Spring AOP应验用户权限

Spring AOP验证用户权限

1.新建一个Java普通工程，并需导入spring-aop.jar包； 2.建UserInfo类： package aop.secure; public class UserInfo {         private String userName;     private String password;         public UserInfo(String userName, String password){         this.userName = userName;         this.password = password;     }     public String getPassword() {         return password;     }     public String getUserName() {         return userName;     } } 3.建安全信息提示类SecureBean： package aop.secure; public class SecureBean {     public void writeSecureMessage(){         System.out.println("Every time I learn something new and it pushes some old stuff out of my brain.");     } } 4.建切面类SecurityAdvice实现org.springframework.aop.MethodBeforeAdvice： package aop.secure; import java.lang.reflect.Method; import org.springframework.aop.MethodBeforeAdvice; public class SecurityAdvice implements MethodBeforeAdvice {     private SecurityManager securityManager;         public SecurityAdvice(){         this.securityManager = new SecurityManager();     }     public void before(Method method, Object[] args, Object target) throws Throwable {         UserInfo user = securityManager.getLoggedOnUser();         if(user == null){             System.out.println("No user authenticated.");             throw new SecurityException("Method name: " + method.getName());         }else if("chigo".equals(user.getUserName()) && "chigo".equals(user.getPassword())){             System.out.println("OKAY!");         }else{             System.out.println("Logged in user is: " + user.getUserName());             throw new SecurityException("User " + user.getUserName() + " is not allowed access to method " + method.getName());         }     } } 5.建登陆与注销管理类SecurityManager： package aop.secure; public class SecurityManager {         private static ThreadLocal local = new ThreadLocal();         public void login(String userName, String password){         local.set(new UserInfo(userName,password));     }         public void logout(){         local.set(null);     }         public UserInfo getLoggedOnUser(){         return (UserInfo)local.get();     } } 6.最后建测试类SecurityExample： package aop.secure; import org.springframework.aop.framework.ProxyFactory; public class SecurityExample {     private static SecureBean getSecureBean(){         SecureBean sbean = new SecureBean();         SecurityAdvice sadvice = new SecurityAdvice();         ProxyFactory pf = new ProxyFactory();         pf.setTarget(sbean);         pf.addAdvice(sadvice);         SecureBean factory = (SecureBean)pf.getProxy();         return factory;     }         public static void main(String[] args) {         SecurityManager mgr = new SecurityManager();         SecureBean sbean = getSecureBean();                 mgr.login("chigo","chigo");         sbean.writeSecureMessage();         mgr.logout();                 try{             mgr.login("kkk","");             sbean.writeSecureMessage();         }catch(SecurityException ex){             System.out.println("Exception caught: " + ex.getMessage());         }finally{             mgr.logout();         }                 try{             sbean.writeSecureMessage();         }catch(SecurityException ex){             System.out.println("Exception caught: " + ex.getMessage());         }     } }