Spring security實(shí)現(xiàn)權(quán)限管理示例

更新時(shí)間：2017年01月13日 11:00:36 作者：零度anngle

這篇文章主要介紹了Spring security實(shí)現(xiàn)權(quán)限管理示例，這里整理了詳細(xì)的代碼,具有一定的參考價(jià)值，感興趣的小伙伴們可以參考一下。

Spring security實(shí)現(xiàn)權(quán)限管理示例，具體如下：
1、配置文件

1、POM.xml

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 
 <modelVersion>4.0.0</modelVersion> 
 <groupId>org.nercita</groupId> 
 <artifactId>BCP</artifactId> 
 <packaging>war</packaging> 
 <version>0.0.1-SNAPSHOT</version> 
 <name>BCP</name> 
 <url>http://maven.apache.org</url> 
  
 <properties> 
  <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> 
  <spring.version>4.0.5.RELEASE</spring.version>    
  <spring.security.version>3.2.3.RELEASE</spring.security.version> 
  <hibernate.version>4.3.5.Final</hibernate.version>  
 </properties> 
 <dependencies>  
  <!-- junit --> 
  <dependency> 
   <groupId>junit</groupId> 
   <artifactId>junit</artifactId> 
   <version>4.11</version> 
   <scope>test</scope>  
  </dependency> 
  
  <dependency> 
   <groupId>javax.servlet</groupId> 
   <artifactId>jstl</artifactId> 
   <version>1.2</version> 
   <scope>provided</scope> 
  </dependency> 
  <dependency> 
   <groupId>javax.servlet.jsp</groupId> 
   <artifactId>jsp-api</artifactId> 
   <version>2.1</version> 
   <scope>provided</scope> 
  </dependency> 
   
  <dependency> 
   <groupId>org.glassfish</groupId> 
   <artifactId>javax.annotation</artifactId> 
   <version>3.0.1</version> 
  </dependency> 
  <dependency> 
   <groupId>org.glassfish</groupId> 
   <artifactId>javax.ejb</artifactId> 
   <version>3.0.1</version> 
  </dependency> 
  <dependency> 
   <groupId>org.jboss.weld</groupId> 
   <artifactId>weld-osgi-bundle</artifactId> 
   <version>1.0.1-SP3</version> 
   <exclusions>        
      <exclusion> 
        <groupId>javassist</groupId> 
        <artifactId>javassist</artifactId>   
      </exclusion> 
    </exclusions> 
  </dependency> 
  <dependency> 
   <groupId>org.glassfish</groupId> 
   <artifactId>javax.servlet</artifactId> 
   <version>3.0.1</version> 
  </dependency> 
 
   
  <!-- spring4 --> 
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-core</artifactId> 
     <version>${spring.version}</version> 
  </dependency> 
   
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-aop</artifactId> 
     <version>${spring.version}</version> 
  </dependency> 
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-context</artifactId> 
     <version>${spring.version}</version> 
  </dependency>   
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-context-support</artifactId> 
    <version>${spring.version}</version>  
  </dependency>  
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-jdbc</artifactId> 
     <version>${spring.version}</version> 
  </dependency>    
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-beans</artifactId> 
     <version>${spring.version}</version> 
  </dependency> 
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-web</artifactId> 
     <version>${spring.version}</version> 
  </dependency>   
  <dependency> 
     <groupId>org.springframework</groupId> 
     <artifactId>spring-expression</artifactId> 
     <version>${spring.version}</version> 
  </dependency> 
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-orm</artifactId> 
    <version>${spring.version}</version> 
  </dependency>  
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-oxm</artifactId> 
    <version>${spring.version}</version> 
  </dependency>    
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-aspects</artifactId> 
    <version>${spring.version}</version> 
  </dependency> 
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-tx</artifactId> 
    <version>${spring.version}</version> 
  </dependency>     
  <dependency> 
   <groupId>org.springframework</groupId> 
   <artifactId>spring-test</artifactId> 
   <version>${spring.version}</version> 
  </dependency>   
  <!-- spring mvc --> 
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-webmvc</artifactId> 
    <version>${spring.version}</version> 
  </dependency> 
   
  <!-- 
  <dependency> 
    <groupId>org.springframework</groupId> 
    <artifactId>spring-webmvc-portlet</artifactId> 
    <version>${spring.version}</version> 
  </dependency>  
  -->  
   
  <!-- spring security --> 
  <dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-core</artifactId> 
    <version>${spring.security.version}</version> 
  </dependency> 
   
  <dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-config</artifactId> 
    <version>${spring.security.version}</version> 
  </dependency> 
   
  <dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-taglibs</artifactId> 
    <version>${spring.security.version}</version> 
  </dependency> 
   
  <dependency> 
    <groupId>org.springframework.security</groupId> 
    <artifactId>spring-security-web</artifactId> 
    <version>${spring.security.version}</version> 
  </dependency> 
     
  <!-- aspectj weaver.jar 這是SpringAOP所要用到的依賴包 --> 
  <dependency> 
    <groupId>org.aspectj</groupId> 
    <artifactId>aspectjweaver</artifactId> 
    <version>1.8.2</version> 
  </dependency> 
  <dependency> 
    <groupId>org.aspectj</groupId> 
    <artifactId>aspectjrt</artifactId> 
    <version>1.8.2</version> 
  </dependency>  
   
  <!-- 數(shù)據(jù)庫驅(qū)動(dòng)-mysql --> 
  <dependency> 
     <groupId>mysql</groupId> 
     <artifactId>mysql-connector-java</artifactId> 
     <version>5.1.26</version> 
  </dependency> 
   
  <!-- 數(shù)據(jù)庫驅(qū)動(dòng)-oracle --> 
  <dependency>      
     <groupId>com.oracle</groupId> 
     <artifactId>ojdbc6</artifactId> 
     <version>12.1.0.1</version> 
  </dependency>     
    
  <!-- 數(shù)據(jù)庫連接池 --> 
  <dependency> 
    <groupId>com.mchange</groupId> 
    <artifactId>c3p0</artifactId> 
    <version>0.9.5</version> 
  </dependency> 
   
  <!-- hibernate4 核心及依賴包 --> 
  <dependency> 
    <groupId>org.hibernate</groupId> 
    <artifactId>hibernate-core</artifactId> 
    <version>${hibernate.version}</version> 
    <exclusions>        
      <exclusion> 
        <groupId>org.javassist</groupId> 
        <artifactId>javassist</artifactId> 
      </exclusion> 
      <exclusion> 
        <artifactId>c3p0</artifactId> 
        <groupId>c3p0</groupId> 
      </exclusion> 
    </exclusions> 
     
  </dependency>    
  <!-- 支持JPA規(guī)范的core門面 --> 
  <dependency> 
    <groupId>org.hibernate</groupId> 
    <artifactId>hibernate-entitymanager</artifactId> 
    <version>${hibernate.version}</version> 
    <exclusions> 
      <exclusion> 
        <groupId>org.javassist</groupId> 
        <artifactId>javassist</artifactId> 
      </exclusion> 
    </exclusions>     
  </dependency>    
  <dependency>  
    <groupId>org.hibernate</groupId> 
    <artifactId>hibernate-ehcache</artifactId> 
    <version>${hibernate.version}</version> 
  </dependency>    
  <!-- JPA注解的實(shí)現(xiàn) --> 
  <!--   
  <dependency> 
   <groupId>org.hibernate.javax.persistence</groupId> 
   <artifactId>hibernate-jpa-2.0-api</artifactId> 
   <version>1.0.1.Final</version> 
  </dependency>  
  -->  
  <dependency> 
    <groupId>org.hibernate.javax.persistence</groupId> 
    <artifactId>hibernate-jpa-2.1-api</artifactId> 
    <version>1.0.0.Final</version> 
  </dependency>  
     
  <!-- 為了讓Hibernate使用代理模式，需要javassist --> 
  <dependency> 
    <groupId>org.javassist</groupId> 
    <artifactId>javassist</artifactId> 
    <version>3.18.1-GA</version> 
  </dependency>   
   
  <!-- antlr --> 
  <dependency> 
    <groupId>antlr</groupId> 
    <artifactId>antlr</artifactId> 
    <version>2.7.7</version> 
  </dependency> 
   
  <!-- dom4j --> 
  <dependency> 
    <groupId>dom4j</groupId> 
    <artifactId>dom4j</artifactId> 
    <version>1.6.1</version> 
  </dependency> 
  <!-- apache commons --> 
  <dependency> 
    <groupId>commons-dbcp</groupId> 
    <artifactId>commons-dbcp</artifactId> 
    <version>1.4</version> 
  </dependency> 
  <dependency> 
    <groupId>commons-pool</groupId> 
    <artifactId>commons-pool</artifactId> 
    <version>1.4</version> 
  </dependency>  
  <dependency> 
    <groupId>commons-collections</groupId> 
    <artifactId>commons-collections</artifactId> 
    <version>3.1</version> 
  </dependency>   
  <dependency> 
    <groupId>javax.transaction</groupId> 
    <artifactId>jta</artifactId> 
    <version>1.1</version> 
  </dependency>    
  <dependency> 
    <groupId>commons-lang</groupId> 
    <artifactId>commons-lang</artifactId>   
    <version>2.6</version> 
  </dependency>  
  <dependency>  
    <groupId>commons-beanutils</groupId> 
    <artifactId>commons-beanutils</artifactId> 
    <version>1.9.0</version> 
  </dependency>    
 
    
  <!-- pinyin4j --> 
  <dependency> 
    <groupId>com.belerweb</groupId> 
    <artifactId>pinyin4j</artifactId> 
    <version>2.5.0</version> 
  </dependency> 
    
  <!-- 其他必選依賴包 --> 
  <dependency> 
  <groupId>cglib</groupId> 
    <artifactId>cglib</artifactId> 
    <version>3.1</version> 
  </dependency> 
   
  <dependency> 
    <groupId>asm</groupId> 
    <artifactId>asm</artifactId> 
    <version>3.3.1</version> 
  </dependency>  
   
  <dependency> 
    <groupId>aopalliance</groupId> 
    <artifactId>aopalliance</artifactId> 
    <version>1.0</version> 
  </dependency> 
 
  <!--ehcache緩存 --> 
  <dependency> 
    <groupId>net.sf.ehcache</groupId> 
    <artifactId>ehcache</artifactId> 
    <version>2.8.3</version> 
  </dependency> 
     
  <!--其他組件 --> 
  <dependency> 
    <groupId>org.springframework.osgi</groupId> 
    <artifactId>spring-osgi-annotation</artifactId> 
    <version>1.2.1</version> 
     
  </dependency> 
    
  <dependency> 
    <groupId>wsdl4j</groupId> 
    <artifactId>wsdl4j</artifactId> 
    <version>1.6.3</version> 
  </dependency> 
   
