WebFilter基于用户角色 [英] WebFilter base on user role
问题描述
这是我的登录过滤器类:
Here is my login filter class:
@WebFilter(urlPatterns = {"/backend/*", "/frontend/manager/*", "/frontend/faculty/*"})
public class AuthorizationFilter extends HttpFilter {
@Override
public void doFilter(HttpServletRequest request, HttpServletResponse response,
HttpSession session, FilterChain chain) throws ServletException, IOException {
UserManagedBean user = session != null ? (UserManagedBean) session.getAttribute("userManagedBean") : null;
if (user != null && user.isLoggedIn()) {
chain.doFilter(request, response);
} else {
response.sendRedirect(request.getContextPath() + "/frontend/login.xhtml?faces-redirect=true");
}
}
}
反正有没有办法让过滤器类自动将用户过滤到我根据其角色配置的urlPatterns上?
Is there anyway to let the filter class auto filter user to the urlPatterns I configured base on their roles?
例如,如果我是管理员,则过滤器将允许我访问/backend/*.如果我是经理,则筛选器将允许我访问/frontend/manager/*,而不允许其他人(后端,教师)使用.
For example, if I am an admin so the filter will allow me to access to /backend/*. If I am manager, then the filter will allow me to access to /frontend/manager/* and disallow me the other ones (backend, faculty).
推荐答案
不,过滤器不支持基于角色的URL匹配.为此,您应该通过<security-constraint>条目使用Java EE内置容器管理的安全性,而不是使用servlet过滤器的自制安全性.在这些<security-constraint>条目内,您可以通过<web-resource-collection><url-pattern>声明URL模式,并通过<auth-constraint><role-name>声明角色.
Nope, filters doesn't support role-based URL matching. For that, you should be using Java EE builtin container managed security by <security-constraint> entries instead of homebrewed security using a servlet filter. Inside those <security-constraint> entries you can declare URL patterns by <web-resource-collection><url-pattern> and roles by <auth-constraint><role-name>.
在过滤器中,最好的办法是手动检查HttpServletRequest#isUserInRole().
Inside a filter, best what you can do is manually checking HttpServletRequest#isUserInRole().
- How to handle authentication/authorization with users in a database?
- Java EE 6 tutorial - securing web applications
这篇关于WebFilter基于用户角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
