本文介绍如何使用Spring AOP实现用户权限验证。通过创建UserInfo类存储用户名和密码,SecureBean类提供安全信息提示,SecurityAdvice类作为切面进行权限检查。若用户未认证或无访问权限,则抛出SecurityException。
文章关键字:|Spring AOP|验证|用户|权限|实例|java|
1.新建一个Java普通工程,并需导入spring-aop.jar包;
2.建UserInfo类:
package aop.secure;
public class UserInfo {
private String userName;
private String password;
public UserInfo(String userName, String password){
this.userName = userName;
this.password = password;
}
public String getPassword() {
return password;
}
public String getUserName() {
return userName;
}
}
3.建安全信息提示类SecureBean:
package aop.secure;
public class SecureBean {
public void writeSecureMessage(){
System.out.println("Every time I learn something new and it pushes some old stuff out of my brain.");
}
}
4.建切面类SecurityAdvice实现org.springframework.aop.MethodBeforeAdvice:
package aop.secure;
import java.lang.reflect.Method;
import org.springframework.aop.MethodBeforeAdvice;
public class SecurityAdvice implements MethodBeforeAdvice {
private SecurityManager securityManager;
public SecurityAdvice(){
this.securityManager = new SecurityManager();
}
public void before(Method method, Object[] args, Object target) throws Throwable {
UserInfo user = securityManager.getLoggedOnUser();
if(user == null){
System.out.println("No user authenticated.");
throw new SecurityException("Method name: " + method.getName());
}else if("chigo".equals(user.getUserName()) && "chigo".equals(user.getPassword())){
System.out.println("OKAY!");
}else{
System.out.println("Logged in user is: " + user.getUserName());
throw new SecurityException("User " + user.getUserName() + " is not allowed access to method " + method.getName());
}
}
}
未完,原文地址:http://www.evget.com/zh-CN/Info/ReadInfo.aspx?id=9263
1.新建一个Java普通工程,并需导入spring-aop.jar包;
2.建UserInfo类:
package aop.secure;
public class UserInfo {
private String userName;
private String password;
public UserInfo(String userName, String password){
this.userName = userName;
this.password = password;
}
public String getPassword() {
return password;
}
public String getUserName() {
return userName;
}
}
3.建安全信息提示类SecureBean:
package aop.secure;
public class SecureBean {
public void writeSecureMessage(){
System.out.println("Every time I learn something new and it pushes some old stuff out of my brain.");
}
}
4.建切面类SecurityAdvice实现org.springframework.aop.MethodBeforeAdvice:
package aop.secure;
import java.lang.reflect.Method;
import org.springframework.aop.MethodBeforeAdvice;
public class SecurityAdvice implements MethodBeforeAdvice {
private SecurityManager securityManager;
public SecurityAdvice(){
this.securityManager = new SecurityManager();
}
public void before(Method method, Object[] args, Object target) throws Throwable {
UserInfo user = securityManager.getLoggedOnUser();
if(user == null){
System.out.println("No user authenticated.");
throw new SecurityException("Method name: " + method.getName());
}else if("chigo".equals(user.getUserName()) && "chigo".equals(user.getPassword())){
System.out.println("OKAY!");
}else{
System.out.println("Logged in user is: " + user.getUserName());
throw new SecurityException("User " + user.getUserName() + " is not allowed access to method " + method.getName());
}
}
}
未完,原文地址:http://www.evget.com/zh-CN/Info/ReadInfo.aspx?id=9263
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
