本文介绍了一个用于Spring Security的监听器实现,该监听器在应用启动时加载URL权限,并将其存储在ServletContext中以便全局访问。当应用关闭时,监听器会清除这些权限设置。
package com.payds.comm.security;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.springframework.web.context.support.WebApplicationContextUtils;
import com.payds.comm.service.SecurityManager;
public class SpringSecurityListener implements ServletContextListener {
/* (non-Javadoc)
* @see javax.servlet.ServletContextListener#contextInitialized(javax.servlet.ServletContextEvent)
*/
public void contextInitialized(ServletContextEvent servletContextEvent) {
ServletContext servletContext = servletContextEvent.getServletContext();
SecurityManager securityManager = this.getSecurityManager(servletContext);
Map<String, String> urlAuthorities = securityManager.loadUrlAuthorities();
servletContext.setAttribute("urlAuthorities", urlAuthorities);
}
/* (non-Javadoc)
* @see javax.servlet.ServletContextListener#contextDestroyed(javax.servlet.ServletContextEvent)
*/
public void contextDestroyed(ServletContextEvent servletContextEvent) {
servletContextEvent.getServletContext().removeAttribute("urlAuthorities");
}
/**
* Get SecurityManager from ApplicationContext
*
* @param servletContext
* @return
*/
protected SecurityManager getSecurityManager(ServletContext servletContext) {
return (SecurityManager) WebApplicationContextUtils.getWebApplicationContext(servletContext).getBean("securityManager");
}
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
