Filter来控制权限

于 2008-06-12 11:10:00 发布
阅读量76 收藏
点赞数
文章标签: web.xml

文章出自:http://neil-jh.javaeye.com/blog/191341

目前很多项目对权限的控制一般普遍使用Acgi来控制权限。这里对老技术做一个回顾,曾经使用过Filter来控制权限,如果对Filter不是很熟悉的朋友,可以简单看下,也许多少会有些帮助。

public class PopedomFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException {

}

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest; HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;

String contextPath = httpServletRequest.getContextPath(); //取得项目当前根目录 例如:/project String currentPath = httpServletRequest.getRequestURI(); //取得当前要访问的页面目录 /project/admin/xxx.action

if (!checkUserPopedom(httpServletRequest, httpServletResponse, contextPath, currentPath)) { //检查当前访问的路径是否包含在此用户的权限列表中,如果不存在return出去,不进行下一步的调用 return; }

filterChain.doFilter(servletRequest, servletResponse);

}

private boolean checkUserPopedom(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String contextPath, String currentPath) throws IOException { User user = (User) httpServletRequest.getSession(true).getAttribute("user");

if (user == null) { httpServletResponse.sendRedirect(contextPath + "/"); return false; } else { if (!checkPopedom(user, contextPath, currentPath)) { httpServletResponse.sendRedirect(contextPath + "/"); return false; } }

return true; }

private boolean checkPopedom(User user, String contextPath, String currentPath) { if (user.getSystemResourceList() != null) { for (SystemResource resource : user.getSystemResourceList()) { String url = contextPath + resource.getActionUrl().trim(); if (url.equals(currentPath)) { return true; } } } return false; }

public void destroy() { } }

在web.xml 中需要对这个Filter进行配置如下

<filter> <filter-name>PopedomFilter </filter-name> <filter-class>...filter.RightFilter</filter-class> </filter>

<filter-mapping> <filter-name>PopedomFilter </filter-name> <url-pattern>*.action</url-pattern>

</filter-mapping>

iteye_8877
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值