springmvc怎么用拦截器防止重复提交表单

 我来答
匿名用户
2017-04-17
展开全部
原理:在新建页面中Session保存token随机码,当保存时验证,通过后删除,当再次点击保存时由于服务器端的Session中已经不存在了,所有无法验证通过。

1.新建注解:

[java] view plain copy
/**
* <p>
* 防止重复提交注解,用于方法上<br/>
* 在新建页面方法上,设置needSaveToken()为true,此时拦截器会在Session中保存一个token,
* 同时需要在新建的页面中添加
* <input type="hidden" name="token" value="${token}">
* <br/>
* 保存方法需要验证重复提交的,设置needRemoveToken为true
* 此时会在拦截器中验证是否重复提交
* </p>
* @author: chuanli
* @date: 2013-6-27上午11:14:02
*
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface AvoidDuplicateSubmission {
boolean needSaveToken() default false;
boolean needRemoveToken() default false;
}

2. 新建拦截器

[java] view plain copy
/**
* <p>
* 防止重复提交过滤器
* </p>
*
* @author: chuanli
* @date: 2013-6-27上午11:19:05
*/
public class AvoidDuplicateSubmissionInterceptor extends HandlerInterceptorAdapter {
private static final Logger LOG = Logger.getLogger(AvoidDuplicateSubmissionInterceptor.class);

@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {

User user = UserUtil.getUser();
if (user != null) {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();

AvoidDuplicateSubmission annotation = method.getAnnotation(AvoidDuplicateSubmission.class);
if (annotation != null) {
boolean needSaveSession = annotation.needSaveToken();
if (needSaveSession) {
request.getSession(false).setAttribute("token", TokenProcessor.getInstance().generateToken());
}

boolean needRemoveSession = annotation.needRemoveToken();
if (needRemoveSession) {
if (isRepeatSubmit(request)) {
LOG.warn("please don't repeat submit,[user:" + user.getUsername() + ",url:"
+ request.getServletPath() + "]");
return false;
}
request.getSession(false).removeAttribute("token");
}
}
}
return true;
}

private boolean isRepeatSubmit(HttpServletRequest request) {
String serverToken = (String) request.getSession(false).getAttribute("token");
if (serverToken == null) {
return true;
}
String clinetToken = request.getParameter("token");
if (clinetToken == null) {
return true;
}
if (!serverToken.equals(clinetToken)) {
return true;
}
return false;
}

}

3. 在Spring中配置

[html] view plain copy
<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping">
<property name="interceptors">
<list>
<bean class="com.sohu.tv.crm.aop.UserLogInterceptor"/>
<bean class="com.sohu.tv.crm.aop.AvoidDuplicateSubmissionInterceptor"/>
</list>
</property>

</bean>

4. 在相关方法中加入注解:

[java] view plain copy
@RequestMapping("/save")
@AvoidDuplicateSubmission(needRemoveToken = true)
public synchronized ModelAndView save(ExecutionUnit unit, HttpServletRequest request, HttpServletResponse response)
throws Exception {

@RequestMapping("/edit")
@AvoidDuplicateSubmission(needSaveToken = true)
public ModelAndView edit(Integer id, HttpServletRequest request) throws Exception {

5.在新建页面中加入
<input type="hidden" name="token" value="${token}">
推荐律师服务: 若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询

为你推荐:

下载百度知道APP,抢鲜体验
使用百度知道APP,立即抢鲜体验。你的手机镜头里或许有别人想知道的答案。
扫描二维码下载
×

类别

我们会通过消息、邮箱等方式尽快将举报结果通知您。

说明

0/200

提交
取消

辅 助

模 式