充滿生活的味道！

<sec:http auto-config="true" session-fixation-protection="none" />

<bean

class="org.springframework.security.intercept.web.FilterSecurityInterceptor"

autowire="byType">

<sec:custom-filter before="AUTHENTICATION_PROCESSING_FILTER"/>

<property name="objectDefinitionSource" ref="objectDefinitionSource"/>

</bean>

package cn.itcast.cc.spring.security;

import java.util.LinkedHashMap;

import java.util.Map;

import javax.annotation.Resource;

import org.springframework.beans.factory.FactoryBean;

import org.springframework.security.ConfigAttributeDefinition;

import org.springframework.security.ConfigAttributeEditor;

import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource;

import org.springframework.security.intercept.web.RequestKey;

import org.springframework.security.util.AntUrlPathMatcher;

import org.springframework.security.util.UrlMatcher;

import org.springframework.stereotype.Component;

@Component("objectDefinitionSource")

public class DefaultFilterInvocationDefinitionSourceImpl implements FactoryBean {

@Resource

ResourceDetailsService resourceDetailsService;

private UrlMatcher getUrlMatcher() {

UrlMatcher urlMatcher = new AntUrlPathMatcher();

return urlMatcher;

}

@Override

public Object getObject() throws Exception {

UrlMatcher urlMatcher = this.getUrlMatcher();

// 獲取數據Map

Map<String, String> srcMap = resourceDetailsService.buildRequestMap();

LinkedHashMap<RequestKey, Object> requestMap = new LinkedHashMap<RequestKey, Object>();

ConfigAttributeEditor editor = new ConfigAttributeEditor();

// 轉換數據Map

for (Map.Entry<String, String> entry : srcMap.entrySet()) {

String url = entry.getKey();

String roles = entry.getValue();

if (roles != null) {

editor.setAsText(roles);

requestMap.put(new RequestKey(url), editor.getValue());

} else {

requestMap.put(new RequestKey(url), ConfigAttributeDefinition.NO_ATTRIBUTES);

}

}

// 生成并返回對象

return new DefaultFilterInvocationDefinitionSource(urlMatcher,

requestMap);

}

@Override

public Class getObjectType() {

return null;

}

@Override

public boolean isSingleton() {

return false;

}

}

package cn.itcast.cc.spring.security;

import java.util.HashMap;

import java.util.List;

import java.util.Map;

import javax.annotation.Resource;

import org.springframework.jdbc.core.simple.SimpleJdbcTemplate;

import org.springframework.stereotype.Component;

@Component("userDetailsService")

public class ResourceDetailsServiceImpl implements ResourceDetailsService {

@Resource

private SimpleJdbcTemplate jdbcTemplate;

@Override

public Map<String, String> buildRequestMap() {

// 注意：這里需要使用左外連接查詢，是因為有些頁面沒有指定role。

// 即，任何權限都不可以訪問的頁面！

String sql = "SELECT res_string as url,r.name as role " +

"FROME resc LEFT JOIN resc_role rr ON rr.resc_id = resc.id " +

"LEFT JOIN role r ON rr.role_id = r.id";

List<Map<String, Object>> results = this.jdbcTemplate.queryForList(sql);

Map<String, String> srcMap = new HashMap<String, String>();

// 將查詢后的數據拼接并放入到Map中

for(Map<String,Object> val:results){

String url = (String) val.get("url");

String role = (String) val.get("role");

if(srcMap.containsKey(url)){

role = srcMap.get(url) + "," + role;

}

srcMap.put(url, role);

}

return srcMap;

}

}