struts2利用拦截器和注解进行权限控制 (二) :JSP页面中根据权限显示或隐藏
http://hi.baidu.com/sonmeika/item/a1955a4699327cd3c0a5921e
新建Annotation,Permission.java:
package cn.itcast.action.privilege;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 权限设置
*
*/
@Retention(RetentionPolicy.RUNTIME) // 代表Permission注解保留的阶段
@Target({ElementType.METHOD}) // 只允许标注在方法上
public @interface Permission {
/** 模块 **/
String module();
/** 权限值 **/
String privilege();
}
权限校验标签 PermissionTag.java:
package cn.itcast.web.taglib;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
import cn.itcast.bean.product.ProductType;
/**
* 权限校验标签
*
*/
public class PermissionTag extends TagSupport {
private String module;
private String privilege;
public String getModule() {
return module;
}
public void setModule(String module) {
this.module = module;
}
public String getPrivilege() {
return privilege;
}
public void setPrivilege(String privilege) {
this.privilege = privilege;
}
@Override
public int doStartTag() throws JspException {
boolean result = false;
String auth = module+","+privilege;
User login = (User)pageContext.getSession().getAttribute("logintest");
if (null!=login && login.isAuthed(auth)) {
result = true;
}
return result? EVAL_BODY_INCLUDE : SKIP_BODY; // 显示或隐藏标签内的内容
}
}
在web-inf先新建 itcast.tld,内容如下:
<?xml version="1.0" encoding="UTF-8" ?>
<taglib xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2eehttp://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd"
version="2.0">
<description>itcast babasport permission taglib</description>
<display-name>permission taglib</display-name>
<tlib-version>1.0</tlib-version>
<short-name>itcast</short-name>
<uri>http://www.itcast.cn/babasport</uri>
<tag>
<description>权限校验标签,有权限就显示标签体的内容,否则不显示</description>
<name>permission</name>
<tag-class>cn.itcast.web.taglib.PermissionTag</tag-class>
<body-content>JSP</body-content>
<attribute>
<description></description>
<name>module</name>
<required>true</required>
<rtexprvalue>false</rtexprvalue>
</attribute>
<attribute>
<description></description>
<name>privilege</name>
<required>true</required>
<rtexprvalue>false</rtexprvalue>
</attribute>
</tag>
</taglib>
*.tld的写法可以参考standard.jar\META-INF\*.tld
taglib.jsp:
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn"%>
<%@ taglib uri="/struts-tags" prefix="s"%>
<%@ taglib uri="http://www.itcast.cn/babasport" prefix="itcast"%>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_9" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2eehttp://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<!-- 指定spring的配置文件,默认从web根目录寻找配置文件,我们可以通过spring提供的classpath:前缀指定从类路径下寻找 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:beans.xml</param-value>
</context-param>
<!-- 对Spring容器进行实例化 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- 配置struts2 -->
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 解决中文乱码问题 -->
<filter>
<filter-name>encoding</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encoding</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 使用spring解决hibernate因session关闭导致的延迟加载例外问题 -->
<!--
<filter>
<filter-name>OpenSessionInViewFilter</filter-name>
<filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>OpenSessionInViewFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<!-- 配置过滤器 -->
<!--
<filter>
<filter-name>PrivilegeFilter</filter-name>
<filter-class>cn.itcast.web.filter.PrivilegeFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PrivilegeFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<jsp-config>
<taglib>
<taglib-uri>http://www.itcast.cn/babasport</taglib-uri>
<taglib-location>/WEB-INF/itcast.tld</taglib-location>
</taglib>
</jsp-config>
</web-app>
ProductTypeList.jsp:
<%@ page contentType="text/html;charset=UTF-8"%>
<%@ include file="/WEB-INF/page/share/taglib.jsp"%>
<html>
<head>
<title>权限组显示</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" href="/css/vip.css" type="text/css">
<SCRIPT language=JavaScript src="/js/FoshanRen.js"></SCRIPT>
</head>
<body bgcolor="#FFFFFF" text="#000000" marginwidth="0" marginheight="0">
<table width="98%" border="0" cellspacing="1" cellpadding="2"
align="center">
<tr ><td colspan="5" bgcolor="6f8ac4" align="right">
<%@ include file="/WEB-INF/page/share/fenye.jsp" %>
</td></tr>
<tr>
<td width="10%" bgcolor="6f8ac4">
<div align="center">
<font color="#FFFFFF">ID</font>
</div>
</td>
<td width="50%" nowrap bgcolor="6f8ac4">
<div align="center">
<font color="#FFFFFF">Name</font>
</div>
</td>
<td bgcolor="6f8ac4">
<div align="center">
<font color="#FFFFFF">Note</font>
</div>
</td>
<td bgcolor="6f8ac4">
<div align="center">
<font color="#FFFFFF">Visible</font>
</div>
</td>
<td width="10%" bgcolor="6f8ac4"></td>
</tr>
<!---------------------------LOOP START------------------------------>
<c:forEach items="${productTypes.resultlist}" var="prodtype">
<tr>
<td bgcolor="f5f5f5">
<div align="center">${prodtype.typeid}</div>
</td>
<td bgcolor="f5f5f5">
<div align="center">${prodtype.name}</div>
</td>
<td bgcolor="f5f5f5">
<div align="center">${prodtype.note}</div>
</td>
<td bgcolor="f5f5f5">
<div align="center">${prodtype.visible}</div>
</td>
<td bgcolor="f5f5f5" align="center">
<itcast:permission module="department" privilege="edit"><!-- 没有权限就不显示“修改”链接-->
<a href="/product/producttype_editUI.do?productType.typeid=${prodtype.typeid }">修改</a>
</itcast:permission>
</td>
</tr>
</c:forEach>
<!----------------------LOOP END------------------------------->
<tr>
<td bgcolor="f5f5f5" colspan="5" align="center"><table
width="100%" border="0" cellspacing="1" cellpadding="4">
<tr>
<td width="5%"></td>
<td width="85%">
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>
struts2利用拦截器和注解进行权限控制
猜你喜欢
转载自lixg425.iteye.com/blog/1902760
今日推荐
周排行