已配置拦截器,但jsp不能拦截,可以直接访问后台的.jsp文件。如果禁止直接访问jsp和html文件。查了一些文章,在mainConfig中配置:
/** * 配置全局处理器 */
public class JspSkipHandler extends Handler {
@SuppressWarnings("deprecation")
public void handle(String target, HttpServletRequest request, HttpServletResponse response, boolean[] isHandled) {
int index = target.lastIndexOf(".jsp");
if (index != -1)
target = target.substring(0, index);
nextHandler.handle(target, request, response, isHandled);
}
}
@Override
public void configHandler(Handlers me) {
me.add(new JspSkipHandler());
//me.add(new UrlSkipHandler(".+\\.\\w{1,4}", false));
}
但这样一来,都不能访问了,并且是404错误,如何转到/admin/login.jsp?