实现不同的用户登录以后可以看到不同的菜单。(后台可以实现对用户菜单的管理。)
第一步:分析数据结构
1:用户表
表名:users | ||
列名 | 类型 | 说明 |
id | Varchar(32) | 主键 |
name | Varchar(30) | |
2:菜单表
第二步:写入表中几行数据进行基本分析
insert into users values('U001','Jack','1234');
insert into users values('U002','张三','4321');
insert into users values('U003','Tom','1111');
insert into roles values('R001','管理员','');
insert into roles values('R002','教师','');
insert into roleuser values('U001','R001');
insert into roleuser values('U002','R002');
insert into menus values('M001','系统管理','/sys.jsp');
insert into menus values('M002','用户管理','/user.jsp');
insert into menus values('M003','角色管理','/role.jsp');
insert into rolemenu values('M001','R001');
insert into rolemenu values('M002','R001');
insert into rolemenu values('M003','R001');
insert into rolemenu values('M003','R002');
/*查询某个拥有某个角色*/
select u.name,r.name
from users u inner join roleuser ru on u.id=ru.uid
inner join roles r on ru.rid=r.id;
/*某角色拥有某菜单*/
select r.name,m.name
from roles r inner join rolemenu rm on r.id=rm.rid
inner join menus m on rm.mid=m.id;
/*查询某人拥有某个菜单*/
select u.name,m.name
from users u inner join roleuser ru on u.id=ru.uid
inner join roles r on ru.rid=r.id
inner join rolemenu rm on r.id=rm.rid
inner join menus m on rm.mid=m.id;
第三步:创建JavaBean(领域模型)和工具类
public class User {
private String name;
private String id;
private String pwd;
连接数据库的工具类:
第三步:设计界面
第四步:实现用户登录
分包:提供用户的登录,退出修改
Cn.hx.user.
userServlet
service
userService
dao
userDao
菜单
Cn.hx.menu
MenuServlet
MenuService
MenuDao
角色
对主页面来只有Servvlet没有service,调用别的service实现。
Cn.hx.main
MainServlet
(没有Service)
第五步:开发登录页面
<form name="name" action="<c:url value='/UserServlet?cmd=login'/> " method="post">
Name:<input type="text" name="name"/><br/>
pwd:<input type="text" name="pwd"/><br/>
<input type="submit"/>
</form>
第六步:开发整个的usre包
Cn.hx.user.
userServlet
service
userService
dao
userDao
第七步:实菜单的查询功能
菜单是菜单的功能包。
主功能,有自己的servvlet- MainServvlet
第八步:使用过虑器验证/jsp/*
这只是第一步,只是验证用户有没有访问的凭证。认证.
过滤器验证类:
package cn.hx.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.dbutils.QueryRunner;
import org.apache.commons.dbutils.handlers.ScalarHandler;
import cn.hx.domain.User;
import cn.hx.utils.DataSourceUtils;
public class AuthFilter implements Filter {
public void init(FilterConfig filterConfig) throws ServletException {
// TODO Auto-generated method stub
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
uri
HttpServletRequest req = (HttpServletRequest) request;
day20/jsps/role.jsp">Http://localhost:8080/day20/jsps/role.jsp->day20/jsps/role.jsp
uri = uri.replace(req.getContextPath(), "");
sql
String sql = "SELECT COUNT(1)"+
" FROM menus m INNER JOIN rolemenu rm ON m.id=rm.mid"+
" INNER JOIN roles r ON r.id=rm.rid"+
" INNER JOIN roleuser ru ON r.id=ru.rid"+
" WHERE ru.uid=? AND url=?";
//取到用户的id
User user = (User) req.getSession().getAttribute("user");
try{
QueryRunner run = new QueryRunner(DataSourceUtils.getDatasSource());
Object o = run.query(sql,new ScalarHandler(),user.getId(),uri);
int size = Integer.parseInt(o.toString());
if(size==0){
System.err.println("你没有权限....");
}else{
chain.doFilter(req, response);
}
}catch(Exception e){
}
}
public void destroy() {
// TODO Auto-generated method stub
}
}
流程图
认证过程
登录过程:
显示菜单的过程:
源码面前,了无秘密
