1 16 17 package org.springframework.web.servlet.handler; 18 19 import java.io.IOException ; 20 21 import javax.servlet.ServletException ; 22 import javax.servlet.http.HttpServletRequest ; 23 import javax.servlet.http.HttpServletResponse ; 24 25 33 public class UserRoleAuthorizationInterceptor extends HandlerInterceptorAdapter { 34 35 private String [] authorizedRoles; 36 37 38 42 public final void setAuthorizedRoles(String [] authorizedRoles) { 43 this.authorizedRoles = authorizedRoles; 44 } 45 46 47 public final boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) 48 throws ServletException , IOException { 49 50 if (this.authorizedRoles != null) { 51 for (int i = 0; i < this.authorizedRoles.length; i++) { 52 if (request.isUserInRole(this.authorizedRoles[i])) { 53 return true; 54 } 55 } 56 } 57 handleNotAuthorized(request, response, handler); 58 return false; 59 } 60 61 72 protected void handleNotAuthorized(HttpServletRequest request, HttpServletResponse response, Object handler) 73 throws ServletException , IOException { 74 75 response.sendError(HttpServletResponse.SC_FORBIDDEN); 76 } 77 78 } 79 | Popular Tags |