1

zj

2025-08-12 f8c80b2848a6b2e3ef16db317147576f4a4e0714

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/**
 * 
 */
package security.filter;
 
import java.util.Collection;
import java.util.Map;
 
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
 
import security.Constants;
import security.SecUser;
import security.SecurityAppUserHolder;
import security.internal.SecurityAuthoritiesHolder;
import security.util.AuthenticationUtil;
 
/**
 * URL过虑器
 * 
 */
public class UrlResourceFilterInvocationDefinitionSource implements FilterInvocationDefinitionSource {
 
    private static final Logger logger=LoggerFactory.getLogger(UrlResourceFilterInvocationDefinitionSource.class);
 
    private SecurityAuthoritiesHolder securityAuthoritiesHolder;
 
    public ConfigAttributeDefinition getAttributes(Object filter) throws IllegalArgumentException {
        if ((filter == null) || !this.supports(filter.getClass())) {
            throw new IllegalArgumentException("Sorry, the target object is not FilterInvocation type！");
        }
        SecUser user = SecurityAppUserHolder.getCurrentUser();
        // 用户是否已登陆
        if (null == user) {
            return ConfigAttributeDefinition.NO_ATTRIBUTES;
        }
        FilterInvocation filterInvocation = (FilterInvocation) filter;
        // 待验证URL
        String requestURI = filterInvocation.getRequestUrl();
        if (logger.isDebugEnabled()) {
            logger.debug("To be verified: " + requestURI);
        }
        Map<String, String> urlAuthorities = this.securityAuthoritiesHolder.loadAuthorities(Constants.RESTYPE_URL);
        // 得到该URL允许的角色串
        String authorities = AuthenticationUtil.resourceMatches(urlAuthorities, requestURI);
        
        return AuthenticationUtil.getCadByAuthorities(authorities);
    }
 
    @SuppressWarnings("rawtypes")
    public Collection getConfigAttributeDefinitions() {
        return null;
    }
 
    @SuppressWarnings("rawtypes")
    public boolean supports(Class clazz) {
        if (FilterInvocation.class.isAssignableFrom(clazz)) {
            return true;
        }
        else {
            return false;
        }
    }
 
    public void setSecurityAuthoritiesHolder(
            SecurityAuthoritiesHolder securityAuthoritiesHolder) {
        this.securityAuthoritiesHolder = securityAuthoritiesHolder;
    }
 
 
 
 
}