jeecms-V6版本
修改web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>JeeCmsV6</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/config/application-context.xml
/WEB-INF/config/cache-context.xml
/WEB-INF/config/captcha-context.xml
/WEB-INF/config/jeecms/jeecore-context.xml
/WEB-INF/config/jeecms/jeecms-context.xml
/WEB-INF/config/shiro-context.xml
/WEB-INF/config/plug/**/*-context.xml
/WEB-INF/config/quartz-task.xml
</param-value>
</context-param>
<filter>
<filter-name>processTime</filter-name>
<filter-class>com.jeecms.common.web.ProcessTimeFilter</filter-class>
</filter>
<filter>
<filter-name>encoding</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter>
<filter-name>osivFilter</filter-name>
<filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
</filter>
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<!--@分隔-->
<filter>
<filter-name>XssFilter</filter-name>
<filter-class>com.jeecms.common.web.XssFilter</filter-class>
<init-param>
<param-name>excludeUrls</param-name>
<param-value>/member/contribute</param-value>
</init-param>
<init-param>
<param-name>SplitChar</param-name>
<param-value>@</param-value>
</init-param>
<init-param>
<param-name>FilterChar</param-name>
<param-value>'@"@\@#@:@%@></param-value>
</init-param>
<init-param>
<param-name>ReplaceChar</param-name>
<param-value>‘@“@\@#@:@%@></param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>processTime</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>osivFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>processTime</filter-name>
<url-pattern>*.jspx</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>*.jspx</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>osivFilter</filter-name>
<url-pattern>*.jspx</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>processTime</filter-name>
<url-pattern>*.jhtml</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>*.jhtml</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>osivFilter</filter-name>
<url-pattern>*.jhtml</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>processTime</filter-name>
<url-pattern>*.htm</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>*.htm</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>osivFilter</filter-name>
<url-pattern>*.htm</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>processTime</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>osivFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>osivFilter</filter-name>
<url-pattern>/</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>XssFilter</filter-name>
<url-pattern>/login.jspx</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>XssFilter</filter-name>
<!-- <url-pattern>/jeeadmin/jeecms/login.do</url-pattern>-->
<url-pattern>/cmsadpath/login.do</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>JeeCmsAdmin</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/config/jeecms-servlet-admin.xml
/WEB-INF/config/plug/**/*-servlet-admin-action.xml
</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>JeeCmsFront</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/config/jeecms-servlet-front.xml
/WEB-INF/config/plug/**/*-servlet-front-action.xml
</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet>
<servlet-name>Jcaptcha</servlet-name>
<servlet-class>com.jeecms.common.captcha.JcaptchaServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Jcaptcha</servlet-name>
<url-pattern>/captcha.svl</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>DbFile</servlet-name>
<servlet-class>com.jeecms.core.action.front.DbFileServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>SnapScreen</servlet-name>
<servlet-class>com.jeecms.core.action.front.SnapScreenServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SnapScreen</servlet-name>
