Struts2+Spring+AOP 权限拦截+反射获取Action权限注解

来源：互联网发布：诸葛亮知乎编辑：程序博客网时间：2024/06/05 08:38

今天搞了一下Spring的AOP切面，作为权限判断。之后遇到一序列问题，，google+度娘一起上终于找到了

最先报错的是jar包~ CGLIB必须要导入否则 Spring代理你的Action类的时候会错

需要导入的jar包是

<dependency><groupId>org.springframework</groupId><artifactId>spring-aop</artifactId><version>${org.springframework.version}</version></dependency><!--  --><dependency>  <groupId>cglib</groupId>  <artifactId>cglib</artifactId>  <version>2.2.2</version></dependency><dependency><groupId>org.aspectj</groupId><artifactId>aspectjweaver</artifactId><version>1.6.8</version></dependency>

之后是添加Spring的切面

<aop:aspectj-autoproxy proxy-target-class="true"/>

添加的时候确定代理目标类

之后就是添加Struts2 中的配置了，交由Spring作为管理！

这两段都必须，否则Struts2 报错。

<constant name="struts.objectFactory" value="spring" /><constant name="struts.objectFactory.spring.autoWire.alwaysRespect" value="true"/>

登陆Action --- 无权限注解

@Action(value="userLogin",results={@Result(location="/default.jsp",type="redirect"),@Result(name=INPUT,location="/index.jsp",type="redirect",params={"message","${message}"})})public String userLogin() throws UnsupportedEncodingException{

获取菜单列表--- 权限注解

@Action(value="munuList",results=@Result(type="json"))@Permission(module="sysmanage",privilege="showMenu")public String menulist(){menuNodes = MenuNodes2Json.menuNode2Json(menuNodeService.getMenuNodes(),needUrl);return SUCCESS;}

最后就是编写切面了,只监听action，并在其中取消get和set方法

@Aspect@Componentpublic class Interceptor {/** * 定义切面 */@SuppressWarnings("unused")@Pointcut(" execution(java.lang.String edu.jmu.action..*.*()) && " +   "!execution(java.lang.String edu.jmu.action..*.set*()) && " +   "!execution(java.lang.String edu.jmu.action..*.get*())")private void intercepterMethod(){}@Around("intercepterMethod()")public Object doActionClassProfilling(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {Object returnValue = null;Privilege privilege = GenericsUtils.getMethodPermission(proceedingJoinPoint.getTarget().getClass(),proceedingJoinPoint.getSignature().getName());//没有获得注解  及不需要权限-- 则直接运行if( privilege == null || "".equals(privilege)){System.out.println("not annotation:" + proceedingJoinPoint.getSignature().getName());}else{System.out.println(privilege.getModule() + "  " + privilege.getPrivilege());}returnValue = proceedingJoinPoint.proceed();return returnValue;}}

工具类GenericsUtils，添加方法

@SuppressWarnings("rawtypes")public static Privilege getMethodPermission(Class clazz,String methodName) throws Exception{Method[] methods = clazz.getMethods();Privilege privilege = new Privilege();for(Method method : methods){if(methodName.equals(method.getName())){if(method.isAnnotationPresent(Permission.class)){Permission permission = method.getAnnotation(Permission.class);privilege.setModule(permission.module());privilege.setPrivilege(permission.privilege());}break;}}return privilege;}

到这一步还有没有问题，那就基本上搞定了

下面是控制台输出

[INFO] Scanning for projects...[INFO]                                                                         [INFO] ------------------------------------------------------------------------[INFO] Building this is a oa system 0.0.1-SNAPSHOT[INFO] ------------------------------------------------------------------------[INFO] [INFO] >>> tomcat-maven-plugin:1.1:run (default-cli) @ oa >>>[INFO] [INFO] --- maven-resources-plugin:2.5:resources (default-resources) @ oa ---[debug] execute contextualize[INFO] Using 'UTF-8' encoding to copy filtered resources.[INFO] Copying 4 resources[INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oa ---[INFO] Nothing to compile - all classes are up to date[INFO] [INFO] <<< tomcat-maven-plugin:1.1:run (default-cli) @ oa <<<[INFO] [INFO] --- tomcat-maven-plugin:1.1:run (default-cli) @ oa ---[INFO] Running war on http://localhost:8080/oa[INFO] Using existing Tomcat server configuration at E:\Workspaces\MyEclipse 10\oa\target\tomcat***

信息: Starting Coyote HTTP/1.1 on http-8080

not annotation:userLogin

Hibernate: select count(user0_.***=? and user0_.passWord=? limit ?Hibernate: select user0_.***role5_.roleId where user0_.userName=?Hibernate: select roles0_.userName as userName2_1_,***userName=?

sysmanage showMenu

没有注解的登陆 --- 登陆的时候捕获到了，

有注解权限的展示列表-- Json载入列表的时候也捕获了，

并且 get和set方法未捕获

搞定。。。收工~~~~~~