如何实现基于角色的访问控制Java / MySql? [英] How to implement role-based access control Java/MySql?
问题描述
我打算开始一个基于Web的项目,该项目像论坛/ CMS一样涉及用户注册,但是我的障碍是我不知道如何实现所谓的基于角色的访问控制。
I am planing to start a web-based project that involves user registrations just like forums/CMS, but my barrier is that I have not idea how to implement the so-called role-based access control.
我在Google搜索了基于角色的访问控制,然后在结果书中找到了有关:
设计模式。
I googled for "role-based access control" and I found in the results books about: Design Patters.
这与我需要的东西有关吗?
是否有实现此想法的教程?
是在数据库方面还是在语言编程方面?
Is this related to what I need? Is there a tutorial about implementing this idea? Is the implementation on database-side or language programming-side?
任何参考?
推荐答案
设计表格,使用户可以根据您的系统扮演一个或多个角色
Design your tables such that user can have one or multiple role based on your system
定义对组页面的访问权限
Define your access to pages for group
admin.allowed = .*
user.allowed=/home/.*,/profile/.*
在某些属性文件中
创建一个Web过滤器,该Web过滤器可从会话中读取用户并确定角色,并查看是否允许请求该页面的页面重定向到其他页面
Create a Web Filter that reads the user from session and determines the role and sees if the page it is being requested is allowed if not it redirects to some other page
另请参见
- Writing an authorization filter for my web app(JSF 2.0)
这篇关于如何实现基于角色的访问控制Java / MySql?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
