This recipe simply adds an additional Spring MVC component that can listen to and handle support for any request transactions involved in the authentication and authorization process. HandlerInterceptor and HandlerInterceptorAdapter work like filters, but the filter is more powerful and general when it comes to the scope of work. Filters are configured in ServletContext, while interceptors are injected in the Spring context definition through the addInterceptors() method of InterceptorRegistry. When it comes to scope, interceptors are convenient to use when the Spring platform is used, rather than implementing Filter. Creating interceptors is appropriate for applying DRY coding principles wherein code blocks are written repeatedly across the platform. Additionally, they can help the framework with logging, profiling, authorization-related validation, and minimal filtering tasks.

All interceptors contain three methods, and these are:

• preHandle(): This is executed before the actual request is executed
• postHandle(): This is executed after a request is executed
• afterCompletion(): This is executed after the whole request transaction is completed

Using interceptors is optional and mapping them to the correct request paths using the InterceptorRegistry.addInterceptor().addPathPatterns needs extra caution, because the patterns used to specify the URL here are path expressions and not the usual normal URL. Generating these patterns may cause some paths not to be included or excluded. It is always advisable to include excludePathPatterns() and includePathPatterns() to ensure that request URL paths are valid.