<!---->  <dependency> 
     <groupId>org.apache</groupId> 
     <artifactId>cxf</artifactId> 
     <version>2.3.0</version> 
  </dependency>  
   
   
   
  <dependency> 
    <groupId>org.sitemesh</groupId> 
    <artifactId>sitemesh</artifactId> 
    <version>3.0.0</version> 
  </dependency>  
   
  <dependency>   
    <groupId>org.quartz-scheduler</groupId> 
    <artifactId>quartz</artifactId> 
    <version>2.1.7</version> 
    <exclusions>        
      <exclusion> 
        <groupId>c3p0</groupId> 
        <artifactId>c3p0</artifactId> 
      </exclusion> 
    </exclusions> 
  </dependency>      
     
  <dependency> 
    <groupId>net.sf.dozer</groupId> 
    <artifactId>dozer</artifactId> 
    <version>5.2.0</version> 
  </dependency> 
    
  <dependency> 
    <groupId>javax.validation</groupId> 
    <artifactId>validation-api</artifactId> 
    <version>1.1.0.Final</version> 
  </dependency> 
  <dependency>  
    <groupId>org.hibernate</groupId> 
    <artifactId>hibernate-validator</artifactId> 
    <version>4.3.0.Final</version> 
  </dependency>  
  <dependency> 
    <groupId>com.fasterxml.jackson.core</groupId> 
    <artifactId>jackson-databind</artifactId> 
    <version>2.5.1</version> 
  </dependency> 
   
  <dependency> 
    <groupId>com.fasterxml</groupId> 
    <artifactId>classmate</artifactId> 
    <version>1.1.0</version> 
  </dependency>  
   
  <dependency>  
    <groupId>com.thoughtworks.xstream</groupId> 
    <artifactId>xstream</artifactId> 
    <version>1.4.7</version> 
  </dependency> 
   
   
  <dependency> 
    <groupId>com.sun.mail</groupId> 
    <artifactId>javax.mail</artifactId> 
    <version>1.5.2</version> 
  </dependency>  
    
   
  <dependency> 
    <groupId>org.apache.struts</groupId> 
    <artifactId>struts2-core</artifactId> 
    <version>2.3.12</version> 
    <exclusions>        
      <exclusion> 
        <groupId>javassist</groupId> 
        <artifactId>javassist</artifactId> 
      </exclusion> 
    </exclusions> 
  </dependency> 
   
  <dependency> 
    <groupId>org.apache.struts</groupId> 
    <artifactId>struts2-spring-plugin</artifactId> 
    <version>2.3.12</version> 
  </dependency> 
   
  <dependency> 
    <groupId>org.dbunit</groupId> 
    <artifactId>dbunit</artifactId> 
    <version>2.4.7</version> 
  </dependency> 
   
  <dependency>  
    <groupId>org.easymock</groupId> 
    <artifactId>easymock</artifactId> 
    <version>3.2</version> 
  </dependency> 
   
  <dependency> 
    <groupId>org.apache.ws.commons.schema</groupId> 
    <artifactId>XmlSchema</artifactId> 
    <version>1.4.7</version> 
  </dependency> 
   
  <!-- httpclient -->   
  <dependency> 
    <groupId>org.apache.httpcomponents</groupId> 
    <artifactId>httpclient</artifactId> 
    <version>4.2.1</version> 
  </dependency> 
   
  <!-- log4j 日志--> 
  <dependency> 
     <groupId>log4j</groupId> 
     <artifactId>log4j</artifactId> 
     <version>1.2.17</version> 
  </dependency> 
   
  <!-- slf4j-api 日志接口 --> 
  <dependency> 
    <groupId>org.slf4j</groupId> 
    <artifactId>slf4j-api</artifactId> 
    <version>1.7.7</version> 
    </dependency> 
     
  <!-- slf4j-log4j12 日志接口橋接 --> 
  <dependency> 
    <groupId>org.slf4j</groupId> 
    <artifactId>slf4j-log4j12</artifactId> 
    <version>1.7.7</version> 
  </dependency> 
     
  <!-- slf4j-nop 日志 --> 
  <dependency> 
    <groupId>org.slf4j</groupId> 
    <artifactId>slf4j-nop</artifactId> 
    <version>1.7.7</version> 
  </dependency> 
   
  <!-- log4j2 日志--> 
  <dependency> 
    <groupId>org.apache.logging.log4j</groupId> 
    <artifactId>log4j-api</artifactId> 
    <version>2.1</version> 
  </dependency> 
  <dependency> 
    <groupId>org.apache.logging.log4j</groupId> 
    <artifactId>log4j-core</artifactId> 
    <version>2.1</version> 
  </dependency> 
     
 
     
  <!-- 文件上傳 --> 
  <dependency> 
     <groupId>commons-fileupload</groupId> 
     <artifactId>commons-fileupload</artifactId> 
     <version>1.3.1</version> 
  </dependency> 
     
  <!-- fastJson json數(shù)組有關(guān)的 --> 
  <dependency> 
    <groupId>com.alibaba</groupId> 
    <artifactId>fastjson</artifactId> 
    <version>1.2.1</version> 
  </dependency> 
     
  <!-- 使用 Jackson 把 Java對(duì)象轉(zhuǎn)換成 JSON字符串 --> 
  <dependency> 
     <groupId>org.codehaus.jackson</groupId> 
     <artifactId>jackson-mapper-asl</artifactId> 
     <version>1.9.13</version> 
  </dependency> 
   
  <!-- poi -->   
  <dependency> 
    <groupId>org.apache.poi</groupId> 
    <artifactId>poi</artifactId> 
    <version>3.13</version> 
  </dependency>  
  <dependency> 
    <groupId>org.apache.poi</groupId> 
    <artifactId>poi-ooxml</artifactId> 
    <version>3.13</version> 
  </dependency> 
   
  <!--  
  <dependency>   
    <groupId>org.apache.poi</groupId> 
    <artifactId>openxml4j</artifactId> 
    <version>1.0-beta</version> 
  </dependency>  
  --> 
   
   
  <!-- jxls --> 
  <dependency> 
    <groupId>net.sf.jxls</groupId> 
    <artifactId>jxls-core</artifactId> 
    <version>1.0.6</version> 
  </dependency> 
  <dependency> 
    <groupId>net.sf.jxls</groupId> 
    <artifactId>jxls-reader</artifactId> 
    <version>1.0.6</version> 
  </dependency> 
   
  <!-- xmlpull xml to java -->  
  <dependency> 
    <groupId>xmlpull</groupId> 
    <artifactId>xmlpull</artifactId> 
    <version>1.1.3.4a</version> 
  </dependency> 
  <!-- 使用JSONObject,將接收到的結(jié)果轉(zhuǎn)成JSON格式 --> 
  <dependency> 
    <groupId>net.sf.json-lib</groupId> 
    <artifactId>json-lib</artifactId> 
    <version>2.4</version> 
    <classifier>jdk15</classifier><!--指定jdk版本-->  
  </dependency> 
  <!-- net.sf.json-lib包依賴以下包:--> 
  <dependency> 
    <groupId>commons-logging</groupId> 
    <artifactId>commons-logging</artifactId> 
    <version>1.2</version> 
  </dependency> 
  <dependency> 
    <groupId>net.sf.ezmorph</groupId> 
    <artifactId>ezmorph</artifactId> 
    <version>1.0.6</version> 
  </dependency> 
   
  <dependency> 
    <groupId>net.coobird</groupId> 
    <artifactId>thumbnailator</artifactId> 
    <version>0.4.7</version> 
  </dependency> 
  <!-- 云通訊短信發(fā)送API--> 
  <dependency> 
   <groupId>com.yuntongxun</groupId> 
   <artifactId>ccp</artifactId> 
   <version>2.6.3</version> 
  </dependency> 
 
  
   
 </dependencies> 
  
  
 <build> 
  <finalName>BCP</finalName> 
 </build> 
  
</project>

2.web.xml

<?xml version="1.0" encoding="UTF-8"?> 
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"  
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
     xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> 
   
  <display-name>SSH-Application</display-name>   
   
  <!--初始化參數(shù)--> 
  <context-param> 
    <param-name>contextConfigLocation</param-name> 
    <param-value>/WEB-INF/classes/applicationContext*.xml</param-value> 
  </context-param>  
   
  <context-param>  
    <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>  
    <param-value>message/message-info</param-value>    
  </context-param> 
   
  <!--Spring ContextLoaderListener --> 
  <listener> 
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> 
  </listener>  
   
   
  <!-- ETag過濾器,節(jié)省帶寬 --> 
  <filter> 
    <filter-name>etagFilter</filter-name> 
    <filter-class>org.springframework.web.filter.ShallowEtagHeaderFilter</filter-class> 
  </filter> 
  <filter-mapping> 
    <filter-name>etagFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
  </filter-mapping> 
   
  <!--UTF-8編碼 --> 
  <filter> 
    <filter-name>CharacterEncodingFilter</filter-name> 
    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class> 
    <init-param> 
      <param-name>encoding</param-name> 
      <param-value>UTF-8</param-value> 
    </init-param> 
    <init-param> 
      <param-name>forceEncoding</param-name> 
      <param-value>true</param-value> 
    </init-param> 
  </filter>  
  <filter-mapping> 
    <filter-name>CharacterEncodingFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
  </filter-mapping> 
   
  <!-- OpenSessionInViewFilter --> 
  <filter> 
    <filter-name>OpenSessionInViewFilter</filter-name> 
    <filter-class>org.springframework.orm.hibernate4.support.OpenSessionInViewFilter</filter-class> 
    <init-param> 
      <param-name>singleSession</param-name> 
      <param-value>true</param-value> 
    </init-param> 
  </filter> 
  <filter-mapping> 
    <filter-name>OpenSessionInViewFilter</filter-name> 
    <url-pattern>/*</url-pattern> 
  </filter-mapping>    
   
 
  <filter> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
  </filter> 
  <filter-mapping> 
    <filter-name>springSecurityFilterChain</filter-name> 
    <url-pattern>/*</url-pattern> 
  </filter-mapping>  
 
     
  <!-- 頁面裝配-sitemesh --> 
  <filter> 
    <filter-name>sitemesh</filter-name> 
    <filter-class>org.sitemesh.config.ConfigurableSiteMeshFilter</filter-class> 
  </filter> 
  <filter-mapping> 
    <filter-name>sitemesh</filter-name> 
    <url-pattern>/*</url-pattern> 
  </filter-mapping>  
  
   
  <!-- 清理內(nèi)存 --> 
  <listener> 
    <listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class> 
  </listener> 
  
  <!-- WebService-CXF -->  
  <servlet> 
    <servlet-name>CXFServlet</servlet-name> 
    <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class> 
  </servlet> 
  <servlet-mapping> 
    <servlet-name>CXFServlet</servlet-name> 
    <url-pattern>/services/*</url-pattern> 
  </servlet-mapping>  
 
