Filter的应用--权限过滤
发布日期:2022-03-13 05:36:14 浏览次数:10 分类:技术文章

本文共 15030 字,大约阅读时间需要 50 分钟。

因为项目比较长,需要一步步进行实现,所以分解成一个一个需求。

 

一:需求一

1.需求一

  可以看某人的权限,同时,可以对这个用户进行权限的修改。

 

2.程序实现

 

3.程序目录

  

 

4.User.java

1 package com.web; 2  3 import java.util.List; 4  5 public class User { 6     private String userName; 7     private List
authorities; 8 public void User(){ 9 10 }11 public User(String userName, List
authorities) {12 this.userName = userName;13 this.authorities = authorities;14 }15 public String getUserName() {16 return userName;17 }18 public void setUserName(String userName) {19 this.userName = userName;20 }21 public List
getAuthorities() {22 return authorities;23 }24 public void setAuthorities(List
authorities) {25 this.authorities = authorities;26 }27 28 }

 

5.Authority.java

1 package com.web; 2  3 public class Authority { 4     private String displayName; 5     private String url; 6     public void Authority() { 7          8     } 9     public Authority(String displayName, String url) {10         this.displayName = displayName;11         this.url = url;12     }13     public String getDisplayName() {14         return displayName;15     }16     public void setDisplayName(String displayName) {17         this.displayName = displayName;18     }19     public String getUrl() {20         return url;21     }22     public void setUrl(String url) {23         this.url = url;24     }25     26 }

 

6.UserDao.java

1 package com.dao; 2  3 import java.util.ArrayList; 4 import java.util.HashMap; 5 import java.util.List; 6 import java.util.Map; 7  8 import com.web.Authority; 9 import com.web.User;10 11 public class UserDao {12     //初始化13     private static Map
users;14 private static List
authorities=null;15 static {16 users=new HashMap
();17 authorities=new ArrayList<>();18 19 authorities.add(new Authority("Article-1", "/article-1.jsp"));20 authorities.add(new Authority("Article-2", "/article-2.jsp"));21 authorities.add(new Authority("Article-3", "/article-3.jsp"));22 authorities.add(new Authority("Article-4", "/article-4.jsp")); 23 24 User user1=new User("AAA", authorities.subList(0, 2));25 users.put("AAA", user1);26 27 User user2=new User("BBB", authorities.subList(2, 4));28 users.put("BBB", user2);29 }30 31 /**32 * 得到用戶User(String,List
)33 * @param userName34 * @return35 */36 public User get(String userName) {37 return users.get(userName);38 }39 40 /**41 * 进行更新用户权限42 * 方法是得到用户,然后对这个用户进行赋权限43 * @param userName44 * @param authorities45 */46 public void update(String userName,List
authorities) {47 users.get(userName).setAuthorities(authorities);48 }49 50 /**51 * 获取权限,这个是所有的权限52 */53 public List
getAuthorities(){54 return authorities;55 }56 57 /**58 * 59 * @param authorities260 * @return61 */62 public List
getAuthorities(String[] urls) {63 List
authorities2=new ArrayList
();64 for(Authority authority:authorities) {65 if(urls!=null) {66 for(String url : urls) {67 if(url.equals(authority.getUrl())) {68 authorities2.add(authority);69 }70 }71 }72 }73 74 75 return authorities2;76 }77 78 }

 

