- 직접 주소를 입력하고 요청할 경우 대비해 Interceptor로 처리
BoardController.java
@GetMapping("/not_writer")
public String not_writer() {
return "board/not_writer";
}not_writer.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<c:set var='root' value="${pageContext.request.contextPath }/"/>
<script>
alert('잘못된 접근입니다')
location.href = '${root}main'
</script>
CheckWriterInterceptor.java
public class CheckWriterInterceptor implements HandlerInterceptor {
private LoginUserBean loginUserBean;
private BoardService boardService;
public CheckWriterInterceptor(LoginUserBean loginUserBean, BoardService boardService) {
this.loginUserBean = loginUserBean;
this.boardService = boardService;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String str1 = request.getParameter("content_idx");
int content_idx = Integer.parseInt(str1);
ContentBean currentContentBean = boardService.getContentInfo(content_idx);
if(currentContentBean.getContent_writer_idx() != loginUserBean.getUser_idx()) {
String contextPath = request.getContextPath();
response.sendRedirect(contextPath + "/board/not_writer");
return false; //원래요청이 거부됨
}
return true;
}
}ServletAppContext.java
//글쓴사람이 아닐 때 수정/삭제 제한
CheckWriterInterceptor checkWriterInterceptor = new CheckWriterInterceptor(loginUserBean, boardService);
InterceptorRegistration reg3 = registry.addInterceptor(checkWriterInterceptor);
reg3.addPathPatterns("/board/modify", "/board/delete");uri를 입력하고 들어가면
인터셉터가 잘 적용된거 확인! !
기록하기