  <!-- spring-MVC -->  
  <servlet> 
    <servlet-name>springMVC</servlet-name> 
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> 
    <init-param> 
      <param-name>contextConfigLocation</param-name> 
      <param-value>classpath:config/webmvc-config.xml</param-value> 
    </init-param> 
    <load-on-startup>1</load-on-startup> 
  </servlet> 
  <servlet-mapping> 
    <servlet-name>springMVC</servlet-name> 
    <url-pattern>/</url-pattern> 
  </servlet-mapping> 
   
  <!-- session過期時(shí)長 --> 
  <session-config> 
    <session-timeout>60</session-timeout> 
  </session-config> 
   
  <!--默認(rèn)首頁 --> 
  <welcome-file-list> 
    <welcome-file>/main.jsp</welcome-file> 
  </welcome-file-list> 
   
  <!-- 異常頁面 --> 
  <error-page> 
    <exception-type>java.lang.Throwable</exception-type> 
    <location>/common/500.jsp</location> 
  </error-page> 
  <error-page> 
    <error-code>500</error-code> 
    <location>/common/500.jsp</location> 
  </error-page>  
  <error-page> 
    <error-code>404</error-code> 
    <location>/common/404.jsp</location> 
  </error-page> 
  <error-page> 
    <error-code>403</error-code> 
    <location>/common/403.jsp</location> 
  </error-page> 
   
  <!--      
  <servlet> 
    <servlet-name>coreServlet</servlet-name> 
    <servlet-class> 
    org.nercita.bcp.wechat.servlet.CoreServlet 
    </servlet-class> 
  </servlet>   
  <servlet-mapping>  
    <servlet-name>coreServlet</servlet-name>  
    <url-pattern>/wx.do</url-pattern>  
  </servlet-mapping> 
   --> 
</web-app>

3.application-security.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
       xmlns:beans="http://www.springframework.org/schema/beans" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd 
                 http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">  
   
  <!-- 配置不要過濾的圖片等靜態(tài)資源 --> 
  <http pattern="/services*" security="none" /> 
  <http pattern="/wx.do*" security="none" /> 
  <http pattern="/api/**" security="none" /> 
  <http pattern="/services/**" security="none" /> 
  <http pattern="/common/**" security="none" /> 
  <http pattern="/images/**" security="none" /> 
  <http pattern="/styles/**" security="none" /> 
  <http pattern="/js/**" security="none" /> 
  <http pattern="/css/**" security="none" /> 
  <http pattern="/htm/**" security="none" /> 
  <http pattern="/main.jsp*" security="none" /> 
  <http pattern="/login.jsp*" security="none" /> 
  <http pattern="/install.jsp*" security="none" /> 
  <http pattern="/system/springSecurity/init*" security="none" /> 
  <http pattern="/system/user/registPage*" security="none" /> 
  <http pattern="/system/user/regist*" security="none" /> 
  <http pattern="/mr*" security="none" /> 
  <http pattern="/system/user/mobile/regist*" security="none" /> 
  <http pattern="/system/user/activate*" security="none" /> 
  <http pattern="/system/user/checkImg*" security="none" /> 
  <http pattern="/system/user/checkName*" security="none" />        
  <http pattern="/system/user/checkValidateCode*" security="none" />        
  <http pattern="/system/user/forgotPassword*" security="none" />  
  <http pattern="/system/user/resetRequest*" security="none" />  
  <http pattern="/system/user/resetPasswordPage*" security="none" />  
  <http pattern="/system/user/resetPassword*" security="none" />  
  <http pattern="/system/message/save*" security="none" /> 
  <http pattern="/system/message/introduction" security="none" />  
    
  <http auto-config="true" create-session="always" access-denied-page="/common/403.jsp" 
     use-expressions="true" disable-url-rewriting="true"> 
    <!-- 配置登錄頁面 -->  
    <form-login login-page="/login.jsp" login-processing-url="/j_spring_security_check"  
          authentication-failure-url="/login.jsp?error=true"  
          default-target-url="/index"  
          always-use-default-target="true" 
          authentication-success-handler-ref="authenticationSuccess"  
          authentication-failure-handler-ref="exceptionMappingAuthenticationFailureHandler"/> 
 
    <!-- "記住我"功能，采用持久化策略(將用戶的登錄信息存放cookie -->        
    <remember-me key="bcp" use-secure-cookie="true" /> 
     
    <!-- 用戶退出的跳轉(zhuǎn)頁面 -->  
    <!-- <logout invalidate-session="true" logout-url="/j_spring_security_logout" logout-success-url="/login.jsp"/> --> 
    <logout invalidate-session="true" logout-url="/j_spring_security_logout" success-handler-ref="logoutSuccessHandler" /> 
     
    <!-- 會(huì)話管理，設(shè)置最多登錄異常，error-if-maximum-exceeded = false為第二次登錄就會(huì)使前一個(gè)登錄失效 --> 
    <session-management invalid-session-url="/login.jsp?expired=true"> 
      <concurrency-control max-sessions="1" error-if-maximum-exceeded="false" expired-url="/login.jsp?expired=true"/> 
    </session-management> 
     
    <!-- 添加自定義的過濾器 放在FILTER_SECURITY_INTERCEPTOR之前有效 -->       
    <custom-filter ref="customFilterSecurityInterceptor" before="FILTER_SECURITY_INTERCEPTOR" />  
     
    <custom-filter ref="switchUserProcessingFilter" after="FILTER_SECURITY_INTERCEPTOR"/>  
     
    <anonymous enabled="false" />  
  </http> 
   
  <!-- 登陸成功跳轉(zhuǎn) --> 
  <beans:bean id="authenticationSuccess" class="org.nercita.bcp.system.service.CustomSavedRequestAwareAuthenticationSuccessHandler"> 
     <beans:property name="defaultTargetUrl" value="/index"/> 
  </beans:bean> 
   
  <!-- 注銷成功 --> 
  <beans:bean id="logoutSuccessHandler" class="org.nercita.bcp.system.service.CustomLogoutSuccessHandler"> 
     <beans:property name="defaultTargetUrl" value="/login.jsp"></beans:property> 
  </beans:bean> 
   
  <beans:bean id="customUserDetailsService" class="org.nercita.bcp.system.service.CustomUserDetailsService"/> 
  
  <!-- 用戶登陸處理 --> 
  <authentication-manager alias="authenticationManager"> 
    <authentication-provider user-service-ref="customUserDetailsService">       
      <password-encoder hash="md5" base64="true" > 
         <salt-source user-property="username"/> 
      </password-encoder>        
    </authentication-provider> 
  </authentication-manager> 
   
  <beans:bean id="exceptionMappingAuthenticationFailureHandler" class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler"> 
    <beans:property name="exceptionMappings"> 
      <beans:props> 
        <beans:prop key="org.springframework.security.authentication.DisabledException">/login.jsp?role=false</beans:prop> 
        <beans:prop key="org.springframework.security.authentication.BadCredentialsException">/login.jsp?error=true</beans:prop> 
        <beans:prop key="org.springframework.security.authentication.LockedException">/login.jsp?locked=true</beans:prop>       
      </beans:props> 
    </beans:property> 
  </beans:bean> 
   
  <beans:bean id="switchUserProcessingFilter" class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter"> 
      <beans:property name="userDetailsService" ref="customUserDetailsService" /> 
      <beans:property name="switchUserUrl" value="/j_spring_security_switch_user" /> 
      <beans:property name="exitUserUrl" value="/j_spring_security_exit_user" /> 
      <beans:property name="targetUrl" value="/index" /> 
  </beans:bean>  
   
</beans:beans>

4. applicationContext.xml

<?xml version="1.0" encoding="UTF-8" standalone="no"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
  xmlns:aop="http://www.springframework.org/schema/aop"  
  xmlns:context="http://www.springframework.org/schema/context" 
  xmlns:jee="http://www.springframework.org/schema/jee"  
  xmlns:tx="http://www.springframework.org/schema/tx" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd   
            http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd   
            http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd   
            http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-4.0.xsd   
            http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd"> 
  <!-- 引入屬性文件 --> 
  <context:property-placeholder location="classpath*:/application.properties" /> 
 
  <context:spring-configured />  
 
  <!-- 注解bean及依賴注入 --> 
  <context:component-scan base-package="org.nercita.bcp"> 
    <context:exclude-filter expression="org.springframework.stereotype.Controller" type="annotation" /> 
  </context:component-scan> 
   
  <!-- 數(shù)據(jù)源 --> 
  <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" > 
    <property name="driverClass" value="${db.driverClass}"/> 
    <property name="jdbcUrl" value="${db.url}"/> 
    <property name="user" value="${db.username}"/> 
    <property name="password" value="${db.password}"/> 
  </bean>  
   
  <!-- sessionFactory --> 
  <bean id="sessionFactory" class="org.springframework.orm.hibernate4.LocalSessionFactoryBean"> 
    <property name="dataSource"> 
      <ref bean="dataSource" /> 
    </property> 
    <property name="hibernateProperties"> 
      <props> 
        <prop key="hibernate.dialect">${hibernate.dialect}</prop> 
        <prop key="hibernate.show_sql">${hibernate.show_sql}</prop> 
        <prop key="hibernate.format_sql">${hibernate.format_sql}</prop> 
        <prop key="hibernate.cache.use_second_level_cache">${hibernate.use_second_level_cache}</prop> 
        <prop key="hibernate.cache.use_query_cache">${hibernate.use_query_cache}</prop> 
        <prop key="hibernate.cache.region.factory_class">org.hibernate.cache.ehcache.EhCacheRegionFactory</prop>  
        <prop key="hibernate.hbm2ddl.auto">${hibernate.hbm2ddl}</prop> 
      </props> 
    </property> 
    <property name="packagesToScan"> 
      <list> 
         <value>org.nercita.bcp.**.domain**</value>  
      </list> 
    </property> 
  </bean> 
 
  <!-- 事務(wù)管理器 --> 
  <bean id="transactionManager" class="org.springframework.orm.hibernate4.HibernateTransactionManager"> 
    <property name="sessionFactory" ref="sessionFactory" /> 
  </bean>  
   
  <!-- 開啟注解事務(wù) --> 
  <tx:annotation-driven transaction-manager="transactionManager" /> 
 
  <!-- 獲取spring上下文 的ApplicationContextAware的實(shí)現(xiàn)Bean --> 
  <bean class="org.nercita.core.utils.SpringContextHolder" lazy-init="false" />  
 
 
 
</beans>

5.application.properties

#jdbc settings 
 
 
#Mysql settings 3306 
#db.url=jdbc:mysql://localhost:3306/bcp 
#db.driverClass=com.mysql.jdbc.Driver 
#db.username=root 
#db.password=0729 
#hibernate.dialect=org.hibernate.dialect.MySQLDialect 

