码迷,mamicode.com
首页 > 编程语言 > 详细

java权限系统实现篇

时间:2014-07-18 15:14:41      阅读:246      评论:0      收藏:0      [点我收藏+]

标签:java权限

以ssh框架来解释权限系统

首先在struts.xml里面配置2个拦截器栈,

第一个是登陆拦截器栈,没有登陆的用户就会被拦截,提示其登陆

<!-- begin intercepter -->
	<package name="haslogin" namespace="/" extends="json-default">
		<interceptors>
			<interceptor name="loginInter"
				class="com.interceptor.LoginInterceptor"></interceptor>
			<interceptor-stack name="mydefault">
				<interceptor-ref name="loginInter"></interceptor-ref>
				<interceptor-ref name="defaultStack"></interceptor-ref>
			</interceptor-stack>
		</interceptors>
		<default-interceptor-ref name="mydefault"></default-interceptor-ref>
		<global-results>
			<result name="login">/management/login.jsp</result>
		</global-results>
	</package>
	<!-- end intercepter -->

第二个是权限拦截器栈,先判断是否登陆,没登陆就跳到登陆,再判断权限,没权限跳到无权限页面

<!-- begin role intercepter -->
	<package name="hasrole" namespace="/" extends="json-default">
		<!-- role intercepter -->
		<interceptors>
			<interceptor name="roleInter"
				class="com.interceptor.RoleInterceptor"></interceptor>
			<interceptor name="loginInter"
				class="com.interceptor.LoginInterceptor"></interceptor>
			<interceptor-stack name="mydefault">
				<interceptor-ref name="loginInter"></interceptor-ref>
				<interceptor-ref name="roleInter"></interceptor-ref>
				<interceptor-ref name="defaultStack"></interceptor-ref>
			</interceptor-stack>
		</interceptors>
		<default-interceptor-ref name="mydefault"></default-interceptor-ref>
		<global-results>
			<result name="login">/management/login.jsp</result>
			<result name="none">/WEB_INF/404.jsp</result>
		</global-results>	
</package>
<!--end role intercepter -->

第二步编写登陆拦截器 检查session中userid是否为null , 如果是 ,就让用户去登陆页面

package com.interceptor;

import java.util.Map;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class LoginInterceptor extends AbstractInterceptor {

	private static final long serialVersionUID = 1L;

	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		ActionContext ctx = invocation.getInvocationContext();
		Map<String,Object> session = ctx.getSession();
		String user = null;
		if (session.get("userid")!=null) {
			user=session.get("userid").toString();
		}
		if (user != null) {
			return invocation.invoke();
		}
		return Action.LOGIN;
	}
	
}
第三步 编写权限拦截器

package com.interceptor;

import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class RoleInterceptor extends AbstractInterceptor {

	private static final long serialVersionUID = 1L;

	@SuppressWarnings("unchecked")
	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		Map<String, Object> session = ActionContext.getContext().getSession();
		Set<com.entity.ModuleFun> roles = new HashSet<com.entity.<span style="font-family: Arial, Helvetica, sans-serif;">ModuleFun</span><span style="font-family: Arial, Helvetica, sans-serif;">>();</span>
		String currUrl = invocation.getProxy().getActionName();//获取当前action的name
		if (session.get("roles") != null) {//用户登陆时将权限放入session中
			roles = (Set<com.entity.ModuleFun>) session.get("roles");
			for (com.entity.ModuleFun mfun: roles) {<span style="font-family: Arial, Helvetica, sans-serif;">	</span>
<span style="white-space:pre"></span><pre name="code" class="html"><span style="white-space:pre">			</span>if (mfun.getUrls.equals(currUrl+".action")) {
					return invocation.invoke();
				}


			}
		}
		return Action.NONE;
	}

}
三在登陆时把userid和roles存入session中

java权限系统实现篇,布布扣,bubuko.com

java权限系统实现篇

标签:java权限

原文地址:http://blog.csdn.net/maskdfe/article/details/37927413

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!