67,511
社区成员
发帖
与我相关
我的任务
分享
@Autowired
private SecurityResourceDaoImp OnionGamersResourceDao;
private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
System.out.println("afdsfds");
for(Resources item:OnionGamersResourceDao.getAllResource()){
resourceMap.put(item.getUrl(),listToCollection(item.getRole()));
}
<!--资源数据定义-->
<beans:bean id="OnionGamersPortalMetaDataSource" class="com.onionbbs.security.InvocationSecurityMetadataSource">
<beans:property name="OnionGamersResourceDao" ref="OnionGamersResourceDao"></beans:property>
</beans:bean>
<!-- 查询出所有的资源-->
<beans:bean id="OnionGamersResourceDao" class="com.onionbbs.security.dao.SecurityResourceDaoImp">
</beans:bean>
<beans:bean id="OnionGamersResourceService" class="com.onionbbs.security.service.SecurityResourceServiceImp">
</beans:bean>
package com.onionbbs.security.dao;
import java.util.List;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;
/*实现securityResource获取所有的security资源权限并注入到security框架中*/
public class SecurityResourceDaoImp implements SecurityResourceDao{
@Autowired
private SessionFactory getsessionfactory;
public Session getSession(){
Session session=getsessionfactory.getCurrentSession();
return session;
}
public List<Resources> getAllResource() {
Session se=this.getSession();
String hql="from Resource";
List<Resources> listresource=se.createQuery(hql).list();
return listresource;
}
public List<Role> getRoleByResourceId(int id){
String hql="select r.id,r.name,r.desc from role r,role_resource rr where rr.id=r.id and rr.resource_id=?";
Session se=this.getSession();
List<Role> li=se.createQuery(hql).list();
return li;
}
}
private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
ConfigAttribute ca = new SecurityConfig("ROLE_ADMIN");
atts.add(ca);
resourceMap.put("/index.jsp", atts);
resourceMap.put("/i.jsp", atts);
}
package com.OnionEntertainment.Security.Dao;
import java.util.List;
import org.hibernate.Query;
import org.hibernate.Session;
import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.onionbbs.model.Resources;
public class SecurityResourceDaoImp implements SecurityResourceDao{
@Autowired
private SessionFactory sessionfa;
public Session getSession(){
Session se=sessionfa.getCurrentSession();
return se;
}
public List<Resources> getAllResources() {
String hql="from resource";
Session se=this.getSession();
Query query=se.createQuery(hql);
List<Resources> resource=query.list();
return resource;
}
}
package com.OnionEntertainment.Security.Service;
import java.util.List;
import com.OnionEntertainment.Security.Dao.SecurityResourceDaoImp;
import com.onionbbs.model.Resources;
public class SecurityResourceServiceImp implements SecurityResourceService{
private SecurityResourceDaoImp securityResourcesDao;
public void setSecurityResourcesDao(SecurityResourceDaoImp securityResourcesDao) {
this.securityResourcesDao = securityResourcesDao;
}
public List<Resources> getAllResources() {
return securityResourcesDao.getAllResources();
}
}
package com.onionbbs.security;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntUrlPathMatcher;
import org.springframework.security.web.util.UrlMatcher;
import com.OnionEntertainment.Security.Service.SecurityResourceServiceImp;
import com.onionbbs.model.Resources;
import com.onionbbs.model.Role;
public class InvocationSecurityMetadataSource
implements FilterInvocationSecurityMetadataSource {
private UrlMatcher urlMatcher = new AntUrlPathMatcher();;
private static Map<String, Collection<ConfigAttribute>> resourceMap = null;
public InvocationSecurityMetadataSource() {
loadResourceDefine();
}
private SecurityResourceServiceImp securityResourceService;
public void setSecurityResourceService(
SecurityResourceServiceImp securityResourceService) {
this.securityResourceService = securityResourceService;
}
private void loadResourceDefine() {
resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>();
for(Resources item:securityResourceService.getAllResources()){
resourceMap.put(item.getUrl(), listRoleToCollection(item.getRole()));
}
// ConfigAttribute ca = new SecurityConfig("ROLE_ADMIN");
// atts.add(ca);
// resourceMap.put("/index.jsp", atts);
// resourceMap.put("/i.jsp", atts);
}
public Collection<ConfigAttribute> listRoleToCollection(Set<Role> set){
List<ConfigAttribute> list=new ArrayList<ConfigAttribute>();
for(Role role:set){
list.add(new SecurityConfig(role.getName()));
}
return list;
}
public Collection<ConfigAttribute> getAttributes(Object object)
throws IllegalArgumentException {
String url = ((FilterInvocation)object).getRequestUrl();
Iterator<String> ite = resourceMap.keySet().iterator();
while (ite.hasNext()) {
String resURL = ite.next();
if (urlMatcher.pathMatchesUrl(url, resURL)) {
return resourceMap.get(resURL);
}
}
return null;
}
public boolean supports(Class<?> clazz) {
return true;
}
public Collection<ConfigAttribute> getAllConfigAttributes() {
return null;
}
}
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<!--
一个自定义的filter,必须包含authenticationManager,accessDecisionManager,securityMetadataSource三个属性,
我们的所有控制将在这三个类中实现
-->
<beans:bean id="SecurityFilter"
class="com.onionbbs.security.FilterSecurityInterceptor">
<beans:property name="authenticationManager" ref="authenticationManager" />
<beans:property name="accessDecisionManager" ref="GamerAccessDecisionManager" />
<beans:property name="securityMetadataSource" ref="GamersMetaDataSource" />
</beans:bean>
<http auto-config="true" access-denied-page="/">
<intercept-url pattern="/login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/index.jsp" access="ROLE_USER" />
<custom-filter ref="SecurityFilter" before="FILTER_SECURITY_INTERCEPTOR" />
<form-login login-page="/login.jsp"
authentication-failure-url="/login.jsp" default-target-url="/" />
</http>
<!-- 认证管理器,实现用户认证的入口,主要实现UserDetailsService接口即可 -->
<authentication-manager alias="authenticationManager">
<authentication-provider user-service-ref="UserDetailService">
<!-- <password-encoder hash="md5" />-->
</authentication-provider>
</authentication-manager>
<beans:bean id="UserDetailService" class="com.onionbbs.security.UserDetailService">
</beans:bean>
<!--security的访问决策器,主要决定用户是否有权限访问此资源-->
<beans:bean id="GamerAccessDecisionManager"
class="com.onionbbs.security.GamersAccessDecisionManager">
</beans:bean>
<!--资源数据定义-->
<beans:bean id="GamersMetaDataSource"
class="com.onionbbs.security.InvocationSecurityMetadataSource">
<beans:property name="securityResourceService" ref="securityResourcesServices"></beans:property>
</beans:bean>
<beans:bean id="securityResourceDao" class="com.OnionEntertainment.Security.Dao.SecurityResourceDaoImp">
</beans:bean>
<beans:bean id="securityResourcesServices" class="com.OnionEntertainment.Security.Service.SecurityResourceServiceImp">
<beans:property name="securityResourcesDao" ref="securityResourceDao">
</beans:property>
</beans:bean>
<beans:bean id="securityUserDao" class="com.OnionEntertainment.Security.Dao.SecurityUserDaoImp">
</beans:bean>
<beans:bean id="securityUserService" class="com.OnionEntertainment.Security.Service.SecurityUserServiceImp">
<beans:property name="securityuserdao" ref="securityUserDao"></beans:property>
</beans:bean>
</beans:beans>