注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

和申的个人主页

专注于java开发,1985wanggang

 
 
 

日志

 
 

spring基于url匹配的权限程序代码示例  

2009-07-14 15:23:18|  分类: Spring |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |

org.quartz.impl.jdbcjobstore.LockException: Failure obtaining db row lock: - 和申 - 和申的个人主页

/**

该示例可用于,对url的访问进行限制,权限检查,可以使用Ant 风格配置url 而不必限制在web.xml中的filter 的有限形式的配置中,其中加入了noCheckAccessUrls,可以很方便的配置那些只针对个别url不检查

loginUrl 在检查没有权限后返回指定的登录地址

 

ANT通配符有三种:

通配符 说明
? 匹配任何单字符
* 匹配0或者任意数量的字符
** 匹配0或者更多的目录

例子:

URL路径 说明
/app/*.x 匹配(Matches)所有在app路径下的.x文件
/app/p?ttern 匹配(Matches) /app/pattern 和 /app/pXttern,但是不包括/app/pttern
/**/example 匹配(Matches) /app/example, /app/foo/example, 和 /example
/app/**/dir/file. 匹配(Matches) /app/dir/file.jsp, /app/foo/dir/file.html,/app/foo/bar/dir/file.pdf, 和 /app/dir/file.java
/**/*.jsp 匹配(Matches)任何的.jsp 文件

属性:
最长匹配原则(has more characters)
说明,URL请求/app/dir/file.jsp,现在存在两个路径匹配模式/**/*.jsp和/app/dir/*.jsp,那么会根据模式/app/dir/*.jsp来匹配

*/

AuthorizeURLInterceptor.java

package com.lawyer.aop.auth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.Assert;
import org.springframework.util.PathMatcher;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import org.springframework.web.util.UrlPathHelper;

public class AuthorizeURLInterceptor extends HandlerInterceptorAdapter {
 private UrlPathHelper urlPathHelper = new UrlPathHelper();
 private String[] checkAccessUrls;
 private String[] noCheckAccessUrls;//不需要保护的url资源
 private PathMatcher pathMatcher = new AntPathMatcher();
 
 private String loginUrl;
 private AuthHandle authHandle;//权限检查处理器
 public void setPathMatcher(PathMatcher pathMatcher) {
  Assert.notNull(pathMatcher, "PathMatcher must not be null");
  this.pathMatcher = pathMatcher;
 }
 
  
 
 /**
  * @param loginUrl the loginUrl to set
  */
 public void setLoginUrl(String loginUrl) {
  this.loginUrl = loginUrl;
 }

 

 /**
  * @param checkAccessUrls the checkAccessUrls to set
  */
 public void setCheckAccessUrls(String[] checkAccessUrls) {
  this.checkAccessUrls = checkAccessUrls;
 }

 

 /**
  * @param noCheckAccessUrls the noCheckAccessUrls to set
  */
 public void setNoCheckAccessUrls(String[] noCheckAccessUrls) {
  this.noCheckAccessUrls = noCheckAccessUrls;
 }

 /**
  * @param authHandle the authHandle to set
  */
 public void setAuthHandle(AuthHandle authHandle) {
  this.authHandle = authHandle;
 }

 /**
  *
  */
 public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
     throws Exception {
  String url = urlPathHelper.getLookupPathForRequest(request);
  if (!isProtected(url) ) {
   return true;//所请求的资源不需要保护.
  }else if(loginUrl != null && this.pathMatcher.match(url, loginUrl)){
   return true;
  }
//  System.out.println("preHandle:"+handler.getClass().getSimpleName());
  boolean b = authHandle.checkAuth(request, response);
  
  if(!b && loginUrl != null){
   response.sendRedirect(request.getContextPath()+loginUrl);
  }
  return b;
 }
 
 public boolean isProtected(String urlPath) {
  if(noCheckAccessUrls != null){
   for (int i = 0; i < this.noCheckAccessUrls.length; i++) {
    String registeredPath = noCheckAccessUrls[i];
    if (registeredPath == null) {
     throw new IllegalArgumentException("Entry number " + i + " in allowAccessUrls array is null");
    } else {
     if (this.pathMatcher.match(registeredPath, urlPath)) {
      return false;
     }     
    }
   }
  }
  if (this.checkAccessUrls != null) {   
   for (int i = 0; i < this.checkAccessUrls.length; i++) {
    String registeredPath = checkAccessUrls[i];
    if (registeredPath == null) {
     throw new IllegalArgumentException("Entry number " + i + " in allowAccessUrls array is null");
    } else {
     if (this.pathMatcher.match(registeredPath, urlPath)) {
      return true;
     }     
    }
   }
  }
  return false;
 }