7.AuthorityServlet.java

1 package com.web; 2  3 import java.io.IOException; 4 import java.lang.reflect.InvocationTargetException; 5 import java.lang.reflect.Method; 6 import java.util.ArrayList; 7 import java.util.List; 8  9 import javax.servlet.ServletException;10 import javax.servlet.annotation.WebServlet;11 import javax.servlet.http.HttpServlet;12 import javax.servlet.http.HttpServletRequest;13 import javax.servlet.http.HttpServletResponse;14 15 import com.dao.UserDao;16 public class AuthorityServlet extends HttpServlet {17     private static final long serialVersionUID = 1L;18 19     public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {20         String methodName=request.getParameter("method");21         try {22             Method method=getClass().getMethod(methodName, HttpServletRequest.class,HttpServletResponse.class);23             method.invoke(this, request,response);24         } catch (Exception e) {25             e.printStackTrace();26         }         27     }28     29     private UserDao userDao=new UserDao();30     31     public void getAuthorities(HttpServletRequest request, HttpServletResponse response) throws Exception{32         String userName=request.getParameter("userName");33         User user=userDao.get(userName);34         request.setAttribute("user", user);35         request.setAttribute("authorities", userDao.getAuthorities());36         request.getRequestDispatcher("/authority-manager.jsp").forward(request, response);37     }38     public void updateAuthorities(HttpServletRequest request, HttpServletResponse response) throws IOException {39         String userName=request.getParameter("userName");40         String[] authorities=request.getParameterValues("authoritiy");41         List
authoritiesList=userDao.getAuthorities(authorities);42 userDao.update(userName, authoritiesList);43 response.sendRedirect(request.getContextPath()+"/authority-manager.jsp");44 }45 46 }

 

8.authority-manager.jsp

1 <%@ page language="java" contentType="text/html; charset=utf-8" 2     pageEncoding="utf-8"%> 3 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> 4  5  6  7 
8 Insert title here 9 10 11
12
13
14 name:
15
16
17 18
19 20
21 ${requestScope.user.userName}的权限是:22
23
24
25
26
27
28
29
30
31
32
33
${auth.displayName}
34
35
36
${auth.displayName}
37
38
39
40
41
42 43
44 45

 

9.效果

  

 

二:需求二

1.需求二

  对访问权限的控制

  使用Filter进行权限的过滤,检验用户是否有权限,有,则直接响应目标页面,若没有则重定向到403.jsp

 

2.程序目录(添加主要修改的程序)

  

 

3.Authority.java

1 package com.web; 2  3 public class Authority { 4     private String displayName; 5     private String url; 6     public void Authority() { 7          8     } 9     public Authority(String displayName, String url) {10         this.displayName = displayName;11         this.url = url;12     }13     public String getDisplayName() {14         return displayName;15     }16     public void setDisplayName(String displayName) {17         this.displayName = displayName;18     }19     public String getUrl() {20         return url;21     }22     public void setUrl(String url) {23         this.url = url;24     }25     //用于判断两个权限是否相等26     @Override27     public int hashCode() {28         final int prime = 31;29         int result = 1;30         result = prime * result + ((url == null) ? 0 : url.hashCode());31         return result;32     }33     @Override34     public boolean equals(Object obj) {35         if (this == obj)36             return true;37         if (obj == null)38             return false;39         if (getClass() != obj.getClass())40             return false;41         Authority other = (Authority) obj;42         if (url == null) {43             if (other.url != null)44                 return false;45         } else if (!url.equals(other.url))46             return false;47         return true;48     }49     50 }

 

4.AuthorityFilter.java

1 package com.web; 2  3 import java.io.IOException; 4 import java.util.Arrays; 5 import java.util.List; 6  7 import javax.servlet.Filter; 8 import javax.servlet.FilterChain; 9 import javax.servlet.FilterConfig;10 import javax.servlet.ServletException;11 import javax.servlet.ServletRequest;12 import javax.servlet.ServletResponse;13 import javax.servlet.annotation.WebFilter;14 import javax.servlet.http.HttpServletRequest;15 import javax.servlet.http.HttpServletResponse;16 17 /**18  * Servlet Filter implementation class AuthorityFilter19  */20 @WebFilter("*.jsp")21 public class AuthorityFilter extends HttpFilter {22 23     @Override24     public void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)25             throws IOException, ServletException {26         String servletPath=request.getServletPath();27         List
uncheckedUrls=Arrays.asList("/403.jsp","/article.jsp",28 "/authority-manager.jsp","/login.jsp","/logout.jsp");29 if(uncheckedUrls.contains(servletPath)) {30 filterChain.doFilter(request, response);31 return;32 }33 User user=(User) request.getSession().getAttribute("user");34 System.out.println("============="+user.getUserName());35 if(user==null) {36 response.sendRedirect(request.getContextPath()+"/login.jsp");37 return;38 }39 List
authorities=user.getAuthorities();40 Authority authority=new Authority(null, servletPath);41 if(authorities.contains(authority)) {42 filterChain.doFilter(request, response);43 return;44 }45 response.sendRedirect(request.getContextPath()+"/403.jsp");46 }47 48 49 }

