我写了一个bbs,现在写到管理员权限问题,不知道该如何解决。
希望高人能指点指点。谢了。
------解决方案--------------------
可以考虑 rbac权限,或者其他权限模型。
------解决方案--------------------
具体的什么问题???
------解决方案--------------------
Filter
------解决方案--------------------
给你个例子
- Java code
import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpSession;public class RoleIntercepter implements Filter { @Override public void destroy() { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { String uri = ((HttpServletRequest)request).getRequestURI(); //System.out.println(uri); HttpSession session = ((HttpServletRequest)request).getSession(); if(uri.contains("manager/") && uri.contains(xxx)) { User user = (User)session.getAttribute("curuser"); if(user != null && "admin".equals(user.getName())) { //System.out.println(user.getName() + "-进入管理"); }else { request.setAttribute("errmsg", "错误!您不能进行此操作!"); request.getRequestDispatcher("/error.jsp").forward(request, response); return; } } chain.doFilter(request, response); } @Override public void init(FilterConfig arg0) throws ServletException { }}
------解决方案--------------------
web.xml
- XML code
<filter> <filter-name>roleIntercepter</filter-name> <filter-class>com.xxx.bean.web.common.RoleIntercepter</filter-class> </filter> <filter-mapping> <filter-name>roleIntercepter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>