#hibernate settings 
hibernate.show_sql=true 
hibernate.format_sql=true 
hibernate.use_second_level_cache=true 
hibernate.use_query_cache=true 
hibernate.hbm2ddl=update

6. springMVC-config.xml

<?xml version="1.0" encoding="UTF-8" standalone="no"?> 
<beans xmlns="http://www.springframework.org/schema/beans" 
  xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context" 
  xmlns:p="http://www.springframework.org/schema/p" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd    
  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd  
  http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd"> 
   
  <!-- 靜態(tài)資源 不攔截 --> 
  <mvc:resources location="/common/"  mapping="/common/**"/> 
  <mvc:resources location="/images/"  mapping="/images/**" /> 
  <mvc:resources location="/js/"    mapping="/js/**" />  
  <mvc:resources location="/css/"   mapping="/css/**" /> 
  <mvc:resources location="/styles/"  mapping="/styles/**" /> 
  <mvc:resources location="/htm/"   mapping="/htm/**" /> 
   
  <import resource="view-controller.xml" /> 
   
  <context:annotation-config/> 
   
  <context:component-scan base-package="org.nercita.bcp" use-default-filters="false"> 
    <context:include-filter expression="org.springframework.stereotype.Controller" type="annotation" /> 
  </context:component-scan> 
     
  <bean id="handlerMapping" class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping"/>  
  <bean id="handlerAdapter" class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">  
    <property name="messageConverters"> 
      <list> 
        <bean class="org.nercita.core.web.springmvc.StringHttpMessageConverter" /> 
        <ref bean="msgConverter"/> 
      </list> 
    </property> 
    <property name="webBindingInitializer"> 
      <bean class="org.nercita.core.web.springmvc.CustomBindInitializer">      
        <!--  
        <property name="validator" ref="validator" /> 
        <property name="conversionService" ref="conversionService" />  
        -->  
      </bean>  
    </property> 
  </bean>   
   
  <bean id="msgConverter" class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter"> 
    <property name="supportedMediaTypes"> 
      <list> 
        <value>text/html;charset=UTF-8</value> 
        <value>text/json;charset=UTF-8</value> 
        <value>application/json;charset=UTF-8</value> 
      </list> 
    </property> 
  </bean>  
   
  <!--  
  <bean id="validator" class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean"/> 
  <bean id="conversionService" class="org.springframework.format.support.FormattingConversionServiceFactoryBean"/>  
  -->  
   
  <bean class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver"> 
    <property name="ignoreAcceptHeader" value="true"/> 
    <property name="defaultContentType" value="text/html"/> 
    <property name="mediaTypes"> 
      <map> 
        <entry key="json" value="application/json"/> 
        <entry key="xml" value="application/xml"/> 
      </map> 
    </property> 
    <property name="favorParameter" value="false"/> 
    <property name="viewResolvers"> 
      <list> 
        <bean class="org.springframework.web.servlet.view.BeanNameViewResolver"/> 
        <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> 
          <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/> 
          <property name="prefix" value="/WEB-INF/views/"/> 
          <property name="suffix" value=".jsp"/> 
        </bean> 
      </list> 
    </property> 
    <property name="defaultViews"> 
      <list> 
        <bean class="org.springframework.web.servlet.view.json.MappingJacksonJsonView"/> 
        <bean class="org.springframework.web.servlet.view.xml.MarshallingView"> 
          <property name="marshaller"> 
            <bean class="org.springframework.oxm.xstream.XStreamMarshaller"/> 
          </property> 
        </bean> 
      </list> 
    </property> 
  </bean>  
   
  <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> 
    <property name="defaultErrorView" value="error" /> 
    <property name="exceptionMappings"> 
      <props> 
        <prop key=".DataAccessException">dataAccessFailure</prop> 
        <prop key=".NoSuchRequestHandlingMethodException">resourceNotFound</prop> 
        <prop key=".TypeMismatchException">resourceNotFound</prop> 
        <prop key=".lang.Exception">uncaughtException</prop> 
      </props> 
    </property> 
  </bean>   
 
  <!-- 文件上傳--> 
  <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"> 
    <property name="maxUploadSize" value="104857600"/> 
    <property name="maxInMemorySize" value="4096"/> 
  </bean> 
 
   
  <!-- 處理國際化資源文件 -->  
  <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">   
    <property name="basename" value="message/message-info" />        
    <property name="useCodeAsDefaultMessage" value="true" />     
  </bean> 
   
   
  
</beans>

2、實(shí)現(xiàn)代碼

1、CustomAccessDecisionManager.Java

package org.nercita.bcp.system.service; 
 
import java.util.Collection; 
import java.util.Iterator; 
 
import org.springframework.security.access.AccessDecisionManager; 
import org.springframework.security.access.AccessDeniedException; 
import org.springframework.security.access.ConfigAttribute; 
import org.springframework.security.access.SecurityConfig; 
import org.springframework.security.authentication.InsufficientAuthenticationException; 
import org.springframework.security.core.Authentication; 
import org.springframework.security.core.GrantedAuthority; 
import org.springframework.stereotype.Service; 
 
/**  
 * 該類為訪問決策器，決定某個(gè)用戶具有的角色，是否有足夠的權(quán)限去訪問某個(gè)資源，實(shí)現(xiàn)用戶和訪問權(quán)限的對(duì)應(yīng)關(guān)。 
 * 這個(gè)類主要是處理用戶在訪問某個(gè)URL的時(shí)候，就會(huì)通過訪問該類的權(quán)限與登錄用戶所擁有的權(quán)限做比較， 
 * 如果用戶擁有權(quán)限，那就可以到訪問資源，如果沒有權(quán)限，那不能訪問資源，還會(huì)拋一個(gè)異常。 
 * AccessdecisionManager在Spring security中是很重要的。  
 * 驗(yàn)證部分簡略提過所有的Authentication實(shí)現(xiàn)需要保存在一個(gè)GrantedAuthority對(duì)象數(shù)組中。 這就是賦予給主體的權(quán)限。  
 * GrantedAuthority對(duì)象通過AuthenticationManager 保存到 Authentication對(duì)象里，然后從AccessDecisionManager讀出來，進(jìn)行授權(quán)判斷。  
 * Spring Security提供了一些攔截器，來控制對(duì)安全對(duì)象的訪問權(quán)限，例如方法調(diào)用或web請(qǐng)求。  
 * 一個(gè)是否允許執(zhí)行調(diào)用的預(yù)調(diào)用決定，是由AccessDecisionManager實(shí)現(xiàn)的。  
 * 這個(gè) AccessDecisionManager被AbstractSecurityInterceptor調(diào)用， 用來作最終訪問控制的決定。 
 *  
 * 這個(gè)AccessDecisionManager接口包含三個(gè)方法：  
 * void decide(Authentication authentication, Object secureObject, List<ConfigAttributeDefinition> config);  
 * boolean supports(ConfigAttribute attribute); boolean supports(Class clazz);  
 * 第一個(gè)方法：AccessDecisionManager使用方法參數(shù)傳遞所有信息，認(rèn)證評(píng)估時(shí)進(jìn)行決定。  
 * 如果訪問被拒絕，實(shí)現(xiàn)將拋出一個(gè)AccessDeniedException異常。   
 * 第二個(gè)方法：在啟動(dòng)的時(shí)候被 AbstractSecurityInterceptor調(diào)用， 
 * 來決定AccessDecisionManager 是否可以執(zhí)行傳遞ConfigAttribute。 
 * 第三個(gè)方法：被安全攔截器實(shí)現(xiàn)調(diào)用， 安全攔截器將顯示的AccessDecisionManager支持安全對(duì)象的類型。   
 */ 
@Service("customAccessDecisionManager") 
public class CustomAccessDecisionManager implements AccessDecisionManager { 
  /** 
  * 該方法：需要比較權(quán)限和權(quán)限配置 
  * object參數(shù)是一個(gè) URL, 同一個(gè)過濾器該url對(duì)應(yīng)的權(quán)限配置被傳遞過來. 
  * 查看authentication是否存在權(quán)限在configAttributes中 
  * 如果沒有匹配的權(quán)限, 扔出一個(gè)拒絕訪問的異常 
  */ 
  @Override 
  public void decide(Authentication authentication, Object object, 
      Collection<ConfigAttribute> configAttributes) 
      throws AccessDeniedException, InsufficientAuthenticationException { 
    if (configAttributes==null){ 
      return; 
    }     
    Iterator<ConfigAttribute> iter = configAttributes.iterator();     
    while(iter.hasNext()){ 
      ConfigAttribute ca = iter.next(); 
      String needRole = ((SecurityConfig) ca).getAttribute(); 
      //gra 為用戶所被賦予的權(quán)限，needRole為訪問相應(yīng)的資源應(yīng)具有的權(quán)限 
      for (GrantedAuthority gra : authentication.getAuthorities()) { 
        if (needRole.trim().equals(gra.getAuthority().trim())) { 
          return; 
        } 
      } 
    } 
    throw new AccessDeniedException("Access Denied"); 
 
 
  } 
 
  @Override 
  public boolean supports(ConfigAttribute attribute) { 
     
    return true; 
  } 
 
  @Override 
  public boolean supports(Class<?> clazz) { 
     
    return true; 
  } 
 
}

2、CustomFilterInvocationSecurityMetadataSource.java

package org.nercita.bcp.system.service; 
 
import java.util.ArrayList; 
import java.util.Collection; 
import java.util.HashMap; 
import java.util.Iterator; 
import java.util.List; 
 
import javax.annotation.PostConstruct; 
 
import org.nercita.bcp.system.domain.Authority; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.security.access.ConfigAttribute; 
import org.springframework.security.access.SecurityConfig; 
import org.springframework.security.web.FilterInvocation; 
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; 
import org.springframework.stereotype.Service; 
 
/** 
 * 該類是資源的訪問權(quán)限的定義，實(shí)現(xiàn)資源和訪問權(quán)限的對(duì)應(yīng)關(guān)系 
 * 該類的主要作用是在Spring Security的整個(gè)過濾鏈啟動(dòng)后， 
 * 在容器啟動(dòng)的時(shí)候，程序就會(huì)進(jìn)入到該類中的init()方法，init調(diào)用了loadResourceDefine()方法， 
 * 該方法的主要目的是將數(shù)據(jù)庫中的所有資源與權(quán)限讀取到本地緩存中保存起來！ 
 * 類中的resourceMap就是保存的所有資源和權(quán)限的集合，URL為Key，權(quán)限作為Value！ 
 *  
 * @author zhangwenchao 
 * 
 */ 
@Service("customFilterInvocationSecurityMetadataSource") 
public class CustomFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource { 
   
  @Autowired 
  private AuthorityService authorityService; 
   
  //使用的是AntUrlPathMatcher這個(gè)path matcher來檢查URL是否與資源定義匹配 
  //private RequestMatcher urlMatcher = null;  
   
