TA的每日心情 | 开心
2021-3-12 23:18 |
|---|
签到天数: 2 天 [LV.1]初来乍到
|
|
用户+角色+权限javaweb实现
------------------------------------------------------------------------------------
权限控制表设计(用户+角色+权限)
大概有这几种模式:
用户+组+角色+权限
用户+组+权限
用户+角色+权限
用户+权限 两种权限管理,其一是功能权限的管理,而另外一种则是资源权限的管理
A.数据库表形式
1.用户表
用户编号, 用户名, 密码, 角色编号
2.角色表
角色编号, 角色名
3.功能表(主要保存系统功能清单)
编号, 功能名称, 父编号, URL
4.角色权限对应表
编号, 角色编号, 功能编号, 权限
------------------------------------------------------------------------------------
import java.util.Set;
public class UserVo {
private Integer id;
private String uname;
private String password;
private Level level;
public Level getLevel() {
return level;
}
public void setLevel(Level level) {
this.level = level;
}
public String getUname() {
return uname;
}
public void setUname(String uname) {
this.uname = uname;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
}
public class Level {
private Integer id;
private String levelName;
private Set<Quanxian> qx = new HashSet<Quanxian>(0);
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getLevelName() {
return levelName;
}
public void setLevelName(String levelName) {
this.levelName = levelName;
}
public Set<Quanxian> getQx() {
return qx;
}
public void setQx(Set<Quanxian> qx) {
this.qx = qx;
}
}
public class Quanxian {
private Integer id;
private String quanxian;
private Integer fatherid;
private String url;
public Integer getFatherid() {
return fatherid;
}
public void setFatherid(Integer fatherid) {
this.fatherid = fatherid;
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getQuanxian() {
return quanxian;
}
public void setQuanxian(String quanxian) {
this.quanxian = quanxian;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
}
public class AdminLoginCheck extends HttpServlet implements Filter {
//通过 一个过滤器 Filter 进行权限控制
private FilterConfig filterConfig;
//Handle the passed-in FilterConfig
public void init(FilterConfig filterConfig) throws ServletException {
this.filterConfig = filterConfig;
}
//Process the request/response pair
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) {//System.out.println(this.getClass()+": doFilter()");
HttpServletRequest req = (HttpServletRequest)request;
//System.out.println(req.getServletPath());
HttpServletResponse res = (HttpServletResponse)response;
HttpSession ses = req.getSession();
Uservo uervo =ses.getAttribute("user")
try {//System.out.println("in Adminloginf........");
if(uervo ==null)
{
res.sendRedirect(req.getContextPath());
}else{
Boolean allow= false ;
Set<Quanxian> qxs = uservo.getLevel().getQx();
For(Quanxian o:qxs){
If(o.getUrl().equals(req.getServletPath())){
allow=true;
}
}
If(allow){
filterChain.doFilter(request, response);}
}
} catch (ServletException sx) {
filterConfig.getServletContext().log(sx.getMessage());
} catch (IOException iox) {
filterConfig.getServletContext().log(iox.getMessage());
}
}
//Clean up resources
public void destroy() {
}
}
|
|
|手机版|Java学习者论坛
( 声明:本站资料整理自互联网,用于Java学习者交流学习使用,对资料版权不负任何法律责任,若有侵权请及时联系客服屏蔽删除 )
发表于 2014-10-2 00:36:28