterCompletion方法,都通过的话后续执行handler获取请求结果,再接着执行拦截器的postHandle方法最后执行afterCompletion方法。

SpringWeb 拦截器的更多相关文章

  1. springweb项目自定义拦截器修改请求报文头

    面向切面,法力无边,任何脏活累活,都可以从干干净净整齐划一的业务代码中抽出来,无非就是加一层,项目里两个步骤间可以被分层的设计渗透成筛子. 举个例子: 最近我们对接某银行接口,我们的web服务都是标准 ...

  2. Spring mvc登录拦截器

    自己实现的第一个Spring mvc登录拦截器 题目要求:拒绝未登录用户进入系统,只要发现用户未登录,则将用户请求转发到/login.do要求用户登录 实现步骤: 1.在spring的配置文件中添加登 ...

  3. SpringMVC拦截器实现登录认证(转发)

    感谢原作者,转发自:http://blog.csdn.net/u014427391/article/details/51419521 以Demo的形式讲诉拦截器的使用 项目结构如图: 需要的jar:有 ...

  4. SpringMVC拦截器实现登录认证

    项目结构如图: 需要的jar:有springMVC配置需要的jar和jstl需要的jar SpringMVC包的作用说明: aopalliance.jar:这个包是AOP联盟的API包,里面包含了针对 ...

  5. Shiro 自定义登陆、授权、拦截器

    Shiro 登陆.授权.拦截 按钮权限控制 一.目标 Maven+Spring+shiro 自定义登陆.授权 自定义拦截器 加载数据库资源构建拦截链 使用总结: 1.需要设计的数据库:用户.角色.权限 ...

  6. springmvc拦截器入门及其执行顺序源码分析

    springmvc拦截器是偶尔会用到的一个功能,本案例来演示一个较简单的springmvc拦截器的使用,并通过源码来分析拦截器的执行顺序的控制.具体操作步骤为:1.maven项目引入spring依赖2 ...

  7. SpringMVC入门一:基础知识(依赖、注解、文件上传/下载、拦截器、异常处理等)

    为了使Spring可插入MVC架构,SpringFrameWork在Spring基础上开发SpringMVC框架,从而使用Spring进行WEB开发时可以选择使用Spring的SpringMVC框架作 ...

  8. JavaWeb之Servlet、拦截器、监听器及编程思想

    本文包含的内容有: Servlet的理解 自定义Servlet.监听器和过滤器 三者的一点点编程设计思想 后续的学习 JavaWeb是Web开发的重要基础,对Servlet.监听器和过滤器等知识的掌握 ...

  9. 6. ModelDriven拦截器、Preparable 拦截器

    1. 问题 Struts2 的 Action 我们将它定义为一个控制器,但是由于在 Action 中也可以来编写一些业务逻辑,也有人会在 Action 输入业务逻辑层. 但是在企业开发中,我们一般会将 ...

随机推荐

  1. 设置VisualStudio以管理员身份运行

    以vs2013为例 vs右键属性 ----- 找到目标位置如下 "C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\ID ...

  2. Helloworld 驱动模块加载

    介绍 本文引用<linux设备驱动开发>书中部分解释,记录开篇第一章helloworld程序 以下内容需要掌握如下基础信息linux模块概念.链接编译.c语言基础 内容 helloworl ...

  3. 520表白小程序设计Python代码详解(PyQt5界面,B站动漫风)

    摘要:介绍一个动漫风的表白小程序,界面使用Python以及PyQt实现,界面样式经过多次美化调整,使得整体清新美观.本文详细介绍代码设计和实现过程,不仅是居家表白必备,而且适合新入门的朋友学习界面设计 ...

  4. 分享一个 SpringCloud Feign 中所埋藏的坑

    背景 前段时间同事碰到一个问题,需要在 SpringCloud 的 Feign 调用中使用自定义的 URL:通常情况下是没有这个需求的:毕竟都用了 SpringCloud 的了,那服务之间的调用都是走 ...

  5. Python Flask项目步骤

    构建flask项目步骤 步骤一:构建基础项目框架 创建manage.py文件 from flask import Flask app = Flask(__name__) ""&qu ...

  6. net core天马行空系列-可用于依赖注入的,数据库表和c#实体类互相转换的接口实现

    1.前言 hi,大家好,我是三合.作为一名程序猿,日常开发中,我们在接到需求以后,一般都会先构思一个模型,然后根据模型写实体类,写完实体类后在数据库里建表,接着进行增删改查, 也有第二种情况,就是有些 ...

  7. 【Java面试】请你简单说一下Mysql的事务隔离级别

    一个工作了6年的粉丝,去阿里面试,在第一面的时候被问到"Mysql的事务隔离级别". 他竟然没有回答上来,一直在私信向我诉苦. 我说,你只能怪年轻时候的你,那个时候不够努力导致现在 ...

  8. 怎么理解相互独立事件?真的是没有任何关系的事件吗?《考研概率论学习之我见》 -by zobol

    1.从条件概率的定义来看独立事件的定义 2.从古典概率的定义来看独立事件的定义 3.P(A|B)和P(A)的关系是什么? 4.由P(AB)=P(A)P(B)推出"独立" 5.从韦恩 ...

  9. 讲一个linux服务启动报错问题排查

    例子 首先我们在/usr/lib/systemd/system目录下创建一个服务文件,写下服务启动任务配置.下面我以prometheus的node_exporter为例 vim /usr/lib/sy ...

  10. 新上线!3D单模型轻量化硬核升级,G级数据轻松拿捏!

    "3D模型体量过大.面数过多.传输展示困难",用户面对这样的3D数据,一定不由得皱起眉头.更便捷.快速处理三维数据,是每个3D用户对高效工作的向往. 在老子云最新上线的单模型轻量化 ...