  //resourceMap就是保存的所有資源和權(quán)限的集合，URL為Key，權(quán)限作為Value！  
  private static HashMap<String, Collection<ConfigAttribute>> resourceMap = null;  
   
  /**  
   *  
   * 自定義方法，這個(gè)類放入到Spring容器后，  
   * 指定init為初始化方法，從數(shù)據(jù)庫中讀取資源  
   */  
  @PostConstruct    
  public void init() {  
    loadResourceDefine();  
  } 
   
  /** 
   *  
   * 程序啟動(dòng)的時(shí)候就加載所有資源信息 
   * 初始化資源與權(quán)限的映射關(guān)系 
   */ 
  private void loadResourceDefine() { 
 
    // 在Web服務(wù)器啟動(dòng)時(shí)，提取系統(tǒng)中的所有權(quán)限authority.name.     
    List<Authority> authorities = authorityService.findAll(); 
     
    //應(yīng)當(dāng)是資源為key， 權(quán)限為value。 資源通常為url， 權(quán)限就是那些以ROLE_為前綴的角色。 一個(gè)資源可以由多個(gè)權(quán)限來訪問。       
    resourceMap = new HashMap<String, Collection<ConfigAttribute>>(); 
     
    if(authorities!=null && authorities.size()>0 ) 
      for (Authority auth : authorities) {   
        String authName = auth.getCode(); //獲取權(quán)限的name 是以 ROLE_為前綴的代碼值      
        ConfigAttribute ca = new SecurityConfig(authName); //將ROLE_XXX 封裝成spring的權(quán)限配置屬性                
        //根據(jù)權(quán)限名獲取所有資源 
        String url = auth.getResourceUrl();        
        //判斷資源文件和權(quán)限的對(duì)應(yīng)關(guān)系，如果已經(jīng)存在相關(guān)的資源url，則要通過該url為key提取出權(quán)限集合，將權(quán)限增加到權(quán)限集合中。           
        if (resourceMap.containsKey(url)) { //如果已存在url 加入權(quán)限 
          Collection<ConfigAttribute> value = resourceMap.get(url); 
          value.add(ca); 
          resourceMap.put(url, value); 
        } else {//如果不存存在url 加入url和權(quán)限 
          Collection<ConfigAttribute> atts = new ArrayList<ConfigAttribute>(); 
          atts.add(ca); 
          resourceMap.put(url, atts); 
        } 
         
 
   
      } 
 
  } 
   
  /** 
   * 根據(jù)URL獲取該URL權(quán)限的配置 
   */ 
  @Override 
  public Collection<ConfigAttribute> getAttributes(Object object) 
      throws IllegalArgumentException { 
    //object是一個(gè)URL ,為用戶請(qǐng)求URL 
    String url = ((FilterInvocation)object).getRequestUrl();    
    int firstQuestionMarkIndex = url.indexOf("?"); 
    if (firstQuestionMarkIndex != -1) { 
      url = url.substring(0, firstQuestionMarkIndex); 
    } 
    Iterator<String> iter = resourceMap.keySet().iterator();  
     
    String matchUrl=null;//匹配url 
    //取到請(qǐng)求的URL后與上面取出來的資源做比較 
    while (iter.hasNext()) { 
      String resURL = iter.next(); 
 
     // if(urlMatcher.pathMatchesUrl(resURL,url)){ 
       if(url.startsWith(resURL)){ 
//         return resourceMap.get(resURL); //返回權(quán)限的集合 
         //初次匹配或當(dāng)前匹配的url更長則更新匹配url 
         if(matchUrl==null||matchUrl.length()<resURL.length()) 
           matchUrl=resURL; 
       }        
         
    } 
    if(matchUrl!=null){ 
      //如果存在匹配的url則返回需具備的權(quán)限 
//     System.out.println(matchUrl+"-------"+resourceMap.get(matchUrl)); 
      return resourceMap.get(matchUrl); 
    } 
    // 當(dāng)系統(tǒng)中沒配資源權(quán)限url，用戶在訪問這個(gè)資源的情況下，返回null 表示放行 ， 
    // 如果當(dāng)系統(tǒng)分配了資源url,但是這個(gè)用戶立屬的角色沒有則 提示用戶無權(quán)訪問這個(gè)頁面 
    return null; 
 
 
  } 
 
  /* 
   * @return 
   * @link org.springframework.security.access.SecurityMetadataSource#getAllConfigAttributes() 
   */ 
 
  @Override 
  public Collection<ConfigAttribute> getAllConfigAttributes() { 
     
    return null; 
  } 
 
  @Override 
  public boolean supports(Class<?> clazz) { 
     
    return true; 
  } 
 
 
   
 
   
 
}

3、CustomFilterSecurityInterceptor.java

package org.nercita.bcp.system.service; 
 
import java.io.IOException; 
 
import javax.annotation.Resource; 
import javax.servlet.Filter; 
import javax.servlet.FilterChain; 
import javax.servlet.FilterConfig; 
import javax.servlet.ServletException; 
import javax.servlet.ServletRequest; 
import javax.servlet.ServletResponse; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
 
import org.nercita.bcp.system.util.LogInfoService; 
import org.springframework.security.access.AccessDeniedException; 
 
import org.springframework.beans.factory.annotation.Qualifier; 
import org.springframework.security.access.AccessDecisionManager; 
import org.springframework.security.access.SecurityMetadataSource; 
import org.springframework.security.access.intercept.AbstractSecurityInterceptor; 
import org.springframework.security.access.intercept.InterceptorStatusToken; 
import org.springframework.security.authentication.AuthenticationManager; 
import org.springframework.security.web.FilterInvocation; 
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; 
import org.springframework.stereotype.Service; 
 
@Service("customFilterSecurityInterceptor")  
public class CustomFilterSecurityInterceptor extends 
    AbstractSecurityInterceptor implements Filter { 
   
  // 注入資源數(shù)據(jù)定義器 
  @Resource  
  @Qualifier("customFilterInvocationSecurityMetadataSource") 
  private FilterInvocationSecurityMetadataSource securityMetadataSource; 
   
  // 注入訪問決策器 
  @Resource  
  @Qualifier("customAccessDecisionManager") 
  @Override 
  public void setAccessDecisionManager(AccessDecisionManager accessDecisionManager){ 
    super.setAccessDecisionManager(accessDecisionManager); 
  } 
  // 注入認(rèn)證管理器 
  @Resource  
  @Qualifier("authenticationManager")  
  @Override 
  public void setAuthenticationManager(AuthenticationManager newManager) { 
    super.setAuthenticationManager(newManager); 
  } 
   
  @Override 
  public void doFilter(ServletRequest request, ServletResponse response, 
      FilterChain chain) throws IOException, ServletException { 
     
    HttpServletRequest httpRequest = (HttpServletRequest)request;   
    HttpServletResponse httpResponse = (HttpServletResponse)response; 
     
    // 用戶未登錄情況下 通過在地址欄輸入有效的url 訪問系統(tǒng) 可能造成系統(tǒng)出現(xiàn)問題，所以限制匿名用戶登錄 自動(dòng)跳轉(zhuǎn)到登錄頁面 
    if(LogInfoService.getLoginUserName()==null){ 
       httpResponse.sendRedirect(httpRequest.getContextPath()+"/login.jsp");  
       return;   
     } 
        
    FilterInvocation fi = new FilterInvocation(request, response, chain);   
    invoke(fi);   
 
  } 
   
  /** 
   *  
   * @param fi  
   * @throws ServletException  
   * @throws IOException  
   */ 
  private void invoke(FilterInvocation fi) throws IOException, ServletException { 
//    InterceptorStatusToken token = super.beforeInvocation(fi); 
//    try { 
//      fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); 
//    } finally { 
//      super.afterInvocation(token, null); 
//    } 
     
     
    InterceptorStatusToken token = null;   
    try {   
       token = super.beforeInvocation(fi); 
        
    } catch (Exception e) {   
       
      // 用戶登錄情況下 系統(tǒng)中存在用戶訪問的資源url和權(quán)限，但是當(dāng)前用戶的角色中沒有這個(gè)權(quán)限 所以提示跳轉(zhuǎn)用戶無權(quán)訪問的頁面 
      if( e instanceof AccessDeniedException){ 
 
//       HttpServletRequest httpRequest = fi.getRequest();   
//       HttpServletResponse httpResponse = fi.getResponse();   
//                
//       String path = httpRequest.getContextPath(); 
//       String basePath = httpRequest.getScheme()+"://"+httpRequest.getServerName()+":"+httpRequest.getServerPort()+path+"/"; 
 
//       httpResponse.setStatus(HttpServletResponse.SC_NOT_ACCEPTABLE);   
         
//       RequestDispatcher dispatcher = httpRequest.getRequestDispatcher(basePath+"/common/403.jsp");   
//        
//       dispatcher.forward(httpRequest, httpResponse);   
 
//       httpResponse.sendRedirect(basePath+"/common/403.jsp");  
        throw new AccessDeniedException("用戶無權(quán)訪問");  
      } 
       return; 
     }   
          
        try {   
          fi.getChain().doFilter(fi.getRequest(), fi.getResponse());   
       } finally {   
          super.afterInvocation(token, null);   
       }   
 
     
  } 
 
 
  @Override 
  public void init(FilterConfig arg0) throws ServletException { 
     
 
  } 
 
  @Override 
  public Class<? extends Object> getSecureObjectClass() { 
     
    return FilterInvocation.class;  
  } 
 
  @Override 
  public SecurityMetadataSource obtainSecurityMetadataSource() { 
     
    return this.securityMetadataSource; 
  } 
   
  @Override 
  public void destroy() { 
     
 
  } 
   
  public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() { 
    return securityMetadataSource; 
  } 
   
  public void setSecurityMetadataSource( 
      FilterInvocationSecurityMetadataSource securityMetadataSource) { 
    this.securityMetadataSource = securityMetadataSource; 
  } 
 
}

3、核心處理類：CustomUserDetailsService.java

package org.nercita.bcp.system.service; 
 
import java.util.ArrayList; 
import java.util.Collection; 
import java.util.Iterator; 
import java.util.List; 
import java.util.Set; 
 
import javax.annotation.Resource; 
 
import org.nercita.bcp.system.dao.AuthorityDao; 
import org.nercita.bcp.system.dao.UserDao; 
import org.nercita.bcp.system.domain.Authority; 
import org.nercita.bcp.system.domain.User; 
import org.nercita.bcp.system.domain.reference.UserDetail; 
import org.nercita.bcp.system.domain.reference.UserState; 
import org.nercita.bcp.system.domain.reference.UserType; 
import org.springframework.dao.DataAccessException; 
import org.springframework.security.core.GrantedAuthority; 
import org.springframework.security.core.authority.SimpleGrantedAuthority; 
import org.springframework.security.core.userdetails.UserDetails; 
import org.springframework.security.core.userdetails.UserDetailsService; 
import org.springframework.security.core.userdetails.UsernameNotFoundException; 
import org.springframework.stereotype.Service; 
 