<url-pattern>/snapscreen.svl</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JeeCmsAdmin</servlet-name>
<!-- <url-pattern>/jeeadmin/jeecms/*</url-pattern>-->
<url-pattern>/cmsadpath/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JeeCmsFront</servlet-name>
<url-pattern>*.jhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JeeCmsFront</servlet-name>
<url-pattern>*.jspx</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JeeCmsFront</servlet-name>
<url-pattern>*.jsp</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>JeeCmsFront</servlet-name>
<url-pattern>*.htm</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>DbFile</servlet-name>
<url-pattern>/dbfile.svl</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
</listener>
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.shtml</welcome-file>
<welcome-file>index.jhtml</welcome-file>
</welcome-file-list>
<error-page>
<error-code>403</error-code>
<location>/WEB-INF/error/403.html</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/404.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/error/500.html</location>
</error-page>
<mime-mapping>
<extension>rar</extension>
<mime-type>application/zip</mime-type>
</mime-mapping>
<mime-mapping>
<extension>doc</extension>
<mime-type>application/zip</mime-type>
</mime-mapping>
<mime-mapping>
<extension>wps</extension>
<mime-type>application/zip</mime-type>
</mime-mapping>
<mime-mapping>
<extension>et</extension>
<mime-type>application/zip</mime-type>
</mime-mapping>
</web-app>
修改shiro-context.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.2.xsd"
default-lazy-init="true">
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager" />
<property name="loginUrl" value="/login.jspx" />
<property name="successUrl" value="/" />
<property name="filters">
<util:map>
<entry key="authc" value-ref="authcFilter" />
<entry key="user" value-ref="userFilter" />
<entry key="logout" value-ref="logoutFilter" />
</util:map>
</property>
<!--anon匿名 authc登录认证 user用户已登录 logout退出filter-->
<property name="filterChainDefinitions">
<value>
*.jspx = anon
*.jhtml = anon
/member/forgot_password.jspx = anon
/member/password_reset.jspx = anon
/login.jspx = authc
/logout.jspx = logout
/member/** = user
<!-- /jeeadmin/jeecms/login.do = authc-->
<!-- /jeeadmin/jeecms/logout.do = logout-->
<!-- /jeeadmin/jeecms/** =user-->
/cmsadpath/login.do = authc
/cmsadpath/logout.do = logout
/cmsadpath/** =user
</value>
</property>
</bean>
<!-- Shiro Filter -->
<bean id="adminUrlBean" class="com.jeecms.core.security.CmsAdminUrl">
<!-- <property name="adminLogin" value="/jeeadmin/jeecms/login.do"/>-->
<!-- <property name="adminPrefix" value="/jeeadmin/jeecms/"/>-->
<property name="adminLogin" value="/cmsadpath/login.do"/>
<property name="adminPrefix" value="/cmsadpath/"/>
</bean>
<bean id="authcFilter" class="com.jeecms.core.security.CmsAuthenticationFilter" parent="adminUrlBean">
<!-- <property name="adminIndex" value="/jeeadmin/jeecms/index.do"/>-->
<property name="adminIndex" value="/cmsadpath/index.do"/>
</bean>
<bean id="userFilter" class="com.jeecms.core.security.CmsUserFilter" parent="adminUrlBean"/>
<bean id="logoutFilter" class="com.jeecms.core.security.CmsLogoutFilter" parent="adminUrlBean"/>
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="authorizingRealm" />
<property name="cacheManager" ref="shiroEhcacheManager"/>
</bean>
<bean id="authorizingRealm" class="com.jeecms.core.security.CmsAuthorizingRealm">
<property name="credentialsMatcher">
<bean class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<property name="hashAlgorithmName" value="MD5"/>
<!-- true means hex encoded, false means base64 encoded -->
<property name="storedCredentialsHexEncoded" value="true"/>
<!-- 迭代次数 -->
<property name="hashIterations" value="1" />
</bean>
</property>
