我正在编写一个几乎完全受登录保护的网站(我正在使用 Spring Security)。不过,有些页面不受保护(主页、登录页面、注册页面、忘记密码页面……),我想要实现的是:
- 如果用户在访问这些非安全页面时未登录,
正常显示它们
- 如果用户已经登录,则重定向到
主页(或指定的页面)
redirectTo
注释元素)
当然,我想避免将其放入每个控制器方法中:
if(loggedIn())
{
// Redirect
}
else
{
// Return the view
}
因此我想使用 AOP。
我创建了注释@NonSecured
我编码了以下方面:
@Aspect
public class LoggedInRedirectAspect
{
@Autowired
private UserService userService;
@Around("execution(@my.package.annotation.NonSecured * *(..))")
public void redirect(ProceedingJoinPoint point) throws Throwable
{
System.out.println("Test");
point.proceed();
}
}
带注释的方法示例:
@Controller
@RequestMapping("/")
public class HomeController
{
@NonSecured(redirectTo = "my-profile")
@RequestMapping(method = RequestMethod.GET)
public String index(Model model,
HttpServletRequest request) throws Exception
{
// Show home page
}
}
applicationContext.xml 重要位:
<context:annotation-config />
<context:component-scan base-package="my.package" />
<tx:annotation-driven transaction-manager="transactionManager" proxy-target-class="true" />
<bean id="loggedInRedirectAspect" class="my.package.aspect.LoggedInRedirectAspect" />
<aop:aspectj-autoproxy proxy-target-class="true">
<aop:include name="loggedInRedirectAspect" />
</aop:aspectj-autoproxy>
The problem is that the method redirect(...)
in the aspect never gets called. Aspects in general are working fine, in fact the following method in the aspect will get called: The following advice gets called but doesn't get called for the controller methods.
@Around("execution(* *(..))")
public void redirect(ProceedingJoinPoint point) throws Throwable
{
point.proceed();
}
我在切入点中做错了什么吗?
谢谢。
Update:这个问题中的最后一个片段被调用,但仍然没有被控制器方法调用。