小編給大家分享一下javaweb設(shè)計中filter粗粒度權(quán)限控制的示例分析�,希望大家閱讀完這篇文章之后都有所收獲,下面讓我們一起去探討吧��!
西鄉(xiāng)塘ssl適用于網(wǎng)站、小程序/APP�����、API接口等需要進行數(shù)據(jù)傳輸應(yīng)用場景���,ssl證書未來市場廣闊�!成為創(chuàng)新互聯(lián)的ssl證書銷售渠道��,可以享受市場價格4-6折優(yōu)惠�����!如果有意向歡迎電話聯(lián)系或者加微信:18980820575(備注:SSL證書合作)期待與您的合作!
1 說明
我們給出三個頁面:index.jsp����、user.jsp、admin.jsp�。
index.jsp:誰都可以訪問,沒有限制����;
user.jsp:只有登錄用戶才能訪問;
admin.jsp:只有管理員才能訪問�����。
2 分析
設(shè)計User類:username��、password�、grade,其中g(shù)rade表示用戶等級��,1表示普通用戶���,2表示管理員用戶。
當用戶登錄成功后����,把user保存到session中����。
創(chuàng)建LoginFilter�,它有兩種過濾方式:
如果訪問的是user.jsp,查看session中是否存在user����;
如果訪問的是admin.jsp,查看session中是否存在user���,并且user的grade等于2����。
3 代碼
LoginServlet
com.cug.web.servlet.LoginServlet
LoginServlet
/LoginServlet
index.jsp
UserFilter
com.cug.filter.UserFilter
UserFilter
/user/*
AdminFilter
com.cug.filter.AdminFilter
AdminFilter
/admin/*
LoginServlet.java
package com.cug.web.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.cug.domain.User;
import com.cug.web.service.UserService;
public class LoginServlet extends HttpServlet{
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
req.setCharacterEncoding("utf-8");
resp.setContentType("text/html;charset=utf-8");
String username = req.getParameter("username");
String password = req.getParameter("password");
User user = UserService.login(username, password);
if(user == null){
req.setAttribute("msg", "用戶名或者密碼錯誤");
req.getRequestDispatcher("/login.jsp").forward(req, resp);
} else{
req.getSession().setAttribute("user", user);
req.getRequestDispatcher("index.jsp").forward(req,resp);
}
}
}UserService
package com.cug.web.service;
import java.util.HashMap;
import java.util.Map;
import com.cug.domain.User;
public class UserService {
private static Map users = new HashMap();
static{
users.put("zhu", new User("zhu", "123", 2));
users.put("xiao", new User("xiao", "123", 1));
}
public static User login(String username, String password){
User user = users.get(username);
if(user == null)
return null;
if(!user.getPassword().equals(password))
return null;
return user;
}
}AdminFilter
package com.cug.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import com.cug.domain.User;
public class AdminFilter implements Filter{
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse resp,
FilterChain chain) throws IOException, ServletException {
req.setCharacterEncoding("utf-8");
resp.setContentType("text/html;charset=utf-8");
HttpServletRequest request = (HttpServletRequest)req;
User user = (User)request.getSession().getAttribute("user");
if(user == null){
resp.getWriter().print("用戶還沒有登陸");
request.getRequestDispatcher("/login.jsp").forward(req, resp);
}
if(user.getGrade() < 2){
resp.getWriter().print("您的等級不夠");
return;
}
chain.doFilter(req, resp);
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}UserFilter
package com.cug.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import com.cug.domain.User;
public class UserFilter implements Filter{
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
request.setCharacterEncoding("utf-8");
response.setContentType("text/html;charset=utf-8");
HttpServletRequest httpReq = (HttpServletRequest)request;
User user = (User)httpReq.getSession().getAttribute("user");
if(user == null){
request.getRequestDispatcher("/login.jsp").forward(request, response);
}
chain.doFilter(request, response);
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}User
package com.cug.domain;
public class User {
private String username;
private String password;
private int grade;
public User() {
super();
}
public User(String username, String password, int grade) {
super();
this.username = username;
this.password = password;
this.grade = grade;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public int getGrade() {
return grade;
}
public void setGrade(int grade) {
this.grade = grade;
}
@Override
public String toString() {
return "User [username=" + username + ", password=" + password
+ ", grade=" + grade + "]";
}
}html
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
My JSP 'admin.jsp' starting page
admin.jsp
${user.username }
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >首頁
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >用戶頁
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >系統(tǒng)管理員
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
My JSP 'user.jsp' starting page
user.jsp
${user.username }
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >首頁
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >用戶登陸界面
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >管理員登陸界面
用戶登錄
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
My JSP 'login.jsp' starting page
${msg }
" method="post">
用戶名:
密碼:
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
" rel="external nofollow" rel="external nofollow" rel="external nofollow" rel="external nofollow" >
My JSP 'index.jsp' starting page
index.jsp
${user.username }
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >首頁
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >用戶登陸界面
" rel="external nofollow" rel="external nofollow" rel="external nofollow" >管理員登陸界面
看完了這篇文章���,相信你對“javaweb設(shè)計中filter粗粒度權(quán)限控制的示例分析”有了一定的了解��,如果想了解更多相關(guān)知識����,歡迎關(guān)注創(chuàng)新互聯(lián)行業(yè)資訊頻道����,感謝各位的閱讀���!
網(wǎng)頁題目:javaweb設(shè)計中filter粗粒度權(quán)限控制的示例分析
鏈接地址:
http://weahome.cn/article/picspo.html
重慶分公司
重慶分公司