<property name="cmsUserMng" ref="cmsUserMng" />
</bean>
<bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManagerConfigFile">
<value>classpath:ehcache-shiro.xml</value>
</property>
</bean>
<!-- Enable Shiro Annotations for Spring-configured beans. Only run after -->
<!-- the lifecycleBeanProcessor has run: -->
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
</beans>
修改jeecms-servlet-admin.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd"
default-lazy-init="true">
<bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="cacheSeconds" value="-1"/>
<property name="basenames" value="#{propertyUtils.getList('messages.admin.')}"/>
</bean>
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"/>
<!--
<bean id="multipartResolver" class="com.jeecms.common.web.cos.CosMultipartResolver"/>
-->
<bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
<property name="webBindingInitializer">
<bean class=" com.jeecms.common.web.springmvc.BindingInitializer"/>
</property>
</bean>
<bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>/WEB-INF/config/firewall.properties</value>
</list>
</property>
</bean>
<bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
<property name="interceptors">
<list>
<ref bean="adminContextInterceptor"/>
<ref bean="adminLocaleIntercept"/>
<ref bean="fireWallInterceptor"/>
</list>
</property>
</bean>
<bean id="adminContextInterceptor" class="com.jeecms.cms.web.AdminContextInterceptor">
<!--<property name="adminId" value="1"/>-->
<property name="auth" value="true"/>
<property name="excludeUrls">
<list>
<value>/login.do</value>
<value>/logout.do</value>
</list>
</property>
<property name="managepath" value="/cmsadpath"/> <!--"/"-->
</bean>
<bean id="adminLocaleIntercept" class="com.jeecms.cms.web.AdminLocaleInterceptor"/>
<bean id="fireWallInterceptor" class="com.jeecms.cms.web.FireWallInterceptor"/>
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
</bean>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager"/>
</bean>
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
<property name="cookieName" value="clientlanguage"/>
<property name="cookieMaxAge" value="-1"/>
</bean>
<bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
<property name="exceptionMappings">
<props>
<prop key="org.springframework.web.bind.MissingServletRequestParameterException">/error/requiredParameter</prop>
<prop key="org.springframework.beans.TypeMismatchException">/error/mismatchParameter</prop>
<prop key="org.springframework.web.bind.ServletRequestBindingException">/error/bindException</prop>
<prop key="org.apache.shiro.authz.AuthorizationException">/error/authrizationException</prop>
</props>
</property>
</bean>
<!--
<bean class="com.jeecms.common.web.springmvc.HandlerExceptionResolver"/>
-->
<bean id="freemarkerViewResolver" class="com.jeecms.common.web.springmvc.RichFreeMarkerViewResolver">
<property name="prefix" value="/jeecms_sys/"/>
<property name="suffix" value=".html"/>
<property name="contentType" value="text/html; charset=UTF-8"/>
<property name="exposeRequestAttributes" value="false"/>
<property name="exposeSessionAttributes" value="false"/>
<property name="exposeSpringMacroHelpers" value="true"/>
</bean>
<bean id="freemarkerConfig" class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
<property name="templateLoaderPath" value="/WEB-INF"/>
<property name="freemarkerVariables">
<map>
<!--在FCK编辑器中需要用到appBase,以确定connector路径。-->
<!-- <entry key="appBase" value="/jeeadmin/jeecms"/>-->
<entry key="appBase" value="/cmsadpath"/>
<!--后台管理权限控制-->
<entry key="cms_perm" value-ref="cms_perm"/>
<entry key="text_cut" value-ref="text_cut"/>
<entry key="html_cut" value-ref="html_cut"/>
<entry key="cms_content_list" value-ref="cms_content_list"/>
<entry key="cms_content_page" value-ref="cms_content_page"/>
</map>
</property>