/** 
 * 該類是用戶信息的定義和驗(yàn)證 
 * 這個(gè)類主要是處理用戶登錄信息，在用戶輸入用戶名和密碼后， 
 * spring security會(huì)帶著用戶名調(diào)用類里面的loadUserByUsername(usrename)方法， 
 * 通過用戶名查出用戶信息，然后把數(shù)據(jù)庫中查出的用戶密碼和剛剛用戶輸入的存儲(chǔ)在session中的密碼做比較，然后判斷該用戶是否合法！  
 * 
 */ 
@Service("customUserDetailsService") 
public class CustomUserDetailsService implements UserDetailsService { 
  //用戶持久類 
  @Resource(name="userDao") 
  private UserDao userDao; 
 
  @Resource(name="authorityDao") 
  private AuthorityDao authorityDao; 
   
  @Override 
  public UserDetails loadUserByUsername(String userName) 
      throws UsernameNotFoundException, DataAccessException { 
    //根據(jù)登錄名獲取登陸用戶   
    User user = userDao.findByName(userName); 
    if(null == user) {  
       throw new UsernameNotFoundException("用戶" + userName + "不存在");  
    }     
    //根據(jù)用戶的 類型獲取用戶權(quán)限 
    if(user.getUserType() == UserType.SysAdmin){ //用戶類型為0, 表示是系統(tǒng)平臺(tái)管理員用戶      
      Collection<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();      
      List<Authority> authorities = authorityDao.findAll(); //獲取系統(tǒng)中所有權(quán)限 
      for(Iterator<Authority> iter =authorities.iterator();iter.hasNext();){  
        auths.add(new SimpleGrantedAuthority(iter.next().getCode()));   
      }       
      //UserDetail userDetail = new UserDetail(userName, user.getPassword(), true, true, true, true, auths);  
      //修改為前臺(tái)系統(tǒng)，不能讓系統(tǒng)管理員登陸 
      UserDetail userDetail = new UserDetail(userName, user.getPassword(), false, true, true, true, auths);      
      userDetail.setUserGroupId(user.getUserGroup().getId()); 
      userDetail.setRealName(user.getRealName()); 
      userDetail.setUserType(user.getUserType()); 
      return userDetail;  
    }else if(user.getUserType() == UserType.TeamAdmin){ //團(tuán)隊(duì)管理員 
      //用戶是否可用 
      boolean enabled = user.getEnabled(); 
      //獲取團(tuán)隊(duì)管理員的所有權(quán)限 
      Set<Authority> authorities = user.getAuthoritySet(); 
      Collection<GrantedAuthority> auths = new ArrayList<GrantedAuthority>(); 
      for(Iterator<Authority> iter=authorities.iterator();iter.hasNext();){ 
        auths.add(new SimpleGrantedAuthority(iter.next().getCode())); 
      } 
      //因?yàn)閟pring security包中的User也實(shí)現(xiàn)了UserDetails，所以也可以直接返回User  
      UserDetail userDetail =null; 
      if(UserState.Enable == user.getUserState()){ 
        userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, true, auths); 
      }else{ 
        userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, false, auths); 
        //throw new LockedException("用戶" + userName + "被鎖定"); 
      } 
      userDetail.setUserGroupId(user.getUserGroup().getId()); 
      userDetail.setTeamGroupId(user.getUserGroup().getId()); 
      userDetail.setRealName(user.getRealName()); 
      userDetail.setUserType(user.getUserType()); 
      return userDetail; 
   
    }else{//團(tuán)隊(duì)用戶 
      //用戶是否可用 
      boolean enabled = user.getEnabled();       
      Set<Authority> authorities = user.getAuthoritySet();    
      Collection<GrantedAuthority> auths = new ArrayList<GrantedAuthority>(); 
      for(Iterator<Authority> iter=authorities.iterator();iter.hasNext();){ 
        auths.add(new SimpleGrantedAuthority(iter.next().getCode())); 
      } 
      //因?yàn)閟pring security包中的User也實(shí)現(xiàn)了UserDetails，所以也可以直接返回User  
      UserDetail userDetail =null; 
       
      if(user.getUserGroup().getTeamAdmin().getUserState()==UserState.Disable){//如果團(tuán)隊(duì)管理員被禁用，其下屬團(tuán)隊(duì)用也不能登錄 
        userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, false, auths); 
        return userDetail; 
      } 
       
      if(UserState.Enable == user.getUserState()){ 
        userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, true, auths); 
      }else{ 
        userDetail = new UserDetail(userName, user.getPassword(), enabled, true, true, false, auths); 
        //throw new LockedException("用戶" + userName + "被鎖定"); 
      } 
      userDetail.setUserGroupId(user.getUserGroup().getId()); 
      userDetail.setTeamGroupId(user.getUserGroup().getTeamAdmin().getUserGroup().getId()); 
      userDetail.setRealName(user.getRealName()); 
      userDetail.setUserType(user.getUserType()); 
      return userDetail; 
       
    } 
     
  } 
 
}

4.附加類登錄成功和退出成功處理

1、CustomSavedRequestAwareAuthenticationSuccessHandler.java

package org.nercita.bcp.system.service; 
 
import java.io.IOException; 
import java.util.Date; 
import java.util.Iterator; 
import java.util.List; 
 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import javax.servlet.http.HttpSession; 
 
import org.apache.logging.log4j.LogManager; 
import org.apache.logging.log4j.Logger; 
import org.nercita.bcp.basic.domain.Crop; 
import org.nercita.bcp.system.domain.SystemLog; 
import org.nercita.bcp.system.domain.User; 
import org.nercita.bcp.system.domain.reference.UserType; 
import org.nercita.bcp.system.util.LogInfoService; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.security.core.Authentication; 
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; 
import org.springframework.security.web.savedrequest.RequestCache; 
 
public class CustomSavedRequestAwareAuthenticationSuccessHandler extends 
    SavedRequestAwareAuthenticationSuccessHandler { 
  // 增加登錄日志 
  private static Logger logger = LogManager.getLogger(CustomSavedRequestAwareAuthenticationSuccessHandler.class); 
   
  @Autowired 
  private SystemLogService systemLogService; 
   
  @Autowired 
  private UserService userService; 
   
  @Override 
  public void onAuthenticationSuccess(HttpServletRequest request, 
      HttpServletResponse response, Authentication authentication) 
      throws ServletException, IOException { 
     
    System.out.println("用戶登錄成功處理。。。。"); 
    User u = LogInfoService.getLoginUser(); 
    HttpSession session =request.getSession(); 
    if(u.getUserType()==UserType.TeamAdmin ){//用戶為團(tuán)隊(duì)管理員 
      List<Crop> croplist = u.getCropSet(); 
      for(Iterator<Crop> iter = croplist.iterator();iter.hasNext();){//去除被禁止的作物 
        String status = userService.getUserCropStatus(u.getId(),iter.next().getId()); 
        if(status!=null && !status.equals("1")){ 
          iter.remove(); 
        }         
      } 
      session.setAttribute("croplist", croplist);  
    }else if(u.getUserType()==UserType.TeamUser){//用戶為普通用戶 
      List<Crop> croplist = u.getCropSet(); 
      for(Iterator<Crop> iter = croplist.iterator();iter.hasNext();){//去除團(tuán)隊(duì)管理員被禁止的作物 
        String status = userService.getUserCropStatus(u.getUserGroup().getTeamAdmin().getId(),iter.next().getId()); 
        if(status!=null && !status.equals("1")){ 
          iter.remove(); 
        }         
      } 
      session.setAttribute("croplist", croplist); 
    }else{//用戶為系統(tǒng)管理員 
      session.setAttribute("croplist", LogInfoService.getAllCrops()); 
    }  
    String userName = authentication.getName(); //用戶名 
    String address = request.getRemoteAddr(); //遠(yuǎn)程地址 
    //寫入日志 
    systemLogService.save(new SystemLog(address, "登錄", "用戶登錄系統(tǒng)", userName, new Date())); 
    logger.info("用戶" + userName + "在地址" + address + "登入系統(tǒng)，時(shí)間："+new Date()); 
    super.onAuthenticationSuccess(request, response, authentication);   
 
  } 
 
  @Override 
  public void setRequestCache(RequestCache requestCache) { 
     
    super.setRequestCache(requestCache); 
  } 
   
   
 
}

2、CustomLogoutSuccessHandler.java

package org.nercita.bcp.system.service; 
 
 
import java.io.IOException; 
import java.text.SimpleDateFormat; 
import java.util.Date; 
 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
 
import org.apache.logging.log4j.LogManager; 
import org.apache.logging.log4j.Logger; 
import org.nercita.bcp.system.domain.SystemLog; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.security.core.Authentication; 
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler; 
 
public class CustomLogoutSuccessHandler extends SimpleUrlLogoutSuccessHandler { 
   
  private static Logger logger = LogManager.getLogger(CustomLogoutSuccessHandler.class); 
  @Autowired 
  private SystemLogService systemLogService; 
  @Override 
  public void onLogoutSuccess(HttpServletRequest request, 
      HttpServletResponse response, Authentication authentication) 
      throws IOException, ServletException { 
    System.out.println("用戶退出成功處理。。。。");  
    String userName = authentication.getName(); //用戶名 
    String address = request.getRemoteAddr(); //遠(yuǎn)程地址 
    systemLogService.save(new SystemLog(address, "退出", "用戶退出系統(tǒng)", userName, new Date())); 
    logger.info("日志：ip:"+request.getRemoteAddr() +"host:"+request.getRemoteHost()+"退出時(shí)間："+new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));  
     
    super.onLogoutSuccess(request, response, authentication); 
   
     
  } 
 
 
 
}

3、實(shí)體Bean

1、User.java

package org.nercita.bcp.system.domain; 
 
import java.util.ArrayList; 
import java.util.Date; 
import java.util.HashSet; 
import java.util.List; 
import java.util.Set; 
 
import javax.persistence.Cacheable; 
import javax.persistence.CascadeType; 
import javax.persistence.Column; 
import javax.persistence.Entity; 
import javax.persistence.FetchType; 
import javax.persistence.JoinColumn; 
import javax.persistence.ManyToMany; 
import javax.persistence.ManyToOne; 
import javax.persistence.Table; 
import javax.persistence.Temporal; 
import javax.persistence.TemporalType; 
 
import org.hibernate.annotations.Cache; 
import org.hibernate.annotations.CacheConcurrencyStrategy; 
import org.nercita.bcp.basic.domain.Crop; 
import org.nercita.bcp.system.domain.reference.ExamineStatus; 
import org.nercita.bcp.system.domain.reference.UserState; 
import org.nercita.bcp.system.domain.reference.UserType; 
import org.nercita.core.orm.BaseUidEntity; 
 
import com.alibaba.fastjson.annotation.JSONField; 
 
 
/** 
 * 用戶實(shí)體 
 * @author zhangwenchao 
 */ 
@Entity 
@Table(name = "T_P_User") 
@Cacheable 
@Cache(usage = CacheConcurrencyStrategy.READ_WRITE) 
public class User extends BaseUidEntity { 
 
  private static final long serialVersionUID = -2512321822386351911L; 
 
  // 用戶名 
  @Column(length = 64, unique = true, nullable = false) 
  private String name; 
 
  // 密碼 
  @Column(length = 64, nullable = false) 
  private String password; 
 
  // 真實(shí)姓名 
  @Column(length = 64, nullable = false) 
  private String realName; 
 
  // 手機(jī) 
  @Column(length = 13) 
  private String phone; 
 
  // 公司或單位 
  @Column(length = 64) 
  private String company; 
 
  // 電子郵件 
  @Column(length = 64) 
  private String email; 
 
  // 是否可用 
  private Boolean enabled; 
 
  // 激活碼 
  @Column(unique=true,nullable=true) 
  private String activationCode; 
   
   
  // 重置碼 
  @Column(unique=true,nullable=true) 
  private String resetCode; 
 
  /* 
   * 用戶類型: 0：平臺(tái)管理員 1：團(tuán)隊(duì)管理員 2：團(tuán)隊(duì)用戶 
   */ 
  private UserType userType; 
 
  /* 
   * 用戶狀態(tài) 0：禁用(未激活) 1：啟用（激活） 
   */ 
  private UserState userState = UserState.Disable; 
   
   
  /* 
   * 是否黑名單  0：白名單  1：黑名單 
   */ 
  @Column(length=1) 
  private int abolished=0; 
   
   
  //用戶代號(hào) 
  @Column(length=1) 
  private String userMark; 
   
  //PDA imei信息 
  @Column(nullable=true) 
  private String imei; 
 
  // 用戶所在用戶組 
  @ManyToOne(optional = true, cascade = {CascadeType.PERSIST,CascadeType.MERGE}) 
  @JoinColumn(name = "userGroup_id") 
  private UserGroup userGroup; 
 
  //權(quán)限集合 
  @ManyToMany(fetch = FetchType.LAZY) 
  @JSONField(serialize=false) 
  private Set<Authority> authoritySet = new HashSet<Authority>(); 
 
  // 用戶所屬的作物集合 
  @ManyToMany(fetch = FetchType.EAGER) 
// @JSONField(serialize=false) 
  private List<Crop> cropSet = new ArrayList<Crop>(); 
 
  // 用戶的菜單包 
  @ManyToOne(optional = true, fetch = FetchType.EAGER) 
  @JSONField(serialize=false) 
  private MenuPackage menuPackage; 
 
  // 用戶的團(tuán)隊(duì)配置 
  @ManyToOne(optional = true, fetch = FetchType.EAGER) 
  @JSONField(serialize=false) 
  private CollocateTeam collocateTeam; 
   
  //注冊(cè)時(shí)間 
  private Date registData; 
   
  //截止日期 
  private Date expirationDate; 
   
  //審核狀態(tài)（未審核、已上傳、已審核） 
  private ExamineStatus examineStatus; 
   
  //審核材料路徑 
  private String certificationUrls; 
   
  // 記錄人 
  @Column(updatable = false) 
  private String recorder; 
 
  // 記錄時(shí)間 
  @Temporal(TemporalType.TIMESTAMP) 
  @Column(updatable = false) 
  private Date recordTime; 
 
  // 修改人 
  private String modifier; 
 
  // 修改時(shí)間 
  @Temporal(TemporalType.TIMESTAMP) 
  @Column(updatable = true) 
  private Date modifyTime; 
 
  @Column(length = 255) 
  private String remark; 
   
   
 
  public String getName() { 
    return name; 
  } 
 
  public void setName(String name) { 
    this.name = name; 
  } 
 
  public String getPassword() { 
    return password; 
  } 
 
  public void setPassword(String password) { 
    this.password = password; 
  } 
 
  public String getRealName() { 
    return realName; 
  } 
 
  public void setRealName(String realName) { 
    this.realName = realName; 
  } 
 
  public String getPhone() { 
    return phone; 
  } 
 
  public void setPhone(String phone) { 
    this.phone = phone; 
  } 
 
  public String getCompany() { 
    return company; 
  } 
 
  public void setCompany(String company) { 
    this.company = company; 
  } 
 
  public String getEmail() { 
    return email; 
  } 
 
  public void setEmail(String email) { 
    this.email = email; 
  } 
 
  public String getActivationCode() { 
    return activationCode; 
  } 
 
  public void setActivationCode(String activationCode) { 
    this.activationCode = activationCode; 
  } 
 
  public String getResetCode() { 
    return resetCode; 
  } 
 
  public void setResetCode(String resetCode) { 
    this.resetCode = resetCode; 
  } 
 
  public Boolean getEnabled() { 
    return enabled; 
  } 
 
  public void setEnabled(Boolean enabled) { 
    this.enabled = enabled; 
  } 
 
  public UserType getUserType() { 
    return userType; 
  } 
 
  public void setUserType(UserType userType) { 
    this.userType = userType; 
  } 
 
  public String getImei() { 
    return imei; 
  } 
 
  public void setImei(String imei) { 
    this.imei = imei; 
  } 
 
  public UserState getUserState() { 
    return userState; 
  } 
 
  public void setUserState(UserState userState) { 
    this.userState = userState; 
  } 
   
 
  public int getAbolished() { 
    return abolished; 
  } 
 
  public void setAbolished(int abolished) { 
    this.abolished = abolished; 
  } 
 
  public UserGroup getUserGroup() { 
    return userGroup; 
  } 
 
  public void setUserGroup(UserGroup userGroup) { 
    this.userGroup = userGroup; 
  } 
 
  public Set<Authority> getAuthoritySet() { 
    return authoritySet; 
  } 
 
  public void setAuthoritySet(Set<Authority> authoritySet) { 
    this.authoritySet = authoritySet; 
  } 
 
   
 
  public List<Crop> getCropSet() { 
    return cropSet; 
  } 
 
  public void setCropSet(List<Crop> cropSet) { 
    this.cropSet = cropSet; 
  } 
 
  public MenuPackage getMenuPackage() { 
    return menuPackage; 
  } 
 
  public void setMenuPackage(MenuPackage menuPackage) { 
    this.menuPackage = menuPackage; 
  } 
 
  public CollocateTeam getCollocateTeam() { 
    return collocateTeam; 
  } 
 
  public void setCollocateTeam(CollocateTeam collocateTeam) { 
    this.collocateTeam = collocateTeam; 
  } 
 
  public String getRecorder() { 
    return recorder; 
  } 
 
  public void setRecorder(String recorder) { 
    this.recorder = recorder; 
  } 
 
  public Date getRecordTime() { 
    return recordTime; 
  } 
 
  public void setRecordTime(Date recordTime) { 
    this.recordTime = recordTime; 
  } 
 
  public String getModifier() { 
    return modifier; 
  } 
 
  public void setModifier(String modifier) { 
    this.modifier = modifier; 
  } 
 
  public Date getModifyTime() { 
    return modifyTime; 
  } 
 
  public void setModifyTime(Date modifyTime) { 
    this.modifyTime = modifyTime; 
  } 
 
  public String getRemark() { 
    return remark; 
  } 
 
  public void setRemark(String remark) { 
    this.remark = remark; 
  }   
 
  public String getUserMark() { 
    return userMark; 
  } 
 
  public void setUserMark(String userMark) { 
    this.userMark = userMark; 
  } 
 
  public User() { 
     
  } 
   
   
  public Date getRegistData() { 
    return registData; 
  } 
 
  public void setRegistData(Date registData) { 
    this.registData = registData; 
  } 
 
  public Date getExpirationDate() { 
    return expirationDate; 
  } 
 
  public void setExpirationDate(Date expirationDate) { 
    this.expirationDate = expirationDate; 
  } 
   
 
  public ExamineStatus getExamineStatus() { 
    return examineStatus; 
  } 
 
  public void setExamineStatus(ExamineStatus examineStatus) { 
    this.examineStatus = examineStatus; 
  } 
   
 
  public String getCertificationUrls() { 
    return certificationUrls; 
  } 
 
  public void setCertificationUrls(String certificationUrls) { 
    this.certificationUrls = certificationUrls; 
  } 
 
  public User(String name, String password, String realName, Boolean enabled, 
      UserType userType, UserState userState) { 
    super(); 
    this.name = name; 
    this.password = password; 
    this.realName = realName; 
    this.enabled = enabled; 
    this.userType = userType; 
    this.userState = userState; 
  } 
 
}

2.Authority.java

package org.nercita.bcp.system.domain; 
 
import java.util.Date; 
 
import javax.persistence.Cacheable; 
import javax.persistence.CascadeType; 
import javax.persistence.Column; 
import javax.persistence.Entity; 
import javax.persistence.JoinColumn; 
import javax.persistence.ManyToOne; 
import javax.persistence.Table; 
import javax.persistence.Temporal; 
import javax.persistence.TemporalType; 
 
import org.hibernate.annotations.Cache; 
import org.hibernate.annotations.CacheConcurrencyStrategy; 
import org.hibernate.annotations.Index; 
import org.nercita.core.orm.BaseUidEntity; 
 
/** 
 * 用戶權(quán)限 
 * @author zhangwenchao 
 * 
 */ 
@SuppressWarnings("deprecation") 
@Entity 
@Table(name="T_P_Authority") 
@Cacheable  
@Cache(usage=CacheConcurrencyStrategy.READ_WRITE) 
public class Authority extends BaseUidEntity{ 
 
  private static final long serialVersionUID = 1558957611918721365L; 
   
  //ROLE_"為前綴的代碼 
  @Column(length=64, nullable=false, unique=true) 
  @Index(name="Index_Authority_code") 
  private String code; 
 
  //權(quán)限名稱 
  @Column(length=64,nullable=false) 
  private String name; 
   
  //父權(quán)限 
  @ManyToOne 
  private Authority parentAuthority; 
   
  //資源路徑 
  private String resourceUrl; 
   
  //是否為父權(quán)限 
  private boolean isParent; 
   
  //權(quán)限樹形深度 
  private Integer deepLevel = 0; 
   
   
  //權(quán)限是否可用 
  private boolean enabled=true; 
   
  //所屬菜單 
  @ManyToOne(optional = true, cascade = {CascadeType.PERSIST}) 
  @JoinColumn(name="menu_id") 
  private Menu menu;  
   
   
  //記錄人 
  @Column(updatable = false) 
  private String recorder; 
   
   
  private Integer orderNum = 0; 
   
