spring aop实现权限控制，路径控制

spring aop 的权限的管理是通过对路径的控制来实现的
现在共有两个角色，经理和员工
经理的权限检查的代码
MgrAuthorityInterceptor.java

public class MgrAuthorityInterceptor implements MethodInterceptor
{

    public Object invoke(MethodInvocation invocation) throws Throwable
	{
        HttpServletRequest request = null;
        ActionMapping mapping = null;
        Object[] args = invocation.getArguments();
        //解析目标方法的参数
        for (int i = 0 ; i < args.length ; i++ )
        {
            if (args[i] instanceof HttpServletRequest) request = (HttpServletRequest)args[i];
            if (args[i] instanceof ActionMapping) mapping = (ActionMapping)args[i];
        }
        //从session中得到用户的级别
        String level = (String)request.getSession().getAttribute("level");
        //如是经理级别则继续，否则，回到登陆页面
        if ( level != null && level.equals("mgr") )
        {
            return invocation.proceed();
        }
        else
        {
            return mapping.findForward("login");
        }
    }
}

员工的权限的实现,EmpAuthorityInterceptor.java

public class EmpAuthorityInterceptor implements MethodInterceptor
{

    public Object invoke(MethodInvocation invocation) throws Throwable
	{
        HttpServletRequest request = null;
        ActionMapping mapping = null;
        Object[] args = invocation.getArguments();
        for (int i = 0 ; i < args.length ; i++ )
        {
            if (args[i] instanceof HttpServletRequest) request = (HttpServletRequest)args[i];
            if (args[i] instanceof ActionMapping) mapping = (ActionMapping)args[i];
        }
        //从session中得到用户的级别
        String level = (String)request.getSession().getAttribute("level");
        //如是经理或员工级别则继续，否则，回到登陆页面
        if ( level != null && (level.equals("emp") || level.equals("mgr")))
        {
            return invocation.proceed();
        }
        else
        {
            return mapping.findForward("login");
        }
    }
}

员工，经理权限的实现，在action-servlet.xml中

 
    
	    
            
				action中的经理的操作
            
	    
        
            
                mgrAuthorityInterceptor 
            
        
    

    
    
	    
            
				员工中的action操作
            
	    
        
            
                empAuthorityInterceptor