我正在编写一个几乎完全受登录保护的网站(我正在使用Spring Security).但是有些页面没有受到保护(主页,登录页面,注册页面,忘记密码页面......),我想要实现的是:
redirectTo注释元素中指定的页面)当然我想避免将它放在每个控制器方法中:
if(loggedIn())
{
// Redirect
}
else
{
// Return the view
}
因此我想使用AOP.
我创建了Annotation @NonSecured,我编写了以下Aspect:
@Aspect
public class LoggedInRedirectAspect
{
@Autowired
private UserService userService;
@Around("execution(@my.package.annotation.NonSecured * *(..))")
public void redirect(ProceedingJoinPoint point) throws Throwable
{
System.out.println("Test");
point.proceed();
}
}
示例注释方法:
@Controller
@RequestMapping("/")
public class HomeController
{
@NonSecured(redirectTo = "my-profile")
@RequestMapping(method = RequestMethod.GET)
public String index(Model model,
HttpServletRequest request) throws Exception
{
// Show home page
}
}
applicationContext.xml重要位:
<context:annotation-config />
<context:component-scan base-package="my.package" /> …