各位,将权限或一些其它类似的初始化信息在HttpServlet的子类中实现效果如何?

03-10-22 ninsky
我现在在搞一个权限系统的设计(前面已经发过帖子了),打算将权限信息的初始化信息放到一个类似于HttpServlet的类中,这样在Jsp或是servlet中就不需要增加权限初始化信息了,也就是说我要求的这个类能够在jsp或servlet之前执行,但只能是session形式,而不能是application形式的,每个人的权限毕竟都不一样。

HttpServlet估计不能用,它好像是所有人共享的,而filter估计也是不可用了,那么是否还有其它形式呢?

likewater
2003-10-28 11:03
我在我自己的开源项目中是这么做的

用FILTER
在WEB.XML中你可以看到这样的配置
<filter-mapping>
<filter-name>MainFilter</filter-name>
<servlet-name>XXXservlet</servlet-name>
</filter-mapping>
<filter-mapping>
<filter-name>controlFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

MainFilter只做XXXservlet过来的request
controlFilter做所有的request
然后你自己实现一个FilterChain吧,第一步Filter什么(比如权限)
第二步Filter什么(比如日志)等等

至于初始化,用一个Listener搞定,例子如下:
public void contextInitialized(ServletContextEvent sce) {
//Servlet初始化,你尽管把系统启动时要加载的放在这里
BasicConfigurator.configure();
welcome();
logger.debug("contextInitialized");
}
//Notification that the servlet context is about to be shut down
public void contextDestroyed(ServletContextEvent sce) {
//这个是系统结束时的东东
leave();
logger.debug("contextDestroyed");
}
//Notification that a new attribute has been added to the servlet context
public void attributeAdded(ServletContextAttributeEvent scab) {
logger.debug("attributeAdded");
}
//Notification that an attribute has been removed from the servlet context
public void attributeRemoved(ServletContextAttributeEvent scab) {

logger.debug("attributeRemoved:"+scab.getName()+" : "+scab.getValue().toString());
}
//Notification that an attribute of the servlet context has been replaced
public void attributeReplaced(ServletContextAttributeEvent scab) {
logger.debug("attributeReplaced:"+scab.getName()+" : "+scab.getValue().toString());
}
//Notification that a session was created
public void sessionCreated(HttpSessionEvent se) {
logger.debug("sessionCreated");
}
//Notification that a session was invalidated
public void sessionDestroyed(HttpSessionEvent se) {
logger.debug("sessionDestroyed");
}
//Notification that a new attribute has been added to a session
public void attributeAdded(HttpSessionBindingEvent se) {
logger.debug("attributeAdded");
}
//Notification that an attribute has been removed from a session
public void attributeRemoved(HttpSessionBindingEvent se) {
logger.debug("attributeRemoved");
}
//Notification that an attribute of a session has been replaced
public void attributeReplaced(HttpSessionBindingEvent se) {
logger.debug("attributeReplaced");
}


你可以看到,你系统加载时可以做什么,系统结束时可以做什么,包括Session创建和销毁时可以做什么,好多的事情可以做哦

这些都是Servlet的标准,要更详细的信息不如去看看SUN的文档吧,希望对你有用。
:)

likewater
2003-10-28 11:06
filter有误,再发一遍

// 在此输入java代码
  <filter-mapping>
    <filter-name>MainFilter</filter-name>
    <servlet-name>fancyflowservlet</servlet-name>
  </filter-mapping>
  <filter-mapping>
    <filter-name>controlFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
<p class="indent">

ninsky
2003-10-29 23:40
我好像没说清楚,我所要的是在每个客户端初始化的信息都不一样的,也就是说我希望实现的找个东东更类似一个session,而filter或是httpservlet等更类似于application,当然这样类比可能不太恰当。

要知道,每个人的权限都是不一样的,所以每个人进来时.......

写到这时,我突然意识到我想多了,其实每个人进入系统都需要经过登录的啊,只要将登录后的验证信息放入session就可以了 啊,我这个帖子好像多此一问了^_^