例如,
@Authority
@RequestMapping(value="/list",method = RequestMethod.POST)
public @ResponseBody String listNewEnterprises(HttpServletRequest request) {
JSONObject json = new JSONObject();
//do something
Object o;
try {
json.put("result", "success");
json.put("value", o);
} catch (JSONException e) {
e.printStackTrace();
}
System.out.println(json);// can print the json value
return json.toString();
}
在添加@Authority之前一切正常,但一旦添加@Authority,ajax就会变为空。
我的@Authority用于授权用户访问该方法的权利,该方法通过扩展HandlerInterceptorAdapter来拦截。
spring-mvc.xml配置为:
<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping"/>
<mvc:annotation-driven />
<mvc:interceptors>
<bean class="com.sjd.annotation.AuthorityAnnotationInterceptor"></bean>
</mvc:interceptors>
========================================
我的AuthorityAnnotationInterceptor类实现如下:
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
public class AuthorityAnnotationInterceptor extends HandlerInterceptorAdapter {
private final Logger logger = Logger.getLogger(getClass());
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HandlerMethod handler2 = (HandlerMethod) handler;
Authority auth = handler2.getMethodAnnotation(Authority.class);
if (null == auth) {
return true;
}
String url = request.getRequestURL().toString();
logger.debug(url);
if (null == url) {
return false;
}
HttpSession session = request.getSession();
String userAuthority = (String) session.getAttribute("authority");
//boolean hasAuthority = AuthorityHelper.hasAuthority(userAuthority,url, auth.type());
boolean hasAuthority = true;
if (hasAuthority) {
logger.debug("pass");
return true;
}
else {
logger.debug("fail");
return false;
}
}
}