Spring MVC Interceptor

스프링 인터셉터를 이용하여 로그인 상태를 검사하는 예 ( Spring MVC Interceptor Authentication example )

로그인을 거친 이용자에게는 Controller 클래스의 getTime() 메소드가 기능을 할 수 있도록 하고 아니면 로그인 폼을 보여주는 예

WEB-INF/web.xml

<?xml version="1.0" encoding="UTF-8"?>

<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <!-- The definition of the Root Spring Container shared by all Servlets and Filters -->

    <context-param>

        <param-name>contextConfigLocation</param-name>

        <param-value>/WEB-INF/spring/root-context.xml</param-value>

    </context-param>

    <!-- Creates the Spring Container shared by all Servlets and Filters -->

    <listener>

        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

    </listener>

    <!-- Processes application requests -->

    <servlet>

        <servlet-name>appServlet</servlet-name>

        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>

        <init-param>

            <param-name>contextConfigLocation</param-name>

            <param-value>/WEB-INF/spring/servlet-context.xml</param-value>

        </init-param>

        <load-on-startup>1</load-on-startup>

    </servlet>

    <servlet-mapping>

        <servlet-name>appServlet</servlet-name>

        <url-pattern>/</url-pattern>

    </servlet-mapping>

    <filter>

<filter-name>encodingFilter</filter-name>

<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>

<init-param>

<param-name>encoding</param-name>

<param-value>UTF-8</param-value>

</init-param>

    </filter>

    <filter-mapping>

<filter-name>encodingFilter</filter-name>

<url-pattern>/*</url-pattern>

    </filter-mapping>

</web-app>

SampleController.java

package org.kdea.interceptor;

import java.util.Date;

import javax.servlet.http.HttpSession;

import org.springframework.stereotype.Controller;

import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.web.bind.annotation.RequestMethod;

import org.springframework.web.bind.annotation.RequestParam;

import org.springframework.web.bind.annotation.ResponseBody;

@Controller

public class SampleController {

@RequestMapping(value="/int/login", method=RequestMethod.GET)

public String login(){

return "interceptor/login_form";

}

@RequestMapping(value="/int/login", method=RequestMethod.POST)

public String login(@RequestParam String id,

@RequestParam String pwd,

HttpSession session){

if(id!=null && !id.equals("") && pwd!=null && !pwd.equals("")) {

session.setAttribute("login", true);

return "interceptor/login_success";

}

return "interceptor/login_fail";

}

@RequestMapping("/int/getTime")

@ResponseBody

public String getServerTime(){ // 로그인을 거친 사용자만 사용할 수 있도록 설정하려고 함

return new Date().toString();

}

}

서블릿 설정파일에 콘트롤러를 자동으로 찾을 수 있도록 설정하고 이용자의 요청 URL에 인터셉터를 연결한다

WEB-INF/spring/servlet-context.xml

................

<beans:bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">

        <beans:property name="prefix" value="/WEB-INF/views/" />

        <beans:property name="suffix" value=".jsp" />

        <beans:property name="contentType" value="text/html; charset=UTF-8"/>

</beans:bean>

................

<context:component-scan base-package="org.kdea.interceptor" />

.........

    .............

<interceptors>

    <interceptor>

<mapping path="/int/getTime"/>  <!-- /int/*  을 사용하여 모든 기능에 앞서 인터셉터가 호출되도록 할 수 있음 -->

         <beans:bean class="org.kdea.interceptor.AuthInterceptor" />

    </interceptor>

</interceptors>

.........

AuthInterceptor.java

package org.kdea.interceptor;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import org.springframework.web.servlet.ModelAndView;

import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

public class AuthInterceptor extends HandlerInterceptorAdapter {

@Override   // 콘트롤러에 앞서 실행됨

public boolean preHandle(HttpServletRequest request, 

HttpServletResponse response, Object handler) throws Exception {

if(request.getSession().getAttribute("login")==null){

response.sendRedirect("login"); // 콘트롤러에 선언된 login 요청으로 전환함

return false; // 다른 절차가 실행되지 않음

}

return true;          // 다른 인터셉터나 콘트롤러가 이후에 호출됨

}

@Override   // 콘트롤러 실행 후, 뷰 호출 전에 실행됨

public void postHandle(HttpServletRequest request,

HttpServletResponse response, Object handler,

ModelAndView modelAndView) throws Exception {

System.out.println("postHandle():after Controller, before View rendering");

}

@Override   // 뷰가 실행된 후에 실행됨

public void afterCompletion(HttpServletRequest request,

HttpServletResponse response, Object handler, Exception ex)

throws Exception {

System.out.println("afterCompletion():after View rendered");

}

}

WEB-INF/views/login_success.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"

    pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta charset="EUC-KR">

<title>로그인 성공</title>

</head>

<body>

로그인에 성공했습니다<p>

Login success!

</body>

</html>

WEB-INF/views/login_fail.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"

    pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta charset="EUC-KR">

<title>로그인 실패</title>

</head>

<body>

로그인에 실패<p>

Login Failed!

</body>

</html>

WEB-INF/views/login_form.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8"

    pageEncoding="UTF-8"%>

<!DOCTYPE html>

<html>

<head>

<meta charset="EUC-KR">

<title>로그인 폼</title>

</head>

<body>

로그인 폼<p>

<form action="login" method="post">

ID <input type="text" name="id">

PWD <input type="password" name="pwd">

<input type="submit" value="Login">

</form>

</body>

</html>