<property name="freemarkerSettings">
<props>
<prop key="template_update_delay">0</prop>
<prop key="defaultEncoding">UTF-8</prop>
<prop key="url_escaping_charset">UTF-8</prop>
<prop key="locale">zh_CN</prop>
<prop key="boolean_format">true,false</prop>
<prop key="datetime_format">yyyy-MM-dd HH:mm:ss</prop>
<prop key="date_format">yyyy-MM-dd</prop>
<prop key="time_format">HH:mm:ss</prop>
<prop key="number_format">0.######</prop>
<prop key="whitespace_stripping">true</prop>
<prop key="auto_import">/ftl/jeecms/index.ftl as p,/ftl/spring.ftl as s</prop>
</props>
</property>
</bean>
<context:annotation-config/>
<!--包含action-->
<import resource="jeecms/jeecms-servlet-admin-action.xml"/>
</beans>
修改java文件(AdminContextInterceptor):
package com.jeecms.cms.web;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import org.springframework.web.util.UrlPathHelper;
import com.jeecms.common.web.CookieUtils;
import com.jeecms.core.entity.CmsSite;
import com.jeecms.core.entity.CmsUser;
import com.jeecms.core.manager.CmsSiteMng;
import com.jeecms.core.manager.CmsUserMng;
import com.jeecms.core.security.CmsAuthorizingRealm;
import com.jeecms.core.web.util.CmsUtils;
/**
* CMS上下文信息拦截器
*
* 包括登录信息、权限信息、站点信息
*/
public class AdminContextInterceptor extends HandlerInterceptorAdapter {
private static final Logger log = Logger.getLogger(AdminContextInterceptor.class);
public static final String SITE_PARAM = "_site_id_param";
public static final String SITE_COOKIE = "_site_id_cookie";
public static final String SITE_PATH_PARAM = "path";
public static final String PERMISSION_MODEL = "_permission_key";
public static Integer SLASH_COUNT = 0;
public static String ManagerPath= "/";
@Override
public boolean preHandle(HttpServletRequest request,
HttpServletResponse response, Object handler) throws Exception {
// 获得站点
CmsSite oldSite=getByCookie(request);
CmsSite site = getSite(request, response);
CmsUtils.setSite(request, site);
// Site加入线程变量
CmsThreadVariable.setSite(site);
// 获得用户
CmsUser user = null;
Subject subject = SecurityUtils.getSubject();
if (subject.isAuthenticated()) {
String username = (String) subject.getPrincipal();
user = cmsUserMng.findByUsername(username);
}
// 此时用户可以为null
CmsUtils.setUser(request, user);
// User加入线程变量
CmsThreadVariable.setUser(user);
String uri = getURI(request);
if (exclude(uri)) {
return true;
}
//切换站点移除shiro缓存
if(oldSite!=null&&!oldSite.equals(site)&&user!=null){
authorizingRealm.removeUserAuthorizationInfoCache(user.getUsername().toString());
}
createJsessionId(request, response, site);
return true;
}
@Override
public void postHandle(HttpServletRequest request,
HttpServletResponse response, Object handler, ModelAndView mav)
throws Exception {
CmsUser user = CmsUtils.getUser(request);
CmsSite site=CmsUtils.getSite(request);
// 不控制权限时perm为null,PermistionDirective标签将以此作为依据不处理权限问题。
if (auth && user != null && !user.isSuper() && mav != null
&& mav.getModelMap() != null && mav.getViewName() != null
&& !mav.getViewName().startsWith("redirect:")) {
mav.getModelMap().addAttribute(PERMISSION_MODEL, getUserPermission(site, user));
}
}
@Override
public void afterCompletion(HttpServletRequest request,
HttpServletResponse response, Object handler, Exception ex)
throws Exception {
// Sevlet容器有可能使用线程池,所以必须手动清空线程变量。
CmsThreadVariable.removeUser();
CmsThreadVariable.removeSite();
}
/**
* 按参数、cookie、域名、默认。
*
* @param request
* @return 不会返回null,如果站点不存在,则抛出异常。
*/
private CmsSite getSite(HttpServletRequest request,
HttpServletResponse response) {
CmsSite site = getByParams(request, response);
if (site == null) {
site = getByCookie(request);
}
if (site == null) {
site = getByDomain(request);
}
if (site == null) {
site = getByDefault();
}
if (site == null) {
throw new RuntimeException("cannot get site!");
} else {
return site;
}
}
