2004-01-15

由 jini 所撰寫。最後修改者是 jini 在 1686 天之前。已瀏覽 846 次。

[編輯] [附加]

Tomcat isUserInRole 12:47

tomcat 有提供 realm 給予Role-based 的系統

在 share/org/apache/catalina/connector/HttpRequestBase.java

之中

public boolean isUserInRole(String role) {        // Have we got an authenticated principal at all?
        if (userPrincipal == null)
            return (false);
        // Identify the Realm we will use for checking role assignmenets
        if (context == null)
            return (false);
        Realm realm = context.getRealm();
        if (realm == null)
            return (false);
        // Check for a role alias defined in a <security-role-ref> element
        if (wrapper != null) {
            String realRole = wrapper.findSecurityReference(role);
            if ((realRole != null) &&
                realm.hasRole(userPrincipal, realRole))
                return (true);
        }
        // Check for a role defined directly as a <security-role>
        return (realm.hasRole(userPrincipal, role));
    }

採用了 Principal 取得使用者資訊... 因為專案需要似乎 spec 所提出的還不夠

getRemoteUser
isUserInRole
getUserPrinciple

我應該會新增一個

isUserHasPermission

來解決我的需求吧

目前無回響 | 發表回響

相關連結：
jakarta	snipsnap-index	snipsnap-search	2004-01-14
2003-10-10	2006-02-07	2004-05-07	java database
2003-11-28	2003-10-29	code style	JiaYun
2005-03-30	2004-12-14	snipsnap-portlet-1