类 UserRoleAuthorizationInterceptor
- java.lang.Object
- org.springframework.web.servlet.handler.HandlerInterceptorAdapter
- org.springframework.web.servlet.handler.UserRoleAuthorizationInterceptor
- 所有已实现的接口:
AsyncHandlerInterceptor
,HandlerInterceptor
public class UserRoleAuthorizationInterceptor extends HandlerInterceptorAdapter
Interceptor that checks the authorization of the current user via the user's roles, as evaluated by HttpServletRequest's isUserInRole method.- 从以下版本开始:
- 20.06.2003
- 作者:
- Juergen Hoeller
- 另请参阅:
HttpServletRequest.isUserInRole(java.lang.String)
构造器概要
构造器 构造器 说明 UserRoleAuthorizationInterceptor()
方法概要
所有方法 实例方法 具体方法 修饰符和类型 方法 说明 protected void
handleNotAuthorized(HttpServletRequest request, HttpServletResponse response, Object handler)
Handle a request that is not authorized according to this interceptor.boolean
preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
This implementation always returnstrue
.void
setAuthorizedRoles(String... authorizedRoles)
Set the roles that this interceptor should treat as authorized.从类继承的方法 org.springframework.web.servlet.handler.HandlerInterceptorAdapter
afterCompletion, afterConcurrentHandlingStarted, postHandle
构造器详细资料
UserRoleAuthorizationInterceptor
public UserRoleAuthorizationInterceptor()
方法详细资料
setAuthorizedRoles
public final void setAuthorizedRoles(String... authorizedRoles)
Set the roles that this interceptor should treat as authorized.- 参数:
authorizedRoles
- array of role names
preHandle
public final boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException
从类复制的说明:HandlerInterceptorAdapter
This implementation always returnstrue
.- 指定者:
preHandle
在接口中HandlerInterceptor
- 覆盖:
preHandle
在类中HandlerInterceptorAdapter
- 参数:
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluation- 返回:
true
if the execution chain should proceed with the next interceptor or the handler itself. Else, DispatcherServlet assumes that this interceptor has already dealt with the response itself.- 抛出:
ServletException
IOException
handleNotAuthorized
protected void handleNotAuthorized(HttpServletRequest request, HttpServletResponse response, Object handler) throws ServletException, IOException
Handle a request that is not authorized according to this interceptor. Default implementation sends HTTP status code 403 ("forbidden").This method can be overridden to write a custom message, forward or redirect to some error page or login page, or throw a ServletException.
- 参数:
request
- current HTTP requestresponse
- current HTTP responsehandler
- chosen handler to execute, for type and/or instance evaluation- 抛出:
ServletException
- if there is an internal errorIOException
- in case of an I/O error when writing the response