| « | October 2025 | » | | 日 | 一 | 二 | 三 | 四 | 五 | 六 | | | | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | | |
|
公告 |
| 本博客在此声明所有文章均为转摘,只做资料收集使用。并无其他商业用途。 |
| Blog信息 |
|
blog名称:
日志总数:210
评论数量:205
留言数量:-19
访问次数:924437
建立时间:2007年5月10日 |
| |
|
 [acegi权限认证]Acegi+hibernate 动态实现基于角色的权限管理(2)
文章收藏, 网上资源, 软件技术, 电脑与网络
李小白 发表于 2007/7/19 16:44:20 |
|
lhwork 发表于 2006-6-13 11:32:58
解决方法: 1: 开发基于数据库的保护资源。 看过acegi的源代码就会知道,对保护资源的定义是通过实现ObjectDefinitionSource这个接口来实现的,而且acegi为我们提供了默认实现的抽象类
500)this.width=500'>500)this.width=500" align=top border=0>public abstract class AbstractMethodDefinitionSource 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> implements MethodDefinitionSource 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> //~ Static fields/initializers ============================================= 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> private static final Log logger = LogFactory.getLog(AbstractMethodDefinitionSource.class); 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> //~ Methods ================================================================ 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> public ConfigAttributeDefinition getAttributes(Object object) 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> throws IllegalArgumentException 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> Assert.notNull(object, "Object cannot be null"); 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> if (object instanceof MethodInvocation) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> return this.lookupAttributes(((MethodInvocation) object).getMethod()); 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> if (object instanceof JoinPoint) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> JoinPoint jp = (JoinPoint) object; 500)this.width=500'>500)this.width=500" align=top border=0> Class targetClazz = jp.getTarget().getClass(); 500)this.width=500'>500)this.width=500" align=top border=0> String targetMethodName = jp.getStaticPart().getSignature().getName(); 500)this.width=500'>500)this.width=500" align=top border=0> Class[] types = ((CodeSignature) jp.getStaticPart().getSignature()) 500)this.width=500'>500)this.width=500" align=top border=0> .getParameterTypes(); 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> if (logger.isDebugEnabled()) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> logger.debug("Target Class: " + targetClazz); 500)this.width=500'>500)this.width=500" align=top border=0> logger.debug("Target Method Name: " + targetMethodName); 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> for (int i = 0; i < types.length; i++) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> if (logger.isDebugEnabled()) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> logger.debug("Target Method Arg #" + i + ": " 500)this.width=500'>500)this.width=500" align=top border=0> + types[i]); 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> try 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> return this.lookupAttributes(targetClazz.getMethod(targetMethodName, types)); 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> } catch (NoSuchMethodException nsme) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> throw new IllegalArgumentException("Could not obtain target method from JoinPoint: " + jp); 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> throw new IllegalArgumentException("Object must be a MethodInvocation or JoinPoint"); 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> public boolean supports(Class clazz) 500)this.width=500'>500)this.width=500" border=0>{ 500)this.width=500'>500)this.width=500" align=top border=0> return (MethodInvocation.class.isAssignableFrom(clazz) 500)this.width=500'>500)this.width=500" align=top border=0> || JoinPoint.class.isAssignableFrom(clazz)); 500)this.width=500'>500)this.width=500" align=top border=0> } 500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0>500)this.width=500'>500)this.width=500" align=top border=0> protected abstract ConfigAttributeDefinition lookupAttributes(Method method); 500)this.width=500'>500)this.width=500" align=top border=0>} 500)this.width=500'>500)this.width=500" align=top border=0>我们要做的就是实现它的 protected abstract ConfigAttributeDefinition lookupAttributes(Method method);方法, 以下是我的实现方法,大致思路是这样,通过由抽象类传来的Method 对象得到 调用这个方法的 包名,类名,方法名 也就是secureObjectName, 查询数据库并将结果映射为Function 也就是secureObject ,由于Function 与 Role 的多对多关系 可以得到 Function所对应的 Roles ,在将role 包装成GrantedAuthority (也就是acegi中的角色)。其中由于频繁的对数据库的查询 所以使用Ehcache 来作为缓存。
1 package sample.auth; 2 3 import java.lang.reflect.Method; 4 import java.util.ArrayList; 5 import java.util.Arrays; 6 import java.util.Collection; 7 import java.util.Iterator; 8 import java.util.List; 9 import java.util.Set; 10 11 import org.acegisecurity.ConfigAttributeDefinition; 12 import org.acegisecurity.ConfigAttributeEditor; 13 import org.acegisecurity.GrantedAuthority; 14 import org.acegisecurity.GrantedAuthorityImpl; 15 import org.acegisecurity.intercept.method.AbstractMethodDefinitionSource; 16 import org.springframework.util.Assert; 17 18 import sample.auth.cache.AuthorityBasedFunctionCache; 19 import sample.auth.cache.info.FunctionByNameCache; 20 import sample.dao.IBaseDao; 21 import sample.mappings.function.Function; 22 import sample.mappings.role.Role; 23 24 public class DatabaseDrivenMethodDefinitionSourcew extends 25 AbstractMethodDefinitionSource { 26 27 // baseDao 提供通过HIbenate对数据库操作的实现 28 private IBaseDao baseDao; 29 // AuthorityBasedFunctionCache 通过Function 查 Role 时缓存 30 private AuthorityBasedFunctionCache cache; 31 // FunctionByNameCache 由反射到的方法名查找 数据库对应的Function 时的缓存 32 private FunctionByNameC |
|
|
回复:Acegi+hibernate 动态实现基于角色的权限管理(2)
文章收藏, 网上资源, 软件技术, 电脑与网络
参数(游客)发表评论于2010/12/15 11:53:57 |
|
|
回复:Acegi+hibernate 动态实现基于角色的权限管理(2)
文章收藏, 网上资源, 软件技术, 电脑与网络
老卢(游客)发表评论于2008/7/28 15:47:05 |
|
» 1 »
|