Java tutorial
/** * Copyright (c) 2011-2014, hubin (jobob@qq.com). * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy of * the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the * License for the specific language governing permissions and limitations under * the License. */ package com.baomidou.kisso.web.interceptor; import java.lang.reflect.Method; import java.util.logging.Logger; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import com.baomidou.kisso.SSOAuthorization; import com.baomidou.kisso.SSOConfig; import com.baomidou.kisso.SSOHelper; import com.baomidou.kisso.SSOToken; import com.baomidou.kisso.annotation.Action; import com.baomidou.kisso.annotation.Permission; import com.baomidou.kisso.common.util.HttpUtil; /** * <p> * kisso ?? kisso ? * </p> * * @author hubin * @Date 2016-04-03 */ public class SSOPermissionInterceptor extends HandlerInterceptorAdapter { private static final Logger logger = Logger.getLogger("SSOPermissionInterceptor"); /* * ???? */ private SSOAuthorization authorization; /* * ??? URL */ private String illegalUrl; /** * <p> * ??? * </p> * <p> * Controller ?? * </p> */ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (handler instanceof HandlerMethod) { SSOToken token = SSOHelper.attrToken(request); if (token == null) { return true; } /* * ???? */ if (isVerification(request, handler, token)) { return true; } /* * ?? */ return unauthorizedAccess(request, response); } return true; } /** * <p> * ????? 1?? 2?? * </p> * @param request * @param handler * @param token * @return */ protected boolean isVerification(HttpServletRequest request, Object handler, SSOToken token) { /* * URL ??? */ if (SSOConfig.getInstance().isPermissionUri()) { String uri = request.getRequestURI(); if (uri == null || authorization.isPermitted(token, uri)) { return true; } } /* * ??? */ HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod(); Permission pm = method.getAnnotation(Permission.class); if (pm != null) { if (pm.action() == Action.Skip) { /** * */ return true; } else if (!"".equals(pm.value()) && authorization.isPermitted(token, pm.value())) { /** * ??? */ return true; } } /* * ? */ return false; } /** * * <p> * ??? 403 illegalUrl ???? * </p> * * @param request * @param response * @return * @throws Exception */ protected boolean unauthorizedAccess(HttpServletRequest request, HttpServletResponse response) throws Exception { logger.fine(" request 403 url: " + request.getRequestURI()); if (HttpUtil.isAjax(request)) { /* AJAX 403 ??? */ HttpUtil.ajaxStatus(response, 403, "ajax Unauthorized access."); } else { /* HTTP */ if (illegalUrl == null || "".equals(illegalUrl)) { response.sendError(403, "Forbidden"); } else { response.sendRedirect(illegalUrl); } } return false; } public SSOAuthorization getAuthorization() { return authorization; } public void setAuthorization(SSOAuthorization authorization) { this.authorization = authorization; } public String getIllegalUrl() { return illegalUrl; } public void setIllegalUrl(String illegalUrl) { this.illegalUrl = illegalUrl; } }