public class SecurityInterceptor extends HandlerInterceptorAdapter{    private static final Logger logger = Logger.getLogger(SecurityInterceptor.class);    @Resource    private SessionInfoService sessionInfoService;        private List<String> excludeUrls;// 不需要拦截的资源    public List<String> getExcludeUrls() {        return excludeUrls;    }    public void setExcludeUrls(List<String> excludeUrls) {        this.excludeUrls = excludeUrls;    }    /**     * 完成页面的render后调用     */    @Override    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object object, Exception exception) throws Exception {    }    /**     * 在调用controller具体方法后拦截     */    @Override    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object, ModelAndView modelAndView) throws Exception {    }    /**     * 在调用controller具体方法前拦截     */    @Override    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object){        String requestUri = request.getRequestURI();        ResponseMap errMap = new ResponseMap();        String contextPath = request.getContextPath();        String url = requestUri.substring(contextPath.length());        logger.debug("check url : " + url);        String token = request.getParameter("token");        logger.debug("check token : " + token);        if (excludeUrls.contains(url)) {// 如果要访问的资源是不需要验证的            return true;        }        try {            if(token == null || token.trim().equals(""))            {                errMap.putError(MessageConstants.getMessage("user.notlogin"));            }else{                errMap = sessionInfoService.bePermission(token.trim(), url.trim());            }            if(!("0".equals(errMap.get("err"))))            {                response.setCharacterEncoding("utf-8");                response.setContentType("application/json");                response.getWriter().print(JSONObject.fromObject(errMap));  //返回错误提示信息                response.getWriter().flush();                return false;            }        } catch (IOException e) {            logger.debug("preHandle error");        }finally{        }        return true;    }}

<mvc:interceptors>        <mvc:interceptor>            <mvc:mapping path="/**" />            <bean class="SecurityInterceptor">   //SecurityInterceptor的class路径                <property name="excludeUrls">                    <list>                        <value>/test/test1</value>                        <value>/test/test2</value>                    </list>                </property>            </bean>        </mvc:interceptor>    </mvc:interceptors>