 

5.HttpFilter.java

1 package com.web; 2  3 import java.io.IOException; 4  5 import javax.servlet.Filter; 6 import javax.servlet.FilterChain; 7 import javax.servlet.FilterConfig; 8 import javax.servlet.ServletException; 9 import javax.servlet.ServletRequest;10 import javax.servlet.ServletResponse;11 import javax.servlet.http.HttpServletRequest;12 import javax.servlet.http.HttpServletResponse;13 14 /**15  * 自定义的 HttpFilter, 实现自 Filter 接口16  *17  */18 public abstract class HttpFilter implements Filter {19 20     /**21      * 用于保存 FilterConfig 对象. 22      */23     private FilterConfig filterConfig;24     25     /**26      * 不建议子类直接覆盖. 若直接覆盖, 将可能会导致 filterConfig 成员变量初始化失败27      */28     @Override29     public void init(FilterConfig filterConfig) throws ServletException {30         this.filterConfig = filterConfig;31         init();32     }33 34     /**35      * 供子类继承的初始化方法. 可以通过 getFilterConfig() 获取 FilterConfig 对象. 36      */37     protected void init() {}38 39     /**40      * 直接返回 init(ServletConfig) 的 FilterConfig 对象41      */42     public FilterConfig getFilterConfig() {43         return filterConfig;44     }45     46     /**47      * 原生的 doFilter 方法, 在方法内部把 ServletRequest 和 ServletResponse 48      * 转为了 HttpServletRequest 和 HttpServletResponse, 并调用了 49      * doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)50      * 51      * 若编写 Filter 的过滤方法不建议直接继承该方法. 而建议继承52      * doFilter(HttpServletRequest request, HttpServletResponse response, 53      *        FilterChain filterChain) 方法54      */55     @Override56     public void doFilter(ServletRequest req, ServletResponse resp,57             FilterChain chain) throws IOException, ServletException {58         HttpServletRequest request = (HttpServletRequest) req;59         HttpServletResponse response = (HttpServletResponse) resp;60         61         doFilter(request, response, chain);62     }63     64     /**65      * 抽象方法, 为 Http 请求定制. 必须实现的方法. 66      * @param request67      * @param response68      * @param filterChain69      * @throws IOException70      * @throws ServletException71      */72     public abstract void doFilter(HttpServletRequest request, HttpServletResponse response, 73             FilterChain filterChain) throws IOException, ServletException;74 75     /**76      * 空的 destroy 方法。 77      */78     @Override79     public void destroy() {}80 81 }

 

6.LoginServlet.java

1 package com.web; 2  3 import java.io.IOException; 4 import java.lang.reflect.Method; 5  6 import javax.servlet.ServletException; 7 import javax.servlet.annotation.WebServlet; 8 import javax.servlet.http.HttpServlet; 9 import javax.servlet.http.HttpServletRequest;10 import javax.servlet.http.HttpServletResponse;11 12 import com.dao.UserDao;13 14 /**15  * Servlet implementation class LoginServlet16  */17 @WebServlet("/loginServlet")18 public class LoginServlet extends HttpServlet {19     private static final long serialVersionUID = 1L;20     21     protected void doGet(HttpServletRequest request, HttpServletResponse response) 22             throws ServletException, IOException {23         doPost(request,response);24     }25     26     protected void doPost(HttpServletRequest request, HttpServletResponse response) 27             throws ServletException, IOException {28         String methodName=request.getParameter("method");29         try {30             Method method=getClass().getMethod(methodName, HttpServletRequest.class,HttpServletResponse.class);31             method.invoke(this, request,response);32         } catch (Exception e) {33             e.printStackTrace();34         } 35     }36     37     UserDao userDao=new UserDao();38     39     public void login(HttpServletRequest request, HttpServletResponse response) throws Exception {40         String name=request.getParameter("name");41         User user=userDao.get(name);42         request.getSession().setAttribute("user", user);43         //重定向到article.jsp44         response.sendRedirect(request.getContextPath()+"/article.jsp");45     }46     public void logout(HttpServletRequest request, HttpServletResponse response) throws Exception {47         request.getSession().invalidate();48         response.sendRedirect(request.getContextPath()+"/login.jsp");49     }50 51 }

