SpringAOP实现的用户权限管理【修改了别人的代码,感谢原作者!】
2009-08-07 16:01
1271 查看
两种不不同的用户:User和Administrator
User类:
Administrator类:
ResourceBean接口:
ResourceBeanImpl类:
Service接口:
ServiceBean类:
PermissionCheckAdvice(AOP实现的核心)
PermissionDeniedException类:
PermissionThrowsAdvice类:
SpringAopTest测试类:
applicationContext.xml
代码虽然简单,但是基本实现了为不同的用户赋予不同的权限的功能。
User类:
package com.jhalo.jsecurity.aop; import java.util.List; public class User { public List privilages = new java.util.ArrayList(); public String name; public User(){ name="alphaclick tester "; privilages.add("com.jhalo.jsecurity.aop.ServiceBean.getBeanInfo"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod1"); // privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod2"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod3"); } public String getName(){ return name; } public boolean isPermission(String pri){ java.util.Iterator it = privilages.iterator(); String p = ""; boolean pass=false; while(it.hasNext()){ p=(String)it.next(); System.out.println(p); if(p.equals(pri)){ pass = true; break; } } return pass; } }
Administrator类:
package com.jhalo.jsecurity.aop; import java.util.List; public class Administrator extends User{ public Administrator(){ name="alphaclick Administrator "; privilages.add("com.jhalo.jsecurity.aop.ServiceBean.getBeanInfo"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod1"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod2"); privilages.add("com.jhalo.jsecurity.aop.ResourceBeanImpl.getMethod3"); } }
ResourceBean接口:
public interface ResourceBean { public void theMethod(); public String getMethod1(User user)throws PermissionDeniedException; public String getMethod2(User user)throws PermissionDeniedException; public String getMethod3(User user)throws PermissionDeniedException; }
ResourceBeanImpl类:
package com.jhalo.jsecurity.aop; public class ResourceBeanImpl implements ResourceBean{ /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#theMethod() */ public void theMethod(){ System.out.println(this.getClass().getName() + "." + new Exception().getStackTrace()[0].getMethodName() + "()" + " theMethod!"); } /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#getMethod1() */ public String getMethod1(User user) throws PermissionDeniedException{ return "[张三 Method1 ]"; } /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#getMethod2() */ public String getMethod2(User user) throws PermissionDeniedException{ return "[李四 Method2 ]"; } /**//* (non-Javadoc) * @see com.jhalo.jsecurity.aop.ResourceBean#getMethod3() */ public String getMethod3(User user) throws PermissionDeniedException{ return "[王五 Method3 ]"; } }
Service接口:
package com.jhalo.jsecurity.aop; public interface Service { public String getBeanInfo(User user) throws PermissionDeniedException; }
ServiceBean类:
package com.jhalo.jsecurity.aop; public class ServiceBean implements Service{ /***/ ResourceBean bean; /** * * @param bean */ public void setBean(ResourceBean bean) { this.bean = bean; } /** * */ public String getBeanInfo(User user){ String result=""; try{ //调用method1 result+= bean.getMethod1(user); }catch(PermissionDeniedException pde){ result+="PermissionDeniedException:Method1"; } try{ //调用method2 result+= bean.getMethod2(user); }catch(PermissionDeniedException pde){ result+="PermissionDeniedException:Method2"; } try{ //调用method3 result+= bean.getMethod3(user); }catch(PermissionDeniedException pde){ result+="PermissionDeniedException:Method3"; } return result; } }
PermissionCheckAdvice(AOP实现的核心)
public class PermissionCheckAdvice implements MethodBeforeAdvice { public void before(Method m, Object[] args, Object target) throws Throwable { String privilege=target.getClass().getName()+"." +m.getName(); //新建用户 // User user = new User(); System.out.println("打印参数开始======================="); User user=(User) args[0]; System.out.println(user.getName()); System.out.println("打印参数结束======================="); if (!user.isPermission(privilege)) { throw new PermissionDeniedException(user, privilege); } System.out.println("by " + this.getClass().getName()+"::" + "Target:"+target.getClass().getName()+"." +"Method:"+m.getName() +")"); } }
PermissionDeniedException类:
