Chinaunix首页 | 论坛 | 博客
  • 博客访问: 30480168
  • 博文数量: 708
  • 博客积分: 12163
  • 博客等级: 上将
  • 技术积分: 8240
  • 用 户 组: 普通用户
  • 注册时间: 2007-12-04 20:59
文章分类

全部博文(708)

分类: Java

2008-11-24 11:40:26

關於Access Control,有提到可以使用J2EE的Roles.不過由於目前的ACL並非使用J2EE的Roles的機制.

所以自己利用Filter來作.不知道有沒有更有效率的方法.

DwrACL.java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
package test.dwr;
 
import javax.servlet.*;
import javax.servlet.http.*;
 
public class DwrACL
    extends HttpServlet implements Filter {
  private FilterConfig filterConfig;
  //Handle the passed-in FilterConfig
  public void init(FilterConfig filterConfig) throws ServletException {
    this.filterConfig = filterConfig;
  }
 
  //Process the request/response pair
  public void doFilter(ServletRequest request, ServletResponse response,
                       FilterChain filterChain) {
    RequestDispatcher dispatcher = null;
    ServletContext context = filterConfig.getServletContext();
    try {
      HttpServletRequest httpServletRequest = (HttpServletRequest) request;
      HttpServletResponse httpServletResponse = (HttpServletResponse) response;
      HttpSession session = httpServletRequest.getSession();
      
      
      String logined = (String)session.getAttribute("logined");
 
      //判斷使否可以使用dwr的條件,若是不符,則導向錯誤頁面.
      if (logined != null && logined.equals("yes")) {
          filterChain.doFilter(request, response);
      } else {
          dispatcher = context.getRequestDispatcher("/error.jsp");
          dispatcher.forward(request, response);
      }
 
    } catch (Exception iox) {
      iox.printStackTrace();
      filterConfig.getServletContext().log(iox.getMessage());
    }
  }
 
  //Clean up resources
  public void destroy() {
  }
}


web.xml
- 如果放到正式的系統環境,記得把debug改成false

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
    DWR.Access.Control
    test.dwr.DwrACL
  
  
    DWR.Access.Control
    /dwr/*
  
  
  
    dwr-invoker
    uk.ltd.getahead.dwr.DWRServlet
    
      debug
      false
    
    10
  
  
    dwr-invoker
    /dwr/*
  


阅读(2346) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~