Prevent an action from being intercepted by the Interceptor Handle

11

I implemented a class to intercept some urls and check if I have a logged-in user, if there is access to the url, otherwise I am automatically "played" to the login screen.

It happens that in the page of a login I have a link to register a user in my system, but since I do not have a user in the session because I am a user that I will still register, I would like to know how to release my action adicionaUsuario of the interceptor and allow me to register the user. Today when registering a user I am taken back to the login screen.

When I click on the button that calls the action adicionaUsuario it does not even get to the method, it returns true on the interceptor and already takes me to the login page.

Below is my method preHandle of my interceptor and my method to add user that comes from the controller:

public class AutorizadorInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object controller) throws Exception {

        String uri = request.getRequestURI();
        if( uri.endsWith("loginForm") || uri.endsWith("efetuaLogin") || uri.contains("resources") || uri.endsWith("mainUsuario") || uri.endsWith("adicionaUsuario") ) {
            return true;
        }

        if(request.getSession().getAttribute("usuarioLogado") != null) {
            return true;
        }
        response.sendRedirect("loginForm");
        return false;
    }
}

Controller:

@RequestMapping(value = "adicionaUsuario")
    public String adicionaUsuario(Usuario usuario) {

        usuarioService.adicionaUsuario(usuario);


        return  "usuarioSuccess";
    }
    
asked by anonymous 23.11.2014 / 03:48

3 answers

1

As I understand the addaUsuario already receives the filled object of the form with the data of the new user. Until then, it's okay! your error is in the syntax, apparently the screen confirmation is correct, you are giving a true in the open page. However you are directing the user to the usersuccess page that does not have access permission. Try to allow its access to this targeting and if the error persists see if the method addsUsuario is accessible by all.

    
16.04.2015 / 20:12
-1

Look, I think your problem is exactly the way you wrote the preHandle () method

Note that if the first condition is satisfied, you should terminate the method by returning true;

that is, the lines of code will not be executed because the method has already returned the response in the first IF condition ...

    
27.08.2015 / 04:43
-1

Instead of using request.getRequestURI() use request.getServletPath()

    
17.09.2015 / 19:55