Spring Security學習總結二
阿新 • • 發佈:2019-01-27
1 @Override
2 3 public ConfigAttributeDefinition lookupAttributes(String url) {
4 5 // TODO Auto-generated method stub
6 7 //初始化資料,從資料庫讀取 8 9 cacheManager.initResourceInCache();
10 11 if (isUseAntPath()) {
12 13 int firstQuestionMarkIndex = url.lastIndexOf("?");
14 15 if (firstQuestionMarkIndex !=-1) {
16 17 url = url.substring(0, firstQuestionMarkIndex);
18 19 }
20 21 }
22 23 //將URL在比較前都轉換為小寫 24 25 if (isConvertUrlToLowercaseBeforeComprison()) {
26 27 url = url.toLowerCase();
28 29 }
30 31 //獲取所有的URL 32 33 List<String> urls = cacheManager.getUrlResources();
34 35 //倒敘排序--如果不進行排序,如果使用者使用瀏覽器的導航工具訪問頁面可能出現問題
36 37 //例如:訪問被拒絕後使用者重新整理頁面 38 39 Collections.sort(urls);
40 41 Collections.reverse(urls);
42 43 GrantedAuthority[] authorities =new GrantedAuthority[0];
44 45 //將請求的URL與配置的URL資源進行匹配,並將正確匹配的URL資源對應的許可權
46 47 //取出 48 49 for (String resourceName_url : urls) {
50 51 boolean matched =false;
52 53 //使用ant匹配URL 54 55 if (isUseAntPath()) {
56 57 matched = pathMatcher.match(resourceName_url, url);
58 59 } else {//perl5編譯URL 60 61 Pattern compliedPattern =null;
62 63 Perl5Compiler compiler =new Perl5Compiler();
64 65 try {
66 67 compliedPattern = compiler.compile(resourceName_url, Perl5Compiler.READ_ONLY_MASK);
68 69 } catch (MalformedPatternException e) {
70 71 e.printStackTrace();
72 73 }
74 75 matched = matcher.matches(url, compliedPattern);
76 77 }
78 79 //匹配正確,獲取響應許可權 80 81 if (matched) {
82 83 //獲取正確匹配URL資源對應的許可權 84 85 ResourcDetail detail = cacheManager.getResourcDetailFromCache(resourceName_url);
86 87 authorities = detail.getAuthorities();
88 89 break;
90 91 }
92 93 }
94 95 //將許可權封裝成ConfigAttributeDefinition物件返回(使用ConfigAttributeEditor) 96 97 if (authorities.length >0) {
98 99 String authTemp ="";
100 101 for (GrantedAuthority grantedAuthority : authorities) {
102 103 authTemp += grantedAuthority.getAuthority() +",";
104 105 }
106 107 String authority = authTemp.substring(0, (authTemp.length() -1));
108 109 System.out.println(authority);
110 111 ConfigAttributeEditor attributeEditor =new ConfigAttributeEditor();
112 113 attributeEditor.setAsText(authority.trim());
114 115 return (ConfigAttributeDefinition)attributeEditor.getValue();
116 117 }
118 119 returnnull;
120 121 }
2 3 public ConfigAttributeDefinition lookupAttributes(String url) {
4 5 // TODO Auto-generated method stub
6 7 //初始化資料,從資料庫讀取 8 9 cacheManager.initResourceInCache();
10 11 if (isUseAntPath()) {
12 13 int firstQuestionMarkIndex = url.lastIndexOf("?");
14 15 if (firstQuestionMarkIndex
16 17 url = url.substring(0, firstQuestionMarkIndex);
18 19 }
20 21 }
22 23 //將URL在比較前都轉換為小寫 24 25 if (isConvertUrlToLowercaseBeforeComprison()) {
26 27 url = url.toLowerCase();
28 29 }
30 31 //獲取所有的URL 32 33 List<String> urls = cacheManager.getUrlResources();
36 37 //例如:訪問被拒絕後使用者重新整理頁面 38 39 Collections.sort(urls);
40 41 Collections.reverse(urls);
42 43 GrantedAuthority[] authorities =new GrantedAuthority[0];
44 45 //將請求的URL與配置的URL資源進行匹配,並將正確匹配的URL資源對應的許可權
46 47 //取出 48 49 for (String resourceName_url : urls) {
52 53 //使用ant匹配URL 54 55 if (isUseAntPath()) {
56 57 matched = pathMatcher.match(resourceName_url, url);
58 59 } else {//perl5編譯URL 60 61 Pattern compliedPattern =null;
62 63 Perl5Compiler compiler =new Perl5Compiler();
64 65 try {
66 67 compliedPattern = compiler.compile(resourceName_url, Perl5Compiler.READ_ONLY_MASK);
68 69 } catch (MalformedPatternException e) {
70 71 e.printStackTrace();
72 73 }
74 75 matched = matcher.matches(url, compliedPattern);
76 77 }
78 79 //匹配正確,獲取響應許可權 80 81 if (matched) {
82 83 //獲取正確匹配URL資源對應的許可權 84 85 ResourcDetail detail = cacheManager.getResourcDetailFromCache(resourceName_url);
86 87 authorities = detail.getAuthorities();
88 89 break;
90 91 }
92 93 }
94 95 //將許可權封裝成ConfigAttributeDefinition物件返回(使用ConfigAttributeEditor) 96 97 if (authorities.length >0) {
98 99 String authTemp ="";
100 101 for (GrantedAuthority grantedAuthority : authorities) {
102 103 authTemp += grantedAuthority.getAuthority() +",";
104 105 }
106 107 String authority = authTemp.substring(0, (authTemp.length() -1));
108 109 System.out.println(authority);
110 111 ConfigAttributeEditor attributeEditor =new ConfigAttributeEditor();
112 113 attributeEditor.setAsText(authority.trim());
114 115 return (ConfigAttributeDefinition)attributeEditor.getValue();
116 117 }
118 119 returnnull;
120 121 }