   
  //記錄時(shí)間 
  @Temporal(TemporalType.TIMESTAMP) 
  @Column(updatable = false) 
  private Date recordTime; 
   
  //修改人 
  private String modifier; 
   
   
  //修改時(shí)間 
  @Temporal(TemporalType.TIMESTAMP) 
  @Column(updatable = true) 
  private Date modifyTime; 
   
  //備注 
  @Column(length=255) 
  private String remark; 
   
  public Integer getOrderNum() { 
    return orderNum; 
  } 
 
  public void setOrderNum(Integer orderNum) { 
    this.orderNum = orderNum; 
  } 
 
  public String getCode() { 
    return code; 
  } 
 
  public void setCode(String code) { 
    this.code = code; 
  } 
 
  public String getName() { 
    return name; 
  } 
 
  public void setName(String name) { 
    this.name = name; 
  } 
 
  public Authority getParentAuthority() { 
    return parentAuthority; 
  } 
 
  public void setParentAuthority(Authority parentAuthority) { 
    this.parentAuthority = parentAuthority; 
  } 
 
  public String getResourceUrl() { 
    return resourceUrl; 
  } 
 
  public void setResourceUrl(String resourceUrl) { 
    this.resourceUrl = resourceUrl; 
  } 
 
  public boolean isParent() { 
    return isParent; 
  } 
 
  public void setParent(boolean isParent) { 
    this.isParent = isParent; 
  } 
 
  public Integer getDeepLevel() { 
    return deepLevel; 
  } 
 
  public void setDeepLevel(Integer deepLevel) { 
    this.deepLevel = deepLevel; 
  } 
 
  public boolean isEnabled() { 
    return enabled; 
  } 
 
  public void setEnabled(boolean enabled) { 
    this.enabled = enabled; 
  } 
 
  public Menu getMenu() { 
    return menu; 
  } 
 
  public void setMenu(Menu menu) { 
    this.menu = menu; 
  } 
 
  public String getRecorder() { 
    return recorder; 
  } 
 
  public void setRecorder(String recorder) { 
    this.recorder = recorder; 
  } 
 
  public Date getRecordTime() { 
    return recordTime; 
  } 
 
  public void setRecordTime(Date recordTime) { 
    this.recordTime = recordTime; 
  } 
 
  public String getModifier() { 
    return modifier; 
  } 
 
  public void setModifier(String modifier) { 
    this.modifier = modifier; 
  } 
 
  public Date getModifyTime() { 
    return modifyTime; 
  } 
 
  public void setModifyTime(Date modifyTime) { 
    this.modifyTime = modifyTime; 
  } 
 
  public String getRemark() { 
    return remark; 
  } 
 
  public void setRemark(String remark) { 
    this.remark = remark; 
  } 
 
  @Override 
  public int hashCode() { 
    final int prime = 31; 
    int result = 1; 
    result = prime * result + ((code == null) ? 0 : code.hashCode()); 
    return result; 
  } 
 
  @Override 
  public boolean equals(Object obj) { 
    if (this == obj) 
      return true; 
    if (obj == null) 
      return false; 
    if (getClass() != obj.getClass()) 
      return false; 
    Authority other = (Authority) obj; 
    if (code == null) { 
      if (other.code != null) 
        return false; 
    } else if (!code.equals(other.code)) 
      return false; 
    return true; 
  } 
   
   
   
  
   
 
}

3. UserGroup.java

package org.nercita.bcp.system.domain; 
 
import java.util.ArrayList; 
import java.util.Date; 
import java.util.HashSet; 
import java.util.List; 
import java.util.Set; 
 
import javax.persistence.Cacheable; 
import javax.persistence.CascadeType; 
import javax.persistence.Column; 
import javax.persistence.Entity; 
import javax.persistence.FetchType; 
import javax.persistence.JoinColumn; 
import javax.persistence.ManyToOne; 
import javax.persistence.OneToMany; 
import javax.persistence.Table; 
import javax.persistence.Temporal; 
import javax.persistence.TemporalType; 
 
import org.hibernate.annotations.Cache; 
import org.hibernate.annotations.CacheConcurrencyStrategy; 
import org.nercita.core.orm.BaseUidEntity; 
 
import com.alibaba.fastjson.annotation.JSONField; 
 
@Entity 
@Table(name="T_P_UserGroup") 
@Cacheable  
@Cache(usage=CacheConcurrencyStrategy.READ_WRITE) 
 
public class UserGroup extends BaseUidEntity{ 
   
 
  private static final long serialVersionUID = -2723021723072060418L; 
   
  //用戶組名 
  private String name; 
   
  //父用戶組 ---允許為空 
  @ManyToOne(optional=true,cascade=CascadeType.PERSIST,fetch=FetchType.EAGER) 
  private UserGroup parentUserGroup; 
   
   
  //子用戶組 
  @OneToMany(mappedBy="parentUserGroup") 
  @JSONField(serialize=false) 
  private Set<UserGroup> childrenUserGroups = new HashSet<UserGroup>(); 
   
  //該用戶組的團(tuán)隊(duì)管理員 
  @ManyToOne(optional=true, cascade=CascadeType.PERSIST) 
  @JoinColumn(name="teamAdmin_id") 
  private User teamAdmin; 
   
   
  //組內(nèi)用戶列表 
  @OneToMany(mappedBy="userGroup") 
  @JSONField(serialize=false) 
  private List<User> userList = new ArrayList<User>(); 
   
  //用戶組深度級(jí)別 ：0：團(tuán)隊(duì)管理員， 1...N：子用戶 
  @Column(nullable=false) 
  private Integer deepLevel; 
   
  //記錄人 
  @Column(updatable = false) 
  private String recorder; 
   
  //記錄時(shí)間 
  @Temporal(TemporalType.TIMESTAMP) 
  @Column(updatable = false) 
  private Date recordTime; 
   
  //修改人 
  private String modifier; 
   
   
  //修改時(shí)間 
  @Temporal(TemporalType.TIMESTAMP) 
  @Column(updatable = true) 
  private Date modifyTime; 
   
  @Column(length=255) 
  private String remark; 
 
  public String getName() { 
    return name; 
  } 
 
  public void setName(String name) { 
    this.name = name; 
  } 
 
  public UserGroup getParentUserGroup() { 
    return parentUserGroup; 
  } 
 
  public void setParentUserGroup(UserGroup parentUserGroup) { 
    this.parentUserGroup = parentUserGroup; 
  } 
 
  public Set<UserGroup> getChildrenUserGroups() { 
    return childrenUserGroups; 
  } 
 
  public void setChildrenUserGroups(Set<UserGroup> childrenUserGroups) { 
    this.childrenUserGroups = childrenUserGroups; 
  } 
 
  public User getTeamAdmin() { 
    return teamAdmin; 
  } 
 
  public void setTeamAdmin(User teamAdmin) { 
    this.teamAdmin = teamAdmin; 
  } 
 
  public List<User> getUserList() { 
    return userList; 
  } 
 
  public void setUserList(List<User> userList) { 
    this.userList = userList; 
  } 
 
  public Integer getDeepLevel() { 
    return deepLevel; 
  } 
 
  public void setDeepLevel(Integer deepLevel) { 
    this.deepLevel = deepLevel; 
  } 
 
  public String getRecorder() { 
    return recorder; 
  } 
 
  public void setRecorder(String recorder) { 
    this.recorder = recorder; 
  } 
 
  public Date getRecordTime() { 
    return recordTime; 
  } 
 
  public void setRecordTime(Date recordTime) { 
    this.recordTime = recordTime; 
  } 
 
  public String getModifier() { 
    return modifier; 
  } 
 
  public void setModifier(String modifier) { 
    this.modifier = modifier; 
  } 
 
  public Date getModifyTime() { 
    return modifyTime; 
  } 
 
  public void setModifyTime(Date modifyTime) { 
    this.modifyTime = modifyTime; 
  } 
 
  public String getRemark() { 
    return remark; 
  } 
 
  public void setRemark(String remark) { 
    this.remark = remark; 
  } 
 
}

4.BaseUidEntity.java

@SuppressWarnings("serial") 
@MappedSuperclass 
public class BaseUidEntity implements Serializable,Cloneable{ 
 
  @Id 
  @GenericGenerator(name="uu_id", strategy="uuid") 
  @GeneratedValue(generator="uu_id") 
  private String id; 
 
  public String getId() { 
    return id; 
  } 
 
  public void setId(String id) { 
    this.id = id; 
  } 
 
  public Object clone() 
  { 
    Object o=null; 
    try 
    { 
      o=(Object)super.clone(); 
    } 
    catch(CloneNotSupportedException e) 
    { 
      System.out.println(e.toString()); 
    } 
    return o; 
  } 
 
     
   
}

5. UserDetail.java

package org.nercita.bcp.system.domain.reference; 
 
import java.util.Collection; 
 
import org.springframework.security.core.GrantedAuthority; 
import org.springframework.security.core.userdetails.User; 
/** 
 * 登錄用戶詳細(xì)信息 
 * @author zhangwenchao 
 * 
 */ 
public class UserDetail extends User{ 
   
  private static final long serialVersionUID = -6889247576063361649L; 
  private String userId;    //用戶名（賬號(hào)） 
  private String realName;   //真實(shí)姓名 
   
  public UserDetail(String username, String password,Collection<? extends GrantedAuthority> authorities) { 
    super(username, password, authorities); 
  } 
 
  public UserDetail(String username, String password, boolean enabled, 
      boolean accountNonExpired, boolean credentialsNonExpired, 
      boolean accountNonLocked, 
      Collection<? extends GrantedAuthority> authorities) { 
    super(username, password, enabled, accountNonExpired, credentialsNonExpired, 
        accountNonLocked, authorities); 
  } 
 
  public String getUserId() { 
    return userId; 
  } 
 
  public void setUserId(String userId) { 
    this.userId = userId; 
  } 
 
  public String getRealName() { 
    return realName; 
  } 
 
  public void setRealName(String realName) { 
    this.realName = realName; 
  } 
 
 
}

6.UserState.java

package org.nercita.bcp.system.domain.reference; 
 
public enum UserState { 
 
  /** 
   * 禁用(0) 
   */ 
  Disable { 
    @Override 
    public String getTitle() { 
      return "Disable"; 
    } 
  }, 
   
  /** 
   * 啟用(1) 
   */ 
  Enable { 
    @Override 
    public String getTitle() { 
      return "Enable"; 
    } 
  }; 
 
 
  @Override 
  public String toString() { 
    return this.getTitle(); 
  } 
 
  public abstract String getTitle(); 
 
  public int getValue() { 
    return this.ordinal(); 
  } 
 
}

以上就是本文的全部內(nèi)容，希望對(duì)大家的學(xué)習(xí)有所幫助，也希望大家多多支持腳本之家。

您可能感興趣的文章: