运用Spring AOP验证用户权限实例

1.新建一个Java普通工程，并需导入spring-aop.jar包；

2.建UserInfo类：

package aop.secure;

public class UserInfo {

private String userName;

private String password;

public UserInfo(String userName, String password){

this.userName = userName;

this.password = password;

}

public String getPassword() {

return password;

}

public String getUserName() {

return userName;

}

}

3.建安全信息提示类SecureBean：

package aop.secure;

public class SecureBean {

public void writeSecureMessage(){

System.out.println("Every time I learn something new and it pushes some old stuff out of my brain.");

}

}

4.建切面类SecurityAdvice实现org.springframework.aop.MethodBeforeAdvice：

package aop.secure;

import java.lang.reflect.Method;

import org.springframework.aop.MethodBeforeAdvice;

public class SecurityAdvice implements MethodBeforeAdvice {

private SecurityManager securityManager;

public SecurityAdvice(){

this.securityManager = new SecurityManager();

}

public void before(Method method, Object[] args, Object target) throws Throwable {

UserInfo user = securityManager.getLoggedOnUser();

if(user == null){

System.out.println("No user authenticated.");

throw new SecurityException("Method name: " + method.getName());

}else if("chigo".equals(user.getUserName()) && "chigo".equals(user.getPassword())){

System.out.println("OKAY!");

}else{

System.out.println("Logged in user is: " + user.getUserName());

throw new SecurityException("User " + user.getUserName() + " is not allowed access to method " + method.getName());

}

}

}