stackoom
  简体   繁体   中英

how to validate the session in spring mvc interceptor

 原文  2015-04-13 06:04:44       java/ spring/ session/ spring-mvc/ interceptor

Question

I am newbie to spring framework.In my code,i use the interceptor for checking the session exists or not.If session exists i allow to call the controller otherwise i redirect the login page. Below is my code. 

@Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,



        Users user=(Users) session.getAttribute("user");
        if(user == null)
        {
            System.err.println("Request Path : ");
            response.sendRedirect("index");
            return false;
        }
        else
        {
            return true;
        }
    }

but this code not redirect successfully.I am getting the below error, 

In Mozilla i get below error
    The page is not redirecting properly
In chorme i get below error?
    This web page has redirect loop

How to fix this issue?Any help will be greatly appreciated!!!

1 answers

solution1
 2 ACCPTED  2015-04-13 07:25:59

Just a wild guess, because you forgot to say how your interceptor is configured. I think it could be caused by the interceptor being applied to the login page index .

If this is true any page will ask the browser to redirect to index page, but index page itself will send a redirect request to browser.

The correct way is to configure the interceptor to ignore the login page 

@Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,

        // ignore login page
        if (request.getServletPath() == "/index") { // BEWARE : to be adapted to your actual login page
            return true;
        }

        Users user=(Users) session.getAttribute("user");
        if(user == null)
        {
            System.err.println("Request Path : ");
            response.sendRedirect("index");
            return false;
        }
        else
        {
            return true;
        }
    }

You could also use SpringMVC configuration to have the interceptor not applied to the login page

But anyway, if you want to build a serious application, my advice is to have a look to Spring Security that nicely integrates in a Spring MVC application and comes with a bunch of examples to avoid above problem (and others ...)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to redirect after session has expired using an interceptor Spring mvc Testing a Spring MVC Handler interceptor with a session scoped bean dependency How to inject property to interceptor in Spring MVC Spring mvc interceptor exception How to validate a custom session in spring How To Autowire a String MVC Session Scoped Bean Into RestEasy Client Interceptor? How to inject session scope bean in interceptor using java config with Spring How is a session being created before my Spring interceptor is reached? Spring MVC INterceptor is not being called Set up an interceptor in Spring MVC
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM