Spring 控制器的 AOP
Spring 的 AOP 功能非常强大,它可以轻松地向控制器添加很酷且有用的注释。例如,我编写了一个 @Authenticated 注释,它允许经过身份验证的用户访问控制器方法或重定向到登录页面。有趣的东西。
然而,Spring 的控制器可以返回各种不同的类型。它们可以返回字符串、ModelAndView 对象,甚至 void。我的代码库中有一些方法使用所有三种类型。但是,我想更改我的 @Authenticated 注释以呈现并返回特定页面,我希望通过返回 ModelAndView 对象来实现这一点。要求所有控制器方法返回 ModelAndView 是实现此目的的唯一方法吗?
我想要的控制器示例:
@Controller
public class MyController() {
@Authenticated
@RequestMapping("/myscore")
public String myScorePage(ModelMap model) {
return "myScorePage";
}
@Authenticated
@RequestMapping("/anotherPage")
public ModelAndView something() {
return new ModelAndView("anotherPage",someModelStuff());
}
}
@Aspect
public class NotVeryUsefulAspect {
@Around("@annotation(Authenticate)")
public Object doBasicProfiling(ProceedingJoinPoint pjp) throws Throwable {
if( isAuthenticated() ) {
return pjp.proceed();
} else {
return /* Oh no what goes here, I want to render a FAILURE page without redirecting */
}
}
}
Spring's AOP functionality is pretty great, and it makes it easy to add cool and useful annotations to controllers. For example, I wrote an @Authenticated annotation that either allows authenticated users through to the controller method or redirects to the login page. Fun stuff.
However, Spring's controllers can return all sorts of different types. They can return Strings, ModelAndView objects, or even void. There are methods in my code base that use all three types. However, I'd like to change my @Authenticated annotation to render and return a particular page, which I was hoping to do by returning a ModelAndView object. Is the only way to accomplish this by requiring all of my controller methods to return a ModelAndView?
Example of a controller I'd like to have:
@Controller
public class MyController() {
@Authenticated
@RequestMapping("/myscore")
public String myScorePage(ModelMap model) {
return "myScorePage";
}
@Authenticated
@RequestMapping("/anotherPage")
public ModelAndView something() {
return new ModelAndView("anotherPage",someModelStuff());
}
}
@Aspect
public class NotVeryUsefulAspect {
@Around("@annotation(Authenticate)")
public Object doBasicProfiling(ProceedingJoinPoint pjp) throws Throwable {
if( isAuthenticated() ) {
return pjp.proceed();
} else {
return /* Oh no what goes here, I want to render a FAILURE page without redirecting */
}
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
哈,想通了!
我决定使用传递给方面方法的 ProceedingJoinPoint 来确定原始方法的返回类型。然后,我根据传递的返回类型为切面方法制作了一组可能的“失败”结果。例如,如果该方法最初返回一个字符串,我返回“failure_page”,如果该方法返回一个ModelAndView,我返回一个新的ModelAndView(“failure_page”)。
效果很好!不幸的是,如果模型对象返回一个字符串并且不将 ModelMap 作为参数,我可能没有机会设置它,但我可以很好地处理错误页面。
Ha, figured it out!
I decided to use the ProceedingJoinPoint passed to the aspect method to figure out the return type of the original method. Then I made a set of possible "failure" results for the aspect method based on what type of return is passed. For example, if the method originally returned a String, I return "failure_page", and if the method returned a ModelAndView, I return a new ModelAndView("failure_page").
Works quite well! Unfortunately, I may not have an opportunity to set a model object if it returns a string and doesn't take a ModelMap as a parameter, but I can deal with that for an error page just fine.
是的,看来你是对的。
但授权已内置于 Spring Security,您不需要自己实现它。
Yes it seams that you are right.
But Authorization is already build in in Spring Security and you do not need to implement it by your own.