[Seasar-user:17338] Seasar[複数Interceptorの使い方]
thomas
[E-MAIL ADDRESS DELETED]
2009年 4月 29日 (水) 16:44:39 JST
Hai,
I need to use one Interceptor for
●LoginAuthendication.
After successful login i need to check the role of the user,depending upon
the users role i need to allow some page and block for some users.
I have attaced my coding here.
*app_aop.dicon
:::::::::::::::::::::*
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE components PUBLIC "-//SEASAR//DTD S2Container 2.4//EN"
"http://www.seasar.org/dtd/components24.dtd">
<components namespace="app_aop">
<include path="convention.dicon"/>
<component name="actionSupportInterceptor"
class="org.seasar.teeda.extension.interceptor.ActionSupportInterceptor" />
<component name="appFacesExceptionThrowsInterceptor"
class="org.seasar.teeda.core.interceptor.AppFacesExceptionThrowsInterceptor"
/>
*<component name="LoginAuthInterceptor"
class="pmtool.interceptor.LoginAuthInterceptor" />
<component name="LoginUserInterceptor"
class="pmtool.interceptor.LoginUserInterceptor" />*
</components>
*
customizer.dicon
:::::::::::::::::::::::::*
<component name="pageCustomizer"
class="org.seasar.framework.container.customizer.CustomizerChain">
<initMethod name="addCustomizer">
<arg>traceCustomizer</arg>
</initMethod>
* <!-- Start Authendication Interceptor-->*
<initMethod name="addAspectCustomizer">
<arg>"LoginAuthInterceptor"</arg>
<arg>"do.*,initialize, prerender"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>*"pmtool.web.login"*</arg>
<arg>*"LoginPage"*</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>"*pmtool.web.error*"</arg>
<arg>*"Error.**"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>*"pmtool.web.exception*"</arg>
<arg>"*Login.**"</arg>
</initMethod>
*<!--End -->*
* <!-- Start -->*
<initMethod name="addAspectCustomizer">
<arg>"LoginUserInterceptor"</arg>
<arg>"do.*,initialize, prerender"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>"pmtool.web.login"</arg>
<arg>"LoginPage"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>"pmtool.web.error"</arg>
<arg>"Error.*"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>"pmtool.web.exception"</arg>
<arg>"Login.*"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>"*pmtool.web.expensesheet*"</arg>
<arg>*"Index.**"</arg>
</initMethod>
<initMethod name="addIgnoreClassPattern">
<arg>"*pmtool.web.menu*"</arg>
<arg>*"Menu.**"</arg>
</initMethod>
Authendication intercptor is needed for menu and expensesheet pages where
the user level check interceptor(second one) is not needed for these
pages.So i included in the AddIgnoreClassPattern tag.
*User Check:
:::::::::::::::::::::::*
public Object invoke(MethodInvocation invocation)throws Throwable{
Object ret=null;
if (container!=null)
{
Boolean LoginFlg=getSessionAttribute("*usersession*");
if (LoginFlg==null||!LoginFlg.booleanValue()){
throw new LoginAuthException("You are not logged in or your
session has closed.Login Here");
//return LoginPage.class;
}
}
Throwable cause=null;
try
{
ret =invocation.proceed();
}catch(final Throwable t){
cause=t;
}
if (cause!=null)
{
throw cause;
}
return ret;
}
public boolean getSessionAttribute(String sessionBindLogin){
HttpSession session=
(HttpSession)container.getExternalContext().getSession();
if(session!=null)
{
Object log=session.getAttribute(sessionBindLogin);
if (log==null){
return false;
}
else{
return true;
}
}
return true;
}
*User Level Check
::::::::::::::::::::::::::*
public Object invoke(MethodInvocation invocation)throws Throwable{
Object ret=null;
if (container!=null)
{
Boolean loginFlg=getSessionAttribute("*userlevel*");
if (loginFlg==null||!loginFlg.booleanValue()){
throw new LoginAuthException("you not allowed to access this
page");
//return LoginPage.class;
}
}
Throwable cause=null;
try
{
ret =invocation.proceed();
}catch(final Throwable t){
cause=t;
}
if (cause!=null)
{
throw cause;
}
return ret;
}
public boolean getSessionAttribute(String sessionBindLogin){
HttpSession session=
(HttpSession)container.getExternalContext().getSession();
if(session!=null)
{
Object log=session.getAttribute(sessionBindLogin);
if (log==null){
return false;
}
else if(log.equals("1")){
return true;
}
else
return false;
}
return true;
}
*LoginPage
::::::::::::::*
public Class doLogin() {
if(userid.equals(pwd)){
session.setAttribute("*usersession*", userid);
if(userid.equals("aaa")){
session.setAttribute("*userlevel*", "1");
}
else
session.setAttribute("*userlevel*", "2");
return MenuPage.class;
}
else
return null;
}
If i use like this for menu page and expensesheet page the login check
interceptor has not called because i added these two pages in
addIgnoreClassPattern of userlevel check interceptor.
I have to include addIgnoreClassPattern for each interceptor.Is it possible
or not?
If my thinging is not correct..If its not correct then how can i achieve
this...
Please help me to finish this.
Thanks in advance..
-------------- next part --------------
HTMLの添付ファイルを保管しました...
URL: <http://ml.seasar.org/archives/seasar-user/attachments/20090429/60457896/attachment.html>
Seasar-user メーリングリストの案内