private CmsSite getByParams(HttpServletRequest request,
HttpServletResponse response) {
String p = request.getParameter(SITE_PARAM);
if (!StringUtils.isBlank(p)) {
try {
Integer siteId = Integer.parseInt(p);
CmsSite site = cmsSiteMng.findById(siteId);
if (site != null) {
// 若使用参数选择站点,则应该把站点保存至cookie中才好。
CookieUtils.addCookie(request, response, SITE_COOKIE, site
.getId().toString(), null, null);
return site;
}
} catch (NumberFormatException e) {
log.warn("param site id format exception", e);
}
}
return null;
}
private CmsSite getByCookie(HttpServletRequest request) {
Cookie cookie = CookieUtils.getCookie(request, SITE_COOKIE);
if (cookie != null) {
String v = cookie.getValue();
if (!StringUtils.isBlank(v)) {
try {
Integer siteId = Integer.parseInt(v);
return cmsSiteMng.findById(siteId);
} catch (NumberFormatException e) {
log.warn("cookie site id format exception", e);
}
}
}
return null;
}
private CmsSite getByDomain(HttpServletRequest request) {
String domain = request.getServerName();
if (!StringUtils.isBlank(domain)) {
return cmsSiteMng.findByDomain(domain);
}
return null;
}
private CmsSite getByDefault() {
List<CmsSite> list = cmsSiteMng.getListFromCache();
if (list.size() > 0) {
return list.get(0);
} else {
return null;
}
}
private boolean exclude(String uri) {
if (excludeUrls != null) {
for (String exc : excludeUrls) {
if (exc.equals(uri)) {
return true;
}
}
}
return false;
}
private void createJsessionId(HttpServletRequest request,HttpServletResponse response,CmsSite site){
String JSESSIONID = request.getSession().getId();//获取当前JSESSIONID (不管是从主域还是二级域访问产生)
Cookie cookie = new Cookie("JSESSIONID", JSESSIONID);
cookie.setDomain(site.getBaseDomain()); //关键在这里,将cookie设成主域名访问,确保不同域之间都能获取到该cookie的值,从而确保session统一
response.addCookie(cookie); //将cookie返回到客户端
}
/**
* 获得第三个路径分隔符的位置
*
* @param request
* @throws IllegalStateException
* 访问路径错误,没有三(四)个'/'
*/
private static String getURI(HttpServletRequest request)
throws IllegalStateException {
UrlPathHelper helper = new UrlPathHelper();
String uri = helper.getOriginatingRequestUri(request);
String ctxPath = helper.getOriginatingContextPath(request);
int start = 0, i = 0, count = SLASH_COUNT;//2->0
if (!StringUtils.isBlank(ctxPath)) {
count++;
}
while (i < count && start != -1) {
start = uri.indexOf('/', start + 1);
i++;
}
if (start <= 0) {
throw new IllegalStateException(
//后台路径,/jeeadmin/jeecms/...->cmsadpath
"admin access path not like '" + ManagerPath + "...' pattern: " + uri);
}
return uri.substring(start);
}
private Set<String>getUserPermission(CmsSite site,CmsUser user){
Set<String>viewPermissionSet=new HashSet<String>();
Set<String> perms = user.getPerms(site.getId(),viewPermissionSet);
Set<String> userPermission=new HashSet<String>();
for(String perm:perms){
perm="/"+perm;
if(perm.contains(":")){
perm=perm.replace(":", "/").replace("*", "");
}
userPermission.add(perm);
}
return userPermission;
}
private CmsSiteMng cmsSiteMng;
private CmsUserMng cmsUserMng;
private boolean auth = true;
private String[] excludeUrls;
private String managePath; //后台路径
@Autowired
private CmsAuthorizingRealm authorizingRealm;
@Autowired
public void setCmsSiteMng(CmsSiteMng cmsSiteMng) {
this.cmsSiteMng = cmsSiteMng;
}
@Autowired
public void setCmsUserMng(CmsUserMng cmsUserMng) {
this.cmsUserMng = cmsUserMng;
}
public void setAuth(boolean auth) {
this.auth = auth;
}
public void setExcludeUrls(String[] excludeUrls) {
this.excludeUrls = excludeUrls;
}
public void setManagePath(String managePath){
this.managePath = managePath;
ManagerPath = this.managePath;
<span style="font-family: Arial, Helvetica, sans-serif;"> int start = 0,count = -1;</span>
if (!this.managePath.equals("/")) {
{
start = managePath.indexOf('/', start + 1);
count++;
}while (start != -1);
}
SLASH_COUNT = count;
}
}
版权声明:本文为博主原创文章,未经博主允许不得转载。