我的权限控制(JBX + struts + hibernate + ORACLE)

通过过滤器判断用户权限.

第一步:建立UserPermissionFilter类.

import javax.servlet.*;

import javax.servlet.http.*;

import java.io.*;

import java.util.*;

import test.system.SysUserApi;

import test.vo.SysUserVO;

import test.system.dao.SysUserDao;

import test.Const;

public class UserPermissionFilter extends HttpServlet implements Filter {

protected FilterConfig filterConfig = null;

public void destroy() {

this.filterConfig = null;

}

public void doFilter(

ServletRequest request,

ServletResponse response,

FilterChain filterChain) throws IOException, ServletException {

try {

HttpServletRequest req = (HttpServletRequest) request;

SysUserVO userSession = new SysUserVO();

userSession = (SysUserVO)req.getSession().getAttribute(Const.SESSION_USER);

if (userSession == null) {

HttpServletResponse rep = (HttpServletResponse) response;

rep.sendRedirect("/admin/login.jsp");

}else{

filterChain.doFilter(request, response);

}

}

catch (Exception e) {}

}

public void init(FilterConfig filterConfig) throws ServletException {

this.filterConfig = filterConfig;

}

public FilterConfig getFilterConfig() {

return filterConfig;

}

public void setFilterConfig(FilterConfig filterConfig) {

this.filterConfig = filterConfig;

}

}

第二步:配置WEB.xml文件

设置过滤器:

<filter>

<filter-name>userpermission</filter-name>

<filter-class>sports.tools.UserPermissionFilter</filter-class>

</filter>

设置过滤器映射,因为过滤器不能过滤全部的程序,所以可以用列表的形式来增加需要过滤的文件.如下.一个过滤器可以过滤多个映射文件.

<filter-mapping>

<filter-name>userpermission</filter-name>

<url-pattern>/admin/index.jsp</url-pattern>

</filter-mapping>

<filter-mapping>

<filter-name>userpermission</filter-name>

<url-pattern>/admin/edit/*</url-pattern>

</filter-mapping>