}
-----------------------------------

AuthHandle.java权限检查器接口

/**
 *
 */
package com.lawyer.aop.auth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


/**
 * @author wanggang
 * @version Nov 18, 2008
 */

public interface AuthHandle {
 
 public abstract boolean  checkAuth(HttpServletRequest request,HttpServletResponse response)throws Exception;

}
------------------------------------

BackAuthHandler.java权限检查器接口 实现

package com.lawyer.aop.auth;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.lawyer.dto.UserDTO;
/**
 * @author wanggang
 * @version Jul 14, 2009
 */
public class BackAuthHandler implements AuthHandle {

 public boolean checkAuth(HttpServletRequest request,
   HttpServletResponse response) throws Exception {
  UserDTO userDTO=(UserDTO)request.getSession().getAttribute("userDTO");  

  if (userDTO != null) {
   System.out.println("userDTO name:" + userDTO.getNickName()
     + " Email:" + userDTO.getEmail());
   return true;
  } else {
   System.out.println("userDTO is null");
  }
  return false;
 }

}
-----------------------------------------------------

Spring配置文件  ,checkAccessUrls,noCheckAccessUrls 的url配置采用ant风格

 <bean id="backAuthHandler" class="com.lawyer.aop.auth.BackAuthHandler"></bean>
 <bean id="frontAuthHandler" class="com.lawyer.aop.auth.FrontAuthHandler"></bean>
    <bean id="backAuthorizeURLInterceptor" class="com.lawyer.aop.auth.AuthorizeURLInterceptor">
     <property name="authHandle" ref="backAuthHandler"></property>
     <property name="loginUrl">
      <value>/backLogin.do</value>
     </property>
     <property name="checkAccessUrls">
            <list>
                <value>/*</value>
            </list>
        </property>
        <property name="noCheckAccessUrls">
            <list>
             <value>/front/*</value>
             <value>/backLogin.do</value>
             <value>/showimage.do</value>
             <value>/checkUserName.do</value>
             <value>/checkNickName.do</value>
             <value>/userRegEdit.do</value>
             <value>/login.do</value>             
             <value>/userLogout.do</value>
             <value>/userLogin.do</value>
            </list>
        </property>
    </bean>
    <bean id="frontAuthorizeURLInterceptor" class="com.lawyer.aop.auth.AuthorizeURLInterceptor">
     <property name="authHandle" ref="frontAuthHandler"></property>
     <property name="loginUrl">
      <value>/index.jsp</value>
     </property>
     <property name="checkAccessUrls">
            <list>
                <value>/front/*</value> 
            </list>
        </property>
        <property name="noCheckAccessUrls">
            <list>                      
             <value>/showimage.do</value>
             <value>/checkUserName.do</value>
             <value>/checkNickName.do</value>
             <value>/userRegEdit.do</value>
             <value>/login.do</value>             
             <value>/userLogout.do</value>
             <value>/userLogin.do</value>
            </list>
        </property>
    </bean>
    <bean name="defaultHandlerMapping" class="org.springframework.web.servlet.handler.BeanNameUrlHandlerMapping" autowire="no">
  
  <property name="interceptors">
            <list>
             <ref local="backAuthorizeURLInterceptor"/>
             <ref local="frontAuthorizeURLInterceptor"/>           
            </list>            
        </property>       
    </bean>

参考====================================================================================

=======================================================================================

spring权限检查拦截器代码示例 

 

org.quartz.impl.jdbcjobstore.LockException: Failure obtaining db row lock: - 和申 - 和申的个人主页

  评论这张
 
阅读(2875)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2016