运用Spring AOP验证用户权限实例

http://webservices.ctocio.com.cn/58/8678558.shtml

1.新建一个Java普通工程，并需导入spring-aop.jar包;

　　2.建UserInfo类：

　　

     package aop.secure;

　　public class UserInfo {

　　private String userName;

　　private String password;

　　public UserInfo(String userName, String password){

　　this.userName = userName;

　　this.password = password;

　　}

　　public String getPassword() {

　　return password;

　　}

　　public String getUserName() {

　　return userName;

　　}

　　}

　　3.建安全信息提示类SecureBean：

　　

     package aop.secure;

　　public class SecureBean {

　　public void writeSecureMessage(){

　　System.out.println("Every time I learn something new and it pushes some old stuff out of my brain.");

　　}

　　}

　　4.建切面类SecurityAdvice实现org.springframework.aop.MethodBeforeAdvice：

　　

      package aop.secure;

　　import java.lang.reflect.Method;

　　import org.springframework.aop.MethodBeforeAdvice;

　　public class SecurityAdvice implements MethodBeforeAdvice {

　　private SecurityManager securityManager;

　　public SecurityAdvice(){

　　this.securityManager = new SecurityManager();

　　}

　　public void before(Method method, Object[] args, Object target) throws Throwable {

　　UserInfo user = securityManager.getLoggedOnUser();

　　if(user == null){

　　System.out.println("No user authenticated.");

　　throw new SecurityException("Method name: " + method.getName());

　　}else if("chigo".equals(user.getUserName()) && "chigo".equals(user.getPassword())){

　　System.out.println("OKAY!");

　　}else{

　　System.out.println("Logged in user is: " + user.getUserName());

　　throw new SecurityException("User " + user.getUserName() + " is not allowed access to method " + method.getName());

　　}

　　}

　　}