java权限过滤器
标签:style date try amp hashmap jsp set col direct
个人案列:
package com.ilas.bookcase.filter;
import com.ilas.bookcase.controller.admin.AdminController;
import com.ilas.bookcase.entity.Permission;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
/**
* @Author zzx
* @Date 2019/5/8 9:17
*/
public class AdminLoginFilter extends OncePerRequestFilter {
private String[] publicUrl;
private Map fileterUrlMap;
public AdminLoginFilter() {
publicUrl = new String[]{
"/admin/css/\\S*",
"/admin/fonts/\\S*",
"/admin/img/\\S*",
"/admin/js/\\S*",
"/public/\\S*",
"/admin/signIn",
"/admin/signOut",
"/admin/Sign-in.jsp"
};
fileterUrlMap = new HashMap();
fileterUrlMap.put("1001", "/admin/OperatorMgt.jsp");
fileterUrlMap.put("1002", "/admin/SysteamLog.jsp");
fileterUrlMap.put("2001", "/admin/ReadWriterMgt.jsp");
fileterUrlMap.put("2002", "/admin/BookcaseMgt.jsp");
fileterUrlMap.put("3001", "/admin/BookPutOnShelf.jsp");
fileterUrlMap.put("3002", "/admin/BookOutforShelf.jsp");
fileterUrlMap.put("3003", "/admin/BookMaintenance.jsp");
fileterUrlMap.put("3004", "/admin/ReaderInfo.jsp");
fileterUrlMap.put("3005", "/admin/SysteamLog.jsp");
fileterUrlMap.put("3006", "/admin/OpeAbnormalLog.jsp");
fileterUrlMap.put("4001", "/admin/LinkParamConfig.jsp");
}
@Override
protected void doFilterInternal(HttpServletRequest Request, HttpServletResponse Response, FilterChain filterChain) throws ServletException, IOException {
String requestURI = Request.getRequestURI();
String contextPath = Request.getContextPath();
boolean state=false;
if(!contextPath.equals("/")){
requestURI=requestURI.substring(contextPath.length());
}
for(String url:publicUrl){
if(requestURI.matches(url)){
filterChain.doFilter(Request,Response);
return;
}
}
HttpSession session = Request.getSession();
Object attribute = session.getAttribute(AdminController.CURRENT_LOGIN_ADMIN);
List permissions = (List)session.getAttribute(AdminController.CURRENT_ROLE_PERMISSION);
String menuUrl="/admin/MenuList.jsp";
if(attribute!=null){
if(permissions!=null && permissions.size()>0){
//查看角色是否有该页面的权限
Iterator> iterator = fileterUrlMap.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry next = iterator.next();
if (next.getValue().matches(requestURI)) {
for (Permission permission : permissions) {
if (next.getKey().equals(permission.getCode())) {
filterChain.doFilter(Request, Response);
return;
}
}
//角色没有该权限
state=false;
break;
}
state=true;
}
//找不到需要权限校验的页面放行
if(state){
filterChain.doFilter(Request, Response);
return;
}
}
if(requestURI.equals(menuUrl)){
filterChain.doFilter(Request,Response);
return;
}
Response.sendRedirect(Request.getContextPath() + "/admin/MenuList.jsp");
}else{
Response.sendRedirect(Request.getContextPath()+"/admin/Sign-in.jsp");
}
}
}
java权限过滤器
标签:style date try amp hashmap jsp set col direct
原文地址:https://www.cnblogs.com/zexin/p/11122285.html
评论