 

7.403.jsp

1 <%@ page language="java" contentType="text/html; charset=utf-8" 2     pageEncoding="utf-8"%> 3  4  5  6 
7 Insert title here 8 9 10

没有权限

11 返回12 13

 

8.article-1.jsp

1 <%@ page language="java" contentType="text/html; charset=ISO-8859-1" 2     pageEncoding="ISO-8859-1"%> 3  4  5  6 
7 Insert title here 8 9 10

1

11 12

 

9.article.jsp

1 <%@ page language="java" contentType="text/html; charset=ISO-8859-1" 2     pageEncoding="ISO-8859-1"%> 3  4  5  6 
7 Insert title here 8 9 10 11 Article1 page
12 Article2 page
13 Article3 page
14 Article4 page
15 Logout16 17 18

 

10.login.jsp\

1 <%@ page language="java" contentType="text/html; charset=ISO-8859-1" 2     pageEncoding="ISO-8859-1"%> 3  4  5  6 
7 Insert title here 8 9 10
11 name:
12
13
14 15

 

转载于:https://www.cnblogs.com/juncaoit/p/7594397.html

转载地址:https://blog.csdn.net/weixin_30323961/article/details/98249582 如侵犯您的版权,请留言回复原文章的地址,我们会给您删除此文章,给您带来不便请您谅解!

上一篇:PHP实现当前文件夹下所有文件和文件夹的遍历
下一篇:关于Delphi的子类化控件消息淫荡法则之一

发表评论

最新留言

网站不错 人气很旺了 加油
[***.192.178.218]2024年03月18日 07时29分19秒

关于作者

    喝酒易醉,品茶养心,人生如梦,品茶悟道,何以解忧?唯有杜康!
-- 愿君每日到此一游!

推荐文章

java sun.org.mozilla_maven编译找不到符号 sun.org.mozilla.javascript.internal 2019-04-21
php curl 输出到文件,PHP 利用CURL(HTTP)实现服务器上传文件至另一服务器 2019-04-21
PHP字符串运算结果,PHP运算符(二)"字符串运算符"实例详解 2019-04-21
PHP实现 bcrypt,如何使php中的bcrypt和Java中的jbcrypt兼容 2019-04-21
php8安全,PHP八大安全函数解析 2019-04-21
php基础语法了解和熟悉的表现,PHP第二课 了解PHP的基本语法以及目录结构 2019-04-21
matlab中lag函数用法,MATLAB movavg函数用法 2019-04-21
matlab变形监测,基于matlab的变形监测数据处理与分析_毕业设计论文 2019-04-21
opencv matlab编程,在Matlab中调用OpenCV函数 | 学步园 2019-04-21
c语言文件wt,c语言,wt和rt中的t是什么意思 2019-04-21
c语言运行几进制,【C语言】求已知等式在几进制条件下成立 2019-04-21
电梯运行仿真c语言代码,电梯调度算法模拟(示例代码) 2019-04-21
android组件动态接收数据库,Android开发——fragment中数据传递与刷新UI(更改控件)... 2019-04-21
云麦小米华为体脂秤怎么样_云康宝和华为智能体脂秤对比评测,实际体验告诉你哪款更好... 2019-04-21
linux 条件判断 取非_Linux awk 系列文章之 awk 多重条件判断 2019-04-21
c语言中如何将字符串的元素一个一个取出_C语言中常用的字符串操作函数 2019-04-21
2d游戏地图编辑器_王者荣耀:新版本爆料!地图编辑器“天工”即将开测,游戏怎么玩由你定!... 2019-04-21
.net framework服务启动后停止_dos命令net图文教程,start启动系统服务stop停止服务批处理脚本... 2019-04-21
8k分辨率需要多大带宽_超乎想象!用RTX3080显卡连索尼8K电视玩游戏感受如何?... 2019-04-21
win10怎么开启aptx_Win10未来的黑科技?微软SurfaceFleet大曝光 2019-04-21