集成spring security3.0权限控制

  最近在一个项目中使用权限控制,由于之前使用的是spring acegi 感觉还不错挺好用但这个版本比较老了,所以就研究了一下最新版本的spring security3.0,目前3.0的网上的相关文档及其至少(官方中的3.0文档资料有很多都是spring security2.*的),遂把自己的这几天研究的成果拿出来与大家分享。希望对大家有所帮助!

   首先现在数据库中创建一些数据库脚本(本例数据库采用的是Oracle,需根据个人所使用的数据库进行更改相应的数据类型):

CREATE TABLE resources (
  id int NOT NULL primary key,
  type varchar2(255),
  value varchar2(255)
) ;

insert  into resources(id,type,value) values (1,'URL','
@Entity
@Proxy(lazy = false)
@Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
@Table(uniqueConstraints={}, name="users")
public class User implements UserDetails {
 
 private static final long serialVersionUID = 8026813053768023527L;
 
 @SequenceGenerator(name="SEQ_USER",sequenceName="seq_user",allocationSize=1)
    @Id
 @GeneratedValue(strategy = GenerationType.SEQUENCE,generator="SEQ_USER")
 private Integer id;
 
 private String name;
 
 private String password;
 
 private int disabled;
 
 @ManyToMany(targetEntity = Role.class, fetch = FetchType.EAGER)
    @JoinTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"), inverseJoinColumns = @JoinColumn(name = "role_id"))
    @Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
 private Set<Role> roles;
 
 @Transient
 private Map<String, List<Resource>> roleResources;
 
 
 public User() {
  
 }

 
 public Collection<GrantedAuthority> getAuthorities() {
  Collection<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>(roles.size());
     for(Role role : roles) {
      grantedAuthorities.add(new GrantedAuthorityImpl(role.getName()));
     }
        return grantedAuthorities;
 }
 
 
 public String getAuthoritiesString() {
     List<String> authorities = new ArrayList<String>();
     for(GrantedAuthority authority : this.getAuthorities()) {
         authorities.add(authority.getAuthority());
     }
     return StringUtils.join(authorities, ",");
 }

 
 public String getPassword() {
  return password;
 }

 
 public String getUsername() {
  return name;
 }

 
 public boolean isAccountNonExpired() {
  return true;
 }

 
 public boolean isAccountNonLocked() {
  return true;
 }

 
 public boolean isCredentialsNonExpired() {
  return true;
 }

 
 public boolean isEnabled() {
  return (disabled==1?true:false);
 }

 
 public Integer getId() {
  return id;
 }

 
 public String getName() {
  return name;
 }

 
 public int getDisabled() {
  return disabled;
 }

 
 public Set<Role> getRoles() {
  return roles;
 }

 
 public Map<String, List<Resource>> getRoleResources() {
  // init roleResources for the first time
  if(this.roleResources == null) {
   
   this.roleResources = new HashMap<String, List<Resource>>();
   
   for(Role role : this.roles) {
    String roleName = role.getName();
    Set<Resource> resources = role.getResources();
    for(Resource resource : resources) {
     String key = roleName + "_" + resource.getType();
     if(!this.roleResources.containsKey(key)) {
      this.roleResources.put(key, new ArrayList<Resource>());
     }
     this.roleResources.get(key).add(resource);     
    }
   }
   
  }
  return this.roleResources;
 }

 
 public void setId(Integer id) {
  this.id = id;
 }

 
 public void setName(String name) {
  this.name = name;
 }

 
 public void setPassword(String password) {
  this.password = password;
 }

 
 public void setDisabled(int disabled) {
  this.disabled = disabled;
 }

 
 public void setRoles(Set<Role> roles) {
  this.roles = roles;
 }
 
}

由于浏览器的问题代码不能使用 CSDN的“插入代码”功能(导致界面贴太多代码太难看懂  :) ),所以等项目开发完后再一一贴出或整理一下打包传上来,如有急需的朋友,可以留言。

例子下载地址:

你可能感兴趣的:(集成spring security3.0权限控制)