日期:2014-05-16  浏览次数:20467 次

SSH项目中加入spring security(三)-- 将URL资源放入数据库配置

这篇博客,我是自己边学习边写,算是学习笔记。我知道深度不够,但是用于初学者学习入门应该还是不错的,各位看官轻拍吻

进入正题。。。

先给出上两篇的链接吧

SSH项目中加入spring security(一)?

SSH项目中加入spring security(二)--加入自定义数据表

我们一般做权限管理会用五个表来管理,分别有用户表、权限表、角色表、用户角色表和角色权限表,所以上一篇里面那种结构不能用到实际情况下面。

表结构

?创建表的sql,放入示例数据:

CREATE TABLE `user_role` (
  `id` char(32) NOT NULL,
  `role_id` char(32) DEFAULT NULL,
  `user_id` char(32) DEFAULT NULL,
  `create_date` datetime DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;


insert  into `user_role`(`id`,`role_id`,`user_id`,`create_date`) values ('402846814019e1b0014019e27eed0000','402846814019e1b0014019e27eed0000','402846814019e1b0014019e27eed0000','2013-07-29 00:00:00'),('402846814019e1b0014019e27eed0001','402846814019e1b0014019e27eed0001','402846814019e1b0014019e27eed0000','2013-07-29 00:00:00'),('402846814019e1b0014019e27eed0002','402846814019e1b0014019e27eed0001','402846814019e1b0014019e27eed0001','2013-07-29 00:00:00');

CREATE TABLE `privilege` (
  `id` char(32) NOT NULL,
  `pri_no` varchar(4) DEFAULT NULL,
  `pri_name` varchar(128) DEFAULT NULL,
  `pri_url` varchar(256) DEFAULT NULL,
  `disable` tinyint(1) DEFAULT '0',
  `create_date` datetime DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

insert  into `privilege`(`id`,`pri_no`,`pri_name`,`pri_url`,`disable`,`create_date`) values ('402846814019e1b0014019e27eed0000','1001','','/admin.jsp',0,NULL),('402846814019e1b0014019e27eed0001','1002','','/**',0,NULL);

CREATE TABLE `role` (
  `id` char(32) NOT NULL,
  `role_no` varchar(4) DEFAULT NULL,
  `role_name` varchar(128) DEFAULT NULL,
  `role_des` varchar(512) DEFAULT NULL,
  `disable` tinyint(1) DEFAULT '0',
  `creat_date` datetime DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

insert  into `role`(`id`,`role_no`,`role_name`,`role_des`,`disable`,`creat_date`) values ('402846814019e1b0014019e27eed0000','1','ROLE_ADMIN','管理员角色',0,NULL),('402846814019e1b0014019e27eed0001','2','ROLE_USER','用户角色',0,NULL);

CREATE TABLE `role_pri` (
  `id` char(32) NOT NULL,
  `role_id` char(32) DEFAULT NULL,
  `pri_id` char(32) DEFAULT NULL,
  `create_date` datetime DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

insert  into `role_pri`(`id`,`role_id`,`pri_id`,`create_date`) values ('402846814019e1b0014019e27eed0000','402846814019e1b0014019e27eed0000','402846814019e1b0014019e27eed0001',NULL),('402846814019e1b0014019e27eed0001','402846814019e1b0014019e27eed0001','402846814019e1b0014019e27eed0001',NULL),('402846814019e1b0014019e27eed0002','402846814019e1b0014019e27eed0000','402846814019e1b0014019e27eed0000',NULL);


CREATE TABLE `user` (
  `id` char(32) NOT NULL,
  `username` varchar(64) DEFAULT NULL,
  `pwd` varchar(64) DEFAULT NULL,
  `enabled` int(11) NOT NULL DEFAULT '1',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

insert  into `user`(`id`,`username`,`pwd`,`enabled`) values ('402846814019e1b0014019e27eed0000','admin','admin',1),('402846814019e1b0014019e27eed0001','sozhike','111111',1);

?上一篇中URL资源的配置方式:

<intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" />
<intercept-url pattern="/**" access="ROLE_USER" />

?所以我们得到这个结构的sql是:

select pr.pri_url,ro.role_name
from privilege as pr
join role_pri as rp
on pr.id = rp.pri_id
join role as ro
on ro.id = rp.role_id

?

接下来,我们需要对spring security进行扩展

将下面的类加入到项目当中

packa