@Service(value="webSecurityPermissionEvaluator")
public class WebSecurityPermissionEvaluator
extends bap.core.service.BaseService
| Modifier and Type | Field and Description |
|---|---|
static java.lang.String[] |
antMatchNoFilterUrl |
static java.lang.String[] |
deleteNoFilterUrl |
static java.lang.String[] |
getNoFilterUrl |
static java.lang.String[] |
postNoFilterUrl |
static java.lang.String[] |
putNoFilterUrl |
| Constructor and Description |
|---|
WebSecurityPermissionEvaluator() |
| Modifier and Type | Method and Description |
|---|---|
void |
createNoFilterConfig() |
java.lang.String[] |
noFilterFile()
获取不需要过滤的文件类型
|
boolean |
noFilterMatch(org.springframework.security.core.Authentication authentication,
javax.servlet.http.HttpServletRequest request)
不需要过滤的请求和文件,此处实现永真返回true,只是为了记录访问日志,spring security的配置规则是按配置顺序优先,不过滤的必须先配,这样这些文件和路径就不会皱上面的过滤方法,尽管在config类设置了统配
|
boolean |
protectResource(org.springframework.security.core.Authentication authentication,
javax.servlet.http.HttpServletRequest request)
菜单与资源越权访问过滤
|
public static java.lang.String[] postNoFilterUrl
public static java.lang.String[] getNoFilterUrl
public static java.lang.String[] putNoFilterUrl
public static java.lang.String[] deleteNoFilterUrl
public static java.lang.String[] antMatchNoFilterUrl
public void createNoFilterConfig()
public boolean protectResource(org.springframework.security.core.Authentication authentication,
javax.servlet.http.HttpServletRequest request)
authentication - 系统认证对象,其中包含登录用户信息request - 当前请求public boolean noFilterMatch(org.springframework.security.core.Authentication authentication,
javax.servlet.http.HttpServletRequest request)
authentication - request - public java.lang.String[] noFilterFile()