1:用戶表
表名:users | ||
列名 | 類型 | 說明 |
id | Varchar(32) | 主鍵 |
name | Varchar(30) | |
2:菜單表
insert into users values('U001','Jack','1234');
insert into users values('U002','張三','4321');
insert into users values('U003','Tom','1111');
insert into roles values('R001','管理員','');
insert into roles values('R002','教師','');
insert into roleuser values('U001','R001');
insert into roleuser values('U002','R002');
insert into menus values('M001','系統(tǒng)管理','/sys.jsp');
insert into menus values('M002','用戶管理','/user.jsp');
insert into menus values('M003','角色管理','/role.jsp');
insert into rolemenu values('M001','R001');
insert into rolemenu values('M002','R001');
insert into rolemenu values('M003','R001');
insert into rolemenu values('M003','R002');
/*查詢某個擁有某個角色*/
select u.name,r.name
from users u inner join roleuser ru on u.id=ru.uid
inner join roles r on ru.rid=r.id;
/*某角色擁有某菜單*/
select r.name,m.name
from roles r inner join rolemenu rm on r.id=rm.rid
inner join menus m on rm.mid=m.id;
/*查詢某人擁有某個菜單*/
select u.name,m.name
from users u inner join roleuser ru on u.id=ru.uid
inner join roles r on ru.rid=r.id
inner join rolemenu rm on r.id=rm.rid
inner join menus m on rm.mid=m.id;
第三步:創(chuàng)建JavaBean(領(lǐng)域模型)和工具類public class User {
PRivate String name;
private String id;
private String pwd;
連接數(shù)據(jù)庫的工具類:
分包:提供用戶的登錄,退出修改
Cn.hx.user.
userServlet
service
userService
dao
userDao
菜單
Cn.hx.menu
MenuServlet
MenuService
MenuDao
角色
對主頁面來只有Servvlet沒有service,調(diào)用別的service實現(xiàn)。
Cn.hx.main
MainServlet
(沒有Service)
第五步:開發(fā)登錄頁面<form name="name" action="<c:url value='/UserServlet?cmd=login'/>" method="post">
Name:<input type="text" name="name"/><br/>
pwd:<input type="text" name="pwd"/><br/>
<input type="submit"/>
</form>
第六步:開發(fā)整個的usre包Cn.hx.user.
userServlet
service
userService
dao
userDao
第七步:實菜單的查詢功能菜單是菜單的功能包。
主功能,有自己的servvlet- MainServvlet
第八步:使用過慮器驗證/jsp/*
這只是第一步,只是驗證用戶有沒有訪問的憑證。認證.
過濾器驗證類:
package cn.hx.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.ScalarHandler;
import cn.hx.domain.User;
import cn.hx.utils.DataSourceUtils;
public class AuthFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
//獲取uri
HttpServletRequest req = (HttpServletRequest) request;
String uri = req.getRequestURI();//Http://localhost:8080/day20/jsps/role.jsp->day20/jsps/role.jsp
uri = uri.replace(req.getContextPath(), "");
//組成sql
String sql = "SELECT COUNT(1)"+
" FROM menus m INNER JOIN rolemenu rm ON m.id=rm.mid"+
" INNER JOIN roles r ON r.id=rm.rid"+
" INNER JOIN roleuser ru ON r.id=ru.rid"+
" WHERE ru.uid=? AND url=?";
//取到用戶的id
User user = (User) req.getsession().getAttribute("user");
try{
QueryRunner run = new QueryRunner(DataSourceUtils.getDatasSource());
Object o = run.query(sql,new ScalarHandler(),user.getId(),uri);
int size = Integer.parseInt(o.toString());
if(size==0){
System.err.println("你沒有權(quán)限....");
}else{
chain.doFilter(req, response);
}
}catch(Exception e){
}
}
public void destroy() {
// TODO Auto-generated method stub
}
}
流程圖認證過程
登錄過程:
顯示菜單的過程:
新聞熱點
疑難解答
