各位,将权限或一些其它类似的初始化信息在HttpServlet的子类中实现效果如何?

03-10-22 ninsky
我现在在搞一个权限系统的设计(前面已经发过帖子了),打算将权限信息的初始化信息放到一个类似于HttpServlet的类中,这样在Jsp或是servlet中就不需要增加权限初始化信息了,也就是说我要求的这个类能够在jsp或servlet之前执行,但只能是session形式,而不能是application形式的,每个人的权限毕竟都不一样。

HttpServlet估计不能用,它好像是所有人共享的,而filter估计也是不可用了,那么是否还有其它形式呢?

likewater
2003-10-28 11:03
我在我自己的开源项目中是这么做的

用FILTER

在WEB.XML中你可以看到这样的配置

<filter-mapping>

<filter-name>MainFilter</filter-name>

<servlet-name>XXXservlet</servlet-name>

</filter-mapping>

<filter-mapping>

<filter-name>controlFilter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

MainFilter只做XXXservlet过来的request

controlFilter做所有的request

然后你自己实现一个FilterChain吧,第一步Filter什么(比如权限)

第二步Filter什么(比如日志)等等

至于初始化,用一个Listener搞定,例子如下:

public void contextInitialized(ServletContextEvent sce) {

//Servlet初始化,你尽管把系统启动时要加载的放在这里

BasicConfigurator.configure();

welcome();

logger.debug("contextInitialized");

}

//Notification that the servlet context is about to be shut down

public void contextDestroyed(ServletContextEvent sce) {

//这个是系统结束时的东东

leave();

logger.debug("contextDestroyed");

}

//Notification that a new attribute has been added to the servlet context

public void attributeAdded(ServletContextAttributeEvent scab) {

logger.debug("attributeAdded");

}

//Notification that an attribute has been removed from the servlet context

public void attributeRemoved(ServletContextAttributeEvent scab) {

logger.debug("attributeRemoved:"+scab.getName()+" : "+scab.getValue().toString());

}

//Notification that an attribute of the servlet context has been replaced

public void attributeReplaced(ServletContextAttributeEvent scab) {

logger.debug("attributeReplaced:"+scab.getName()+" : "+scab.getValue().toString());

}

//Notification that a session was created

public void sessionCreated(HttpSessionEvent se) {

logger.debug("sessionCreated");

}

//Notification that a session was invalidated

public void sessionDestroyed(HttpSessionEvent se) {

logger.debug("sessionDestroyed");

}

//Notification that a new attribute has been added to a session

public void attributeAdded(HttpSessionBindingEvent se) {

logger.debug("attributeAdded");

}

//Notification that an attribute has been removed from a session

public void attributeRemoved(HttpSessionBindingEvent se) {

logger.debug("attributeRemoved");

}

//Notification that an attribute of a session has been replaced

public void attributeReplaced(HttpSessionBindingEvent se) {

logger.debug("attributeReplaced");

}

你可以看到,你系统加载时可以做什么,系统结束时可以做什么,包括Session创建和销毁时可以做什么,好多的事情可以做哦

这些都是Servlet的标准,要更详细的信息不如去看看SUN的文档吧,希望对你有用。

:)

likewater
2003-10-28 11:06
filter有误,再发一遍

// 在此输入java代码
  <filter-mapping>
    <filter-name>MainFilter</filter-name>
    <servlet-name>fancyflowservlet</servlet-name>
  </filter-mapping>
  <filter-mapping>
    <filter-name>controlFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
<p>

ninsky
2003-10-29 23:40
我好像没说清楚,我所要的是在每个客户端初始化的信息都不一样的,也就是说我希望实现的找个东东更类似一个session,而filter或是httpservlet等更类似于application,当然这样类比可能不太恰当。

要知道,每个人的权限都是不一样的,所以每个人进来时.......

写到这时,我突然意识到我想多了,其实每个人进入系统都需要经过登录的啊,只要将登录后的验证信息放入session就可以了 啊,我这个帖子好像多此一问了^_^

猜你喜欢