Pathway from ACEGI to Spring Security 2.0(2)

于 2008-11-20 08:55:00 发布
阅读量47 收藏
点赞数
CC 4.0 BY-SA版权
文章标签: java
原文链接:http://www.cnblogs.com/earl86/archive/2008/11/20/1666452.html
本文介绍了一个自定义的Spring Security权限过滤器——MySecureResourceFilter。该过滤器通过实现FilterInvocationDefinitionSource接口,为请求页面提供权限检查。文章详细展示了如何获取当前URL所需的访问角色,并返回这些角色作为配置属性定义。
  1. The main part of this piece of configuration is the secureResourceFilter, this is a class that implements FilterInvocationDefinitionSource and is called when Spring Security needs to check the Authorities for a requested page.
    Here is the code for MySecureResourceFilter:
    view plain copy to clipboard print ?
    1. package org.security.SecureFilter;  
    2.   
    3. import java.util.Collection;  
    4. import java.util.List;  
    5.   
    6. import org.springframework.security.ConfigAttributeDefinition;  
    7. import org.springframework.security.ConfigAttributeEditor;  
    8. import org.springframework.security.intercept.web.FilterInvocation;  
    9. import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;  
    10.   
    11.   
    12. public class MySecureResourceFilter implements FilterInvocationDefinitionSource {  
    13.   
    14.     public ConfigAttributeDefinition getAttributes(Object filter) throws IllegalArgumentException {  
    15.           
    16.          FilterInvocation filterInvocation = (FilterInvocation) filter;  
    17.           
    18.          String url = filterInvocation.getRequestUrl();  
    19.           
    20.         // create a resource object that represents this Url object  
    21.          Resource resource = new Resource(url);  
    22.           
    23.         if (resource == null) return null;  
    24.         else{  
    25.              ConfigAttributeEditor configAttrEditor = new ConfigAttributeEditor();  
    26.             // get the Roles that can access this Url  
    27.              List<Role> roles = resource.getRoles();  
    28.              StringBuffer rolesList = new StringBuffer();  
    29.             for (Role role : roles){  
    30.                  rolesList.append(role.getName());  
    31.                  rolesList.append(",");  
    32.              }  
    33.             // don't want to end with a "," so remove the last ","  
    34.             if (rolesList.length() > 0)  
    35.                  rolesList.replace(rolesList.length()-1, rolesList.length()+1, "");  
    36.              configAttrEditor.setAsText(rolesList.toString());  
    37.             return (ConfigAttributeDefinition) configAttrEditor.getValue();  
    38.          }         
    39.      }  
    40.   
    41.     public Collection getConfigAttributeDefinitions() {  
    42.         return null;  
    43.      }  
    44.   
    45.     public boolean supports(Class arg0) {  
    46.         return true;  
    47.      }  
    48.   
    49. }  
    package org.security.SecureFilter;

    import java.util.Collection;
    import java.util.List;

    import org.springframework.security.ConfigAttributeDefinition;
    import org.springframework.security.ConfigAttributeEditor;
    import org.springframework.security.intercept.web.FilterInvocation;
    import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;


    public class MySecureResourceFilter implements FilterInvocationDefinitionSource {

     public ConfigAttributeDefinition getAttributes(Object filter) throws IllegalArgumentException {

      FilterInvocation filterInvocation = (FilterInvocation) filter;

      String url = filterInvocation.getRequestUrl();

      // create a resource object that represents this Url object
      Resource resource = new Resource(url);

      if (resource == null) return null;
      else{
          ConfigAttributeEditor configAttrEditor = new ConfigAttributeEditor();
       // get the Roles that can access this Url
       List<Role> roles = resource.getRoles();
       StringBuffer rolesList = new StringBuffer();
       for (Role role : roles){
        rolesList.append(role.getName());
        rolesList.append(",");
       }
       // don't want to end with a "," so remove the last ","
       if (rolesList.length() > 0)
        rolesList.replace(rolesList.length()-1, rolesList.length()+1, "");
       configAttrEditor.setAsText(rolesList.toString());
       return (ConfigAttributeDefinition) configAttrEditor.getValue();
      }  
     }

     public Collection getConfigAttributeDefinitions() {
      return null;
     }

     public boolean supports(Class arg0) {
      return true;
     }

    }
    This getAttributes() method above essentially returns the name of Authorities (which I call Roles) that are allowed access to the current Url.

转载于:https://www.cnblogs.com/earl86/archive/2008/11/20/1666452.html

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值