使用注解配置拦截器，在user/login登录方法中加入session就ok了

package com.zhangda.core.web;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;import org.springframework.web.servlet.config.annotation.InterceptorRegistration;import org.springframework.web.servlet.config.annotation.InterceptorRegistry;import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;@Configurationpublic class WebSecurityConfig extends WebMvcConfigurerAdapter {    /**     * 登录session key     */    public final static String SESSION_KEY = "user";    @Bean    public SecurityInterceptor getSecurityInterceptor() {        return new SecurityInterceptor();    }    public void addInterceptors(InterceptorRegistry registry) {        InterceptorRegistration addInterceptor = registry.addInterceptor(getSecurityInterceptor());        // 排除配置        addInterceptor.excludePathPatterns("/error");        addInterceptor.excludePathPatterns("/user/login**");        // 拦截配置        addInterceptor.addPathPatterns("/**");    }    private class SecurityInterceptor extends HandlerInterceptorAdapter {        @Override        public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)                throws Exception {            HttpSession session = request.getSession();            if (session.getAttribute(SESSION_KEY) != null){            	return true;            }            // 跳转登录            String errMsg = "{\"success\": false, \"errMsg\": \"请先登录！\"}";//            String url = "/login";//            response.sendRedirect(url);x`            response.setHeader("Content-type", "text/html;charset=UTF-8");              response.getWriter().print(errMsg);            return false;        }    }}