首页 诗词 字典 板报 句子 名言 友答 励志 学校 网站地图
当前位置: 首页 > 教程频道 > 软件管理 > 软件架构设计 >

基于spring security3的权限 运用

2012-06-27 
基于spring security3的权限 应用1.创建mavn项目,导入一些必须的包:pom.xml2.编写web.xml3.编写spring-sec

基于spring security3的权限 应用
1.创建mavn项目,导入一些必须的包:
pom.xml


2.编写web.xml


3.编写spring-security.xml

4.编写spring-despatcher


5.编写datasource配置文件



5.编写resource.properties


7.实现spring security3 AccessDecisionManager,AbstractSecurityInterceptor,FilterInvocationSecurityMetadataSource,UserDetailsService和UserDetails类

/** *  */package security;import java.util.Collection;import java.util.Iterator;import org.springframework.security.access.AccessDecisionManager;import org.springframework.security.access.AccessDeniedException;import org.springframework.security.access.ConfigAttribute;import org.springframework.security.access.SecurityConfig;import org.springframework.security.authentication.InsufficientAuthenticationException;import org.springframework.security.core.Authentication;import org.springframework.security.core.GrantedAuthority;/** * @author meiquan_yang * */public class MyAccessDecisionManager implements AccessDecisionManager{public void decide(Authentication authentication, Object object,Collection<ConfigAttribute> configAttributes)throws AccessDeniedException, InsufficientAuthenticationException {if(configAttributes == null){          return ;      }      System.out.println(object.toString()); //objectis a URL.      Iterator<ConfigAttribute>ite=configAttributes.iterator();      while(ite.hasNext()){          ConfigAttribute ca=ite.next();          String needRole=((SecurityConfig)ca).getAttribute();          for(GrantedAuthority ga:authentication.getAuthorities()){              if(needRole.equals(ga.getAuthority())){ //ga isuser's role.                  return;              }          }      }      throw new AccessDeniedException("");}public boolean supports(ConfigAttribute attribute) {return true;}public boolean supports(Class<?> clazz) {return true;}}/** *  */package security;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import org.springframework.security.access.SecurityMetadataSource;import org.springframework.security.access.intercept.AbstractSecurityInterceptor;import org.springframework.security.access.intercept.InterceptorStatusToken;import org.springframework.security.web.FilterInvocation;import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;/** * @author meiquan_yang * */public class MyFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter{private FilterInvocationSecurityMetadataSource securityMetadataSource;public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() {return securityMetadataSource;}public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource securityMetadataSource) {this.securityMetadataSource = securityMetadataSource;}public void init(FilterConfig filterConfig) throws ServletException {// TODO Auto-generated method stubSystem.out.println(filterConfig);}public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {FilterInvocation fi = new FilterInvocation(request,response,chain);InterceptorStatusToken token = super.beforeInvocation(fi);try{fi.getChain().doFilter(request, response);}finally{super.afterInvocation(token, null);}}public void destroy() {// TODO Auto-generated method stub}@Overridepublic Class<? extends Object> getSecureObjectClass() {// TODO Auto-generated method stubreturn FilterInvocation.class;}@Overridepublic SecurityMetadataSource obtainSecurityMetadataSource() {return this.securityMetadataSource;}}/** *  */package security;import java.util.ArrayList;import java.util.Collection;import java.util.HashMap;import java.util.Iterator;import java.util.List;import java.util.Map;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.security.access.ConfigAttribute;import org.springframework.security.access.SecurityConfig;import org.springframework.security.web.FilterInvocation;import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;import org.springframework.security.web.util.AntUrlPathMatcher;import org.springframework.security.web.util.UrlMatcher;import org.springframework.stereotype.Service;import service.SecurityService;import entity.Role;import entity.Url;/** * @author meiquan_yang * */@Servicepublic class MySecurityMetadataSource implements FilterInvocationSecurityMetadataSource{@Autowiredprivate SecurityService securityService;public static Map<String, Collection<ConfigAttribute>> resourceMap = null;  private UrlMatcher urlMatcher = new AntUrlPathMatcher();;public void initResourceMap(){resourceMap = new HashMap<String,Collection<ConfigAttribute>>();List<Url> urls = securityService.listUrls();for(Url url:urls){Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();for(Role r:url.getRoles()){configAttributes.add(new SecurityConfig(r.getName()));}resourceMap.put(url.getUrl(), configAttributes);}}public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {String url = ((FilterInvocation)object).getRequestUrl();Iterator<String> ite =resourceMap.keySet().iterator();while (ite.hasNext()) {String resURL = ite.next();if (urlMatcher.pathMatchesUrl(url, resURL)) {return resourceMap.get(resURL);}}return null;}public Collection<ConfigAttribute> getAllConfigAttributes() {return null;}public boolean supports(Class<?> clazz) {return true;}}package security;import java.util.ArrayList;import java.util.Collection;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.dao.DataAccessException;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.GrantedAuthorityImpl;import org.springframework.security.core.userdetails.UserDetails;import org.springframework.security.core.userdetails.UserDetailsService;import org.springframework.security.core.userdetails.UsernameNotFoundException;import org.springframework.stereotype.Service;import dao.UserDao;import entity.Role;import entity.User;@Servicepublic class MyUserDetailsService implements UserDetailsService {@Autowiredprivate UserDao userDao;public UserDetails loadUserByUsername(String username)throws UsernameNotFoundException, DataAccessException {User u = userDao.listByName(username);UserDetailsImpl userDetails = null;if(u!=null){Collection<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();for(Role r:u.getRoles()){authorities.add(new GrantedAuthorityImpl(r.getName()));}userDetails = new UserDetailsImpl(u);userDetails.setAuthorities(authorities);}return userDetails;}}package security;import java.util.Collection;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.userdetails.UserDetails;import entity.User;public class UserDetailsImpl extends User implements UserDetails{private Collection<GrantedAuthority> authorities;private static final long serialVersionUID = 1L;private boolean accountNonExpired;private boolean accountNonLocked;private boolean credentialsNonExpired;private boolean enabled;public void setEnabled(boolean enabled) {this.enabled = enabled;}public UserDetailsImpl(User u){this.accountNonExpired = true;this.accountNonLocked = true;this.credentialsNonExpired = true;this.setEnabled(true);this.setPassword(u.getPassword());this.setUsername(u.getUsername());//this.setAuthorities(u.getAuthorities());this.setRemark(u.getRemark());}public void setAccountNonExpired(boolean accountNonExpired) {this.accountNonExpired = accountNonExpired;}public void setAccountNonLocked(boolean accountNonLocked) {this.accountNonLocked = accountNonLocked;}public void setCredentialsNonExpired(boolean credentialsNonExpired) {this.credentialsNonExpired = credentialsNonExpired;}public Collection<GrantedAuthority> getAuthorities() {return this.authorities;}public void setAuthorities(Collection<GrantedAuthority> authorities) {this.authorities = authorities;}public boolean isAccountNonExpired() {return this.accountNonExpired;}public boolean isAccountNonLocked() {return this.accountNonLocked;}public boolean isCredentialsNonExpired() {return this.credentialsNonExpired;}public boolean isEnabled() {return this.enabled;}}


不想详解!

热点排行