Prevent an action from being intercepted by the Interceptor Handle

Asked

Viewed 238 times

11

I implemented a class to intercept some urls and check if I have a logged-in user in the session, if yes access url, otherwise I am automatically "played" to the login screen.

It happens that on a login page I have a link to register a user on my system, but as I do not have a user in the session because I am a user who will still register, I would like to know how to release my action adicionaUsuario and let me register the user. Today when registering a user I am taken back to the login screen.

Debugging, when I click on the button that calls the action adicionaUsuario he doesn’t even get to the method, he returns true in the Interceptor and already takes me to the login page.

Follow my method below preHandle of my Interceptor and my method for adding user that comes from the controller:

public class AutorizadorInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object controller) throws Exception {

        String uri = request.getRequestURI();
        if( uri.endsWith("loginForm") || uri.endsWith("efetuaLogin") || uri.contains("resources") || uri.endsWith("mainUsuario") || uri.endsWith("adicionaUsuario") ) {
            return true;
        }

        if(request.getSession().getAttribute("usuarioLogado") != null) {
            return true;
        }
        response.sendRedirect("loginForm");
        return false;
    }
}

Controller:

@RequestMapping(value = "adicionaUsuario")
    public String adicionaUsuario(Usuario usuario) {

        usuarioService.adicionaUsuario(usuario);


        return  "usuarioSuccess";
    }
java spring-mvc

  • but if you return "true" you are not saying that you MUST intercept the event?

  • Any reason not to use Spring Security?

  • How about in the method adicionaUsuario put the user in session?

3 answers

1

From what I understand the additionUsuario already receives the object filled in the form with the data of the new user. Up to there is ok! your error is in the syntax, apparently the screen confirmation is correct, you are giving a true on the open page. However you are directing the user to the user page that does not have access permission. Try to allow access to it for this direction and if the error persists see if the added method is accessible by everyone.

-1

Look, I think your problem is exactly the way you wrote the preHandle method()

note when debugging that if the first condition is satisfied you already end the method by giving true Return;

or that the lines of code below will not be executed because the method has already returned the answer in the first IF condition...

-1

Instead of using request.getRequestURI()use request.getServletPath()

Browser other questions tagged java spring-mvc

You are not signed in. Login or sign up in order to post.