dao
public GuserLoginInfo getGuserLoginInfo(String uname) { String hql = "select new com.xjgs.vo.GuserLoginInfo(g.id,g.name,g.uname,g.pwd,g.glevel,d.id,d.dcode,d.dname) " + "from Guser g inner join g.dept d where lower(g.uname) = lower(?) and g.isdel = ? "; GuserLoginInfo guserLoginInfo = (GuserLoginInfo) hibernateTemplate .queryForObjectWithHQL(hql, new Object[] { uname, 0 }); if (guserLoginInfo == null) { throw new GuserLoginFailException(); } return guserLoginInfo; }
service
public GuserLoginInfo getGuserLoginInfo(String uname) { GuserLoginInfo guserLoginInfo=guserDao.getGuserLoginInfo(uname); List<Menu> list=guserDao.findMenus(guserLoginInfo.getId()); Map<Menu,List<Menu>> menus=new LinkedHashMap<Menu, List<Menu>>(); String prefix=null; List<Menu> subMenus=null; for(Menu menu:list){ String code=menu.getCode(); if(code==null||code.trim().length()<1) continue; if(code.matches("^[0-9]{2}0{2}$")){ //一级菜单 0100 prefix=code.substring(0,2); subMenus=new ArrayList<Menu>(); menus.put(menu, subMenus); }else if(code.matches("^"+prefix+"[0-9]{2}$")){ //二级菜单 subMenus.add(menu); } } guserLoginInfo.setMenus(menus); return guserLoginInfo; }
filter
public class ValidateGuserLoginFilter implements Filter { IGuserService guserService = null; public void destroy() { } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; HttpSession session = request.getSession(false); GuserLoginInfo guserLoginInfo = (GuserLoginInfo) session .getAttribute("guserLoginInfo"); if (guserLoginInfo == null) { // 从认证服务器中取出用户名,根据用户名返回用户登录信息,并放入session域 Assertion assertion = (Assertion) session .getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION); assertion = AssertionHolder.getAssertion(); String uname = assertion.getPrincipal().getName(); System.out.println("*****************uname:" + uname); guserLoginInfo = guserService.getGuserLoginInfo(uname); session.setAttribute("guserLoginInfo", guserLoginInfo); } String path = request.getServletPath(); if (path.startsWith("/icdepartment/common")) { filterChain.doFilter(request, response); return; } Map<Menu, List<Menu>> menus = guserLoginInfo.getMenus(); for (Map.Entry<Menu, List<Menu>> mapEntry : menus.entrySet()) { for (Menu subMenu : mapEntry.getValue()) { String url = subMenu.getUrl(); if (url == null || url.trim().length() < 1) continue; if (path.startsWith(url)) { filterChain.doFilter(request, response); return; } } } WebUtil.alert(request, response, "您没有权限访问此页面", "/icdepartment/common/index.jsp", true); } public void init(FilterConfig filterConfig) throws ServletException { try { // BeanFactory // beanFactory=WebApplicationContextUtils.getRequiredWebApplicationContext(filterConfig.getServletContext()); // guserService=(IGuserService) beanFactory.getBean("guserService"); guserService = GuserServiceImpl.getInstance(); } catch (Exception e) { e.printStackTrace(); } } }
<filter> <filter-name>validateGuserLogin</filter-name> <filter-class> com.xjgs.web.filter.ValidateGuserLoginFilter </filter-class> </filter> <filter-mapping> <filter-name>validateGuserLogin</filter-name> <url-pattern>/icdepartment/*</url-pattern> </filter-mapping>
浙公网安备 33010602011771号