解决方案 »
- jsp中怎样把数据绑定到一个html标签为<input type="text">上
- SWT简单问题,望指教
- hibernate菜鸟请教
- 请教:struts2中 传参乱码问题
- 拜托!请问全面学习J2EE一共要装哪些软件?谢谢!
- 在 Web Service中如何操作 servletContext 变量 ?
- 用 ant 发布程序到 WebLogic Server 上时的问题
- Sql server中text字段类型在struts中乱码问题
- jboss配置好了http://localhost:8080/jmx-console/index.jsp能打开但是?
- Java中典型的文件操作
- 电子商务毕业设计,烟草网上订货是否可实现?
- JdbcTemplate 连接恢复
import javax.annotation.Resource;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.SecurityMetadataSource;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.access.intercept.InterceptorStatusToken;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Service;@Service
public class MySecurityFilter extends AbstractSecurityInterceptor implements
Filter { @Autowired
private AccessDecisionManager myAccessDecisionManager;
@Autowired
private FilterInvocationSecurityMetadataSource mySecurityMetadataSource;
@Resource
private AuthenticationManager authenticationManager; public void destroy() { } @Override
public void doFilter(ServletRequest arg0, ServletResponse arg1,
FilterChain arg2) throws IOException, ServletException {
FilterInvocation fi = new FilterInvocation(arg0, arg1, arg2);
invoke(fi);
} private void invoke(FilterInvocation fi) throws IOException,
ServletException {
InterceptorStatusToken token = super.beforeInvocation(fi);
try {
fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
} finally {
super.afterInvocation(token, null);
}
} @PostConstruct
public void init() {
super.setAccessDecisionManager(myAccessDecisionManager);
super.setAuthenticationManager(authenticationManager);
} public void init(FilterConfig arg0) throws ServletException {
} @Override
public Class<?> getSecureObjectClass() {
return FilterInvocation.class;
} @Override
public SecurityMetadataSource obtainSecurityMetadataSource() {
return this.mySecurityMetadataSource;
}
}
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;import javax.annotation.PostConstruct;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Service;import com.healthtree.entity.Action;
import com.healthtree.entity.Role;
import com.healthtree.service.ActionService;@Service
public class MySecurityMetadataSource implements
FilterInvocationSecurityMetadataSource { @Autowired
private ActionService actionService;
private Map<String, Collection<ConfigAttribute>> resourceMap = null; @Override
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
} @PostConstruct
public void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
List<Action> medicalResources = actionService.findAll();
for (Action resource : medicalResources) {
Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
for (Role role : resource.getRoles()) {
ConfigAttribute ca = new SecurityConfig(role.getId().toString());
configAttributes.add(ca);
}
resourceMap.put(resource.getAction(), configAttributes);
}
} public void flush() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
List<Action> medicalResources = actionService.findAll();
for (Action resource : medicalResources) {
Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
for (Role role : resource.getRoles()) {
ConfigAttribute ca = new SecurityConfig(role.getId().toString());
configAttributes.add(ca);
}
resourceMap.put(resource.getAction(), configAttributes);
}
} @Override
public Collection<ConfigAttribute> getAttributes(Object arg0)
throws IllegalArgumentException {
String requestUrl = ((FilterInvocation) arg0).getRequestUrl();
if (requestUrl.indexOf("?") > -1)
requestUrl = requestUrl.substring(0, requestUrl.indexOf("?"));
return resourceMap.get(requestUrl);
} @Override
public boolean supports(Class<?> arg0) {
return true;
}}
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.AuthenticationUserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;import com.healthtree.entity.EmployeeInfo;
import com.healthtree.service.EmployeeInfoService;@SuppressWarnings("rawtypes")
@Service
public class MyUserDetailServiceImpl implements
AuthenticationUserDetailsService { @Autowired
private EmployeeInfoService employeeInfoService; @Override
public UserDetails loadUserDetails(Authentication token)
throws UsernameNotFoundException {
String account = token.getName();
EmployeeInfo admin = employeeInfoService.findByAccount(account);
return admin;
}}