0
点赞
收藏
分享

微信扫一扫

shiro自定义过滤器,实现角色或关系


package cn.eyes.commons.context;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authz.AuthorizationFilter;


public class RolesAnyAuthorizationFilter extends AuthorizationFilter {

public boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws IOException {

Subject subject = getSubject(request, response);
String[] rolesArray = (String[]) mappedValue;

if (rolesArray == null || rolesArray.length == 0) {
return true;
}
for(int i=0;i<rolesArray.length;i++){
if(subject.hasRole(rolesArray[i])){
return true;
}
}
return false;
}


}

 

举报

相关推荐

0 条评论