java权限系统实现篇

标签：java权限

以ssh框架来解释权限系统

首先在struts.xml里面配置2个拦截器栈，

第一个是登陆拦截器栈，没有登陆的用户就会被拦截，提示其登陆

<!-- begin intercepter -->
	<package name="haslogin" namespace="/" extends="json-default">
		<interceptors>
			<interceptor name="loginInter"
				class="com.interceptor.LoginInterceptor"></interceptor>
			<interceptor-stack name="mydefault">
				<interceptor-ref name="loginInter"></interceptor-ref>
				<interceptor-ref name="defaultStack"></interceptor-ref>
			</interceptor-stack>
		</interceptors>
		<default-interceptor-ref name="mydefault"></default-interceptor-ref>
		<global-results>
			<result name="login">/management/login.jsp</result>
		</global-results>
	</package>
	<!-- end intercepter -->

第二个是权限拦截器栈，先判断是否登陆，没登陆就跳到登陆，再判断权限，没权限跳到无权限页面

<!-- begin role intercepter -->
	<package name="hasrole" namespace="/" extends="json-default">
		<!-- role intercepter -->
		<interceptors>
			<interceptor name="roleInter"
				class="com.interceptor.RoleInterceptor"></interceptor>
			<interceptor name="loginInter"
				class="com.interceptor.LoginInterceptor"></interceptor>
			<interceptor-stack name="mydefault">
				<interceptor-ref name="loginInter"></interceptor-ref>
				<interceptor-ref name="roleInter"></interceptor-ref>
				<interceptor-ref name="defaultStack"></interceptor-ref>
			</interceptor-stack>
		</interceptors>
		<default-interceptor-ref name="mydefault"></default-interceptor-ref>
		<global-results>
			<result name="login">/management/login.jsp</result>
			<result name="none">/WEB_INF/404.jsp</result>
		</global-results>	
</package>
<!--end role intercepter -->

第二步编写登陆拦截器 检查session中userid是否为null ， 如果是 ，就让用户去登陆页面

package com.interceptor;

import java.util.Map;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class LoginInterceptor extends AbstractInterceptor {

	private static final long serialVersionUID = 1L;

	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		ActionContext ctx = invocation.getInvocationContext();
		Map<String,Object> session = ctx.getSession();
		String user = null;
		if (session.get("userid")!=null) {
			user=session.get("userid").toString();
		}
		if (user != null) {
			return invocation.invoke();
		}
		return Action.LOGIN;
	}
	
}

package com.interceptor;

import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;

public class RoleInterceptor extends AbstractInterceptor {

	private static final long serialVersionUID = 1L;

	@SuppressWarnings("unchecked")
	@Override
	public String intercept(ActionInvocation invocation) throws Exception {
		Map<String, Object> session = ActionContext.getContext().getSession();
		Set<com.entity.ModuleFun> roles = new HashSet<com.entity.<span style="font-family: Arial, Helvetica, sans-serif;">ModuleFun</span><span style="font-family: Arial, Helvetica, sans-serif;">>();</span>
		String currUrl = invocation.getProxy().getActionName();//获取当前action的name
		if (session.get("roles") != null) {//用户登陆时将权限放入session中
			roles = (Set<com.entity.ModuleFun>) session.get("roles");
			for (com.entity.ModuleFun mfun: roles) {<span style="font-family: Arial, Helvetica, sans-serif;">	</span>

<span style="white-space:pre"></span><pre name="code" class="html"><span style="white-space:pre">			</span>if (mfun.getUrls.equals(currUrl+".action")) {
					return invocation.invoke();
				}

			}
		}
		return Action.NONE;
	}

}

java权限系统实现篇,布布扣,bubuko.com

java权限系统实现篇

标签：java权限

原文地址：http://blog.csdn.net/maskdfe/article/details/37927413