类 UserRoleAuthorizationInterceptor
- java.lang.Object
- org.springframework.web.servlet.handler.HandlerInterceptorAdapter
- org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor
- 所有已实现的接口:
AsyncHandlerInterceptor,HandlerInterceptor
public class UserRoleAuthorizationInterceptor extends HandlerInterceptorAdapter
Interceptor that checks the authorization of the current user via the user's roles, as evaluated by HttpServletRequest's isUserInRole method.- 从以下版本开始:
- 20.06.2003
- 作者:
- Juergen Hoeller
- 另请参阅:
HttpServletRequest.isUserInRole(java.lang.String)
构造器概要
构造器 构造器 说明 UserRoleAuthorizationInterceptor()
方法概要
所有方法 实例方法 具体方法 修饰符和类型 方法 说明 protected voidhandleNotAuthorized(HttpServletRequest request, HttpServletResponse response, Object handler)Handle a request that is not authorized according to this interceptor.booleanpreHandle(HttpServletRequest request, HttpServletResponse response, Object handler)This implementation always returnstrue.voidsetAuthorizedRoles(String... authorizedRoles)Set the roles that this interceptor should treat as authorized.从类继承的方法 org.springframework.web.servlet.handler.HandlerInterceptorAdapter
afterCompletion, afterConcurrentHandlingStarted, postHandle
构造器详细资料
UserRoleAuthorizationInterceptor
public UserRoleAuthorizationInterceptor()
方法详细资料
setAuthorizedRoles
public final void setAuthorizedRoles(String... authorizedRoles)
Set the roles that this interceptor should treat as authorized.- 参数:
authorizedRoles- array of role names
preHandle
public final boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException
从类复制的说明:HandlerInterceptorAdapterThis implementation always returnstrue.- 指定者:
preHandle在接口中HandlerInterceptor- 覆盖:
preHandle在类中HandlerInterceptorAdapter- 参数:
request- current HTTP requestresponse- current HTTP responsehandler- chosen handler to execute, for type and/or instance evaluation- 返回:
trueif the execution chain should proceed with the next interceptor or the handler itself. Else, DispatcherServlet assumes that this interceptor has already dealt with the response itself.- 抛出:
ServletExceptionIOException
handleNotAuthorized
protected void handleNotAuthorized(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException
Handle a request that is not authorized according to this interceptor. Default implementation sends HTTP status code 403 ("forbidden").This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.
- 参数:
request- current HTTP requestresponse- current HTTP responsehandler- chosen handler to execute, for type and/or instance evaluation- 抛出:
ServletException- if there is an internal errorIOException- in case of an I/O error when writing the response