Java EE技术中的数据访问控制 [英] Data Access control in Java EE technologies

问题描述

我正在开发一个项目，该项目要求我实现一种机制来控制对页面上显示的内容的数据访问。

I am working on a project that requires that i implement a mechanism for controlling data access to the content that displayed on the pages.

首先澄清一点，我不是指不同用户登录特定页面和/或查看特定页面的能力。这是一种不同类型的访问控制。我对数据访问更感兴趣，即多个用户可以查看同一页面，但显示的数据取决于他们拥有的数据访问控制权限。

First off to clarify, i am not refering to the ability for different users to log on to a specific page and or view specific pages. That is a different type of access control. I am more interested in the "Data Access" i.e. where multiple users can view the same page but the data that is displayed depend on the data access control privileges they have.

我很想知道实施数据访问控制的不同方法。这种东西有没有框架？我目前正在使用Struts。

I am intersted to know of the different approaches out there to implementing "data access" control. is there a framework out there for this kind of thing? I am currently using Struts.

我正在考虑这样做，我需要以某种方式对我保留的数据进行分类和存储，以及哪些用户可以查看/修改它。我想尝试避免从头开始生成一些东西，所以我想知道专家是如何做到的，以及哪些框架技术可以帮助他们做到这一点。

I'm thinking to do this, i will need to somehow to categorize and store the kinds of data i keep and which configure which users can view/amend it. I want to try and avoid produce something completely from scratch so I'm wondering how the experts do this and what frameworks technologies assist them in doing it.

推荐答案

我想你需要 Spring Security Framework 。使用此框架，您可以为不同的用户分配不同的角色。例如，我们可以定义两个角色：ROLE_USER，ROLE_ADMIN。然后我们将这些角色分配给用户。例如，用户A只能有一个角色，ROLE_USER和用户B可以同时拥有这两个角色。现在，如果在特定的JSP上，您只想向用户B显示内容，则可以将代码放入一对授权标记中：

I guess you need Spring Security Framework. With this framework, you assign different roles to different users. For example, we can define two roles: ROLE_USER, ROLE_ADMIN. Then we assign those roles to users. For example, a user A can have only one role, ROLE_USER and a user B can have both of the roles. Now if on a particular JSP, you want to show something to user B only, you can put the code into a pair of authorization tags:

<sec:authorize ifAllGranted="ROLE_USER, ROLE_ADMIN">
     <!-- html, jsp scriplets, jstl tags inside here will be visible to user B only --> 
</sec:authorize>

同样如果你想向他们两个展示一些东西：

Similarly if you want to show something to both of them:

<sec:authorize ifAllGranted="ROLE_USER">
     <!-- anything inside here will be visible to both users --> 
</sec:authorize>

希望有所帮助。

这篇关于Java EE技术中的数据访问控制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！