package com.jhalo.jsecurity.aop; public class PermissionDeniedException extends Exception { /** * */ public PermissionDeniedException(){ super(); } /** * * @param user * @param pri */ public PermissionDeniedException(User user,String pri){ super("User:"+user+"don't have the Permission to Operate:"+pri); } }
PermissionThrowsAdvice类:
package com.jhalo.jsecurity.aop; import java.lang.reflect.Method; import org.springframework.aop.ThrowsAdvice; public class PermissionThrowsAdvice implements ThrowsAdvice{ public void afterThrowing(Method method, Object[] args, Object target, Throwable subclass) { System.out.println("Logging that a " + subclass + "Exception was thrown."); } }
SpringAopTest测试类:
package com.jhalo.jsecurity.aop; import java.util.Iterator; import java.util.List; import org.springframework.context.ApplicationContext; import org.springframework.context.support.FileSystemXmlApplicationContext; public class SpringAopTest { public static void main(String[] args) { //Read the configuration file ApplicationContext ctx = new FileSystemXmlApplicationContext("src/applicationContext.xml"); //Instantiate an object //ResourceBean x = (ResourceBean) ctx.getBean("bean"); //Execute the public method of the bean (the test) //1 //x.theMethod(); //2 String name = ""; /**//* name = x.getMethod1(); System.out.println("test result::" +name); name = x.getMethod2(); System.out.println("test result::" +name); name = x.getMethod3(); System.out.println("test result::" +name);*/ User user=new User(); //3 Service sb = (Service)ctx.getBean("service"); try{ name = sb.getBeanInfo(user); }catch(PermissionDeniedException pde){} System.out.println("User Test results::" +name); // User admin=new Administrator(); try{ name = sb.getBeanInfo(admin); }catch(PermissionDeniedException pde){} System.out.println("Administrator Test results::" +name); } }
applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> <bean id="bean" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="proxyInterfaces"> <value>com.jhalo.jsecurity.aop.ResourceBean</value> </property> <property name="target"> <ref local="beanTarget"/> </property> <property name="interceptorNames"> <list> <value>permissionCheckBeforeAdvisor</value> <value>permissionThrowAdvisor</value> </list> </property> </bean> <bean id="service" class="org.springframework.aop.framework.ProxyFactoryBean"> <property name="proxyInterfaces"> <value>com.jhalo.jsecurity.aop.Service</value> </property> <property name="target"> <ref local="serviceBean"/> </property> </bean> <bean id="beanTarget" class="com.jhalo.jsecurity.aop.ResourceBeanImpl"></bean> <bean id="serviceBean" class="com.jhalo.jsecurity.aop.ServiceBean"> <property name="bean"> <ref local="bean"/> </property> </bean> <bean id="permissionCheckBeforeAdvisor" class="org.springframework.aop.support.RegexpMethodPointcutAdvisor"> <property name="advice"> <ref local="thePermissionCheckBeforeAdvice"/> </property> <property name="pattern"> <value>.*</value> </property> </bean> <bean id="permissionThrowAdvisor" class="org.springframework.aop.support.RegexpMethodPointcutAdvisor"> <property name="advice"> <ref local="thePermissionThrowsAdvice"/> </property> <property name="pattern"> <value>.*</value> </property> </bean> <bean id="thePermissionCheckBeforeAdvice" class="com.jhalo.jsecurity.aop.PermissionCheckAdvice"></bean> <bean id="thePermissionThrowsAdvice" class="com.jhalo.jsecurity.aop.PermissionThrowsAdvice"></bean> </beans>
代码虽然简单,但是基本实现了为不同的用户赋予不同的权限的功能。
相关文章推荐
- spring aop实现用户权限管理的示例
- 《Spring+Mybatis》拦截器实现用户权限认证学习笔记与代码
- java annotation + springMVC 实现用户角色权限管理
- Spring AOP 实现用户权限验证
- ASP.NET MVC+EF框架+EasyUI实现权限管理系列(16)-类库架构扩展以及DLL文件生成修改和用户的简单添加
- ASP.NET MVC+EF框架+EasyUI实现权限管理系列(19)-用户信息的修改和浏览
- spring aop实现权限管理
- SpringSrcureCode在grails中实现用户--角色--权限的管理
- Java之Spring AOP 实现用户权限验证
- ASP.NET MVC+EF框架+EasyUI实现权限管理系列(19)-用户信息的修改和浏览
- rails3 中新用户注册、普通用户修改资料、管理员管理用户资料 权限之model 继承实现
- 使用Spring 的 AOP 实现权限管理
- ASP.NET MVC+EF框架+EasyUI实现权限管理系列(16)-类库架构扩展以及DLL文件生成修改和用户的简单添加
- 从零开始学 Java - Spring AOP 实现用户权限验证
- 权限管理系统(用户信息管理模块业务组件实现代码,带注解)
- springAOP与自定义注解实现细粒度权限控制管理
- SpringSrcureCode在grails中实现用户--角色--权限的管理
- ASP.NET MVC+EF框架+EasyUI实现权限管理系列(19)-用户信息的修改和浏览
- ASP.NET MVC+EF框架+EasyUI实现权限管理系列(16)-类库架构扩展以及DLL文件生成修改和用户的简单添加
- 实现业务系统中的用户权限管理--设计篇