0

我有一个 tabs.jsp,其中包含指向其他页面的链接。当管理员登录时,必须为他提供 2 个额外的链接来添加用户和角色。在进行身份验证时,我能够验证用户是否是管理员。在验证时,如果用户存在,如果不重定向回登录页面,则将控制权返回给用户显示页面。如果用户是管理员,我如何实现这个额外的 2 个链接?

我的控制器

    @RequestMapping(value = "auth", method = RequestMethod.POST)
        public ModelAndView printStringLogin(
                @ModelAttribute("USERS") Users userAuthentication,
                HttpSession httpSession, ModelMap model) {
            System.out.println(userAuthentication.getUsers_email());
            System.out.println(userAuthentication.getUsers_password());
            UserAuthentication userAuthentication2 = new UserAuthentication();
            boolean exists = false,admin = false;
            try {
                exists = userAuthentication2.doesUserExist(
                        userAuthentication.getUsers_email(),
                        userAuthentication.getUsers_password());
            } catch (Exception e) {
                e.printStackTrace();
            }
            if (exists == true) {
                System.out.println("user present");
                httpSession.setAttribute("id", userAuthentication.getUsers_email());
                System.out.println("Session Attribute: "
                        + httpSession.getAttribute("id"));
                return new ModelAndView("redirect:employee");
            } else {
                System.out.println("user not present");
                return new ModelAndView("loginpage");
            }
    }

用户认证

public class UserAuthentication {
    public boolean doesUserExist(String uname, String passwrd) throws Exception {
        GetSession ses = new GetSession();
        Session session = ses.retSession();
        String query = "from Users as u where u.users_email = :sUname and u.users_password = :sPass";
        List list = session.createQuery(query).setString("sUname", uname)
                .setString("sPass", passwrd).list();

        Iterator iterator = list.iterator();
        boolean userExists = false;
        if (iterator.hasNext()) {
            Users obj = (Users) iterator.next();
            System.out.print(obj.getUsers_email() + "\t"
                    + obj.getUsers_password() + "\n");
            System.out.println(obj.getMyRoles());
            System.out.println("Is Admin??? :" +obj.getMyRoles().toString().contains("Admin")); //gives if user is admin or not
            System.out.println(obj.getUser_id());
            userExists = true;
        }
        System.out.println(userExists);
        return userExists;
    }
}

选项卡.jsp

    <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
        pageEncoding="ISO-8859-1"%>
    <html>
    <body>
        <div id="tabs" style="background-color: #C8C8C8; font-family: fantasy;">
            <a href="employee">&nbsp; Employee Details </a>
            <a href="department"> Departments </a>
            <a href="designation"> Designation </a>
            <a href="logout"> Logout </a>
            <a href="user"> Users </a>
            <a href="roles"> Roles </a>
        </div>
    </body>
    </html>

只有当用户是管理员并且此 tabs.jsp 包含在应用程序的每个页面中时,才必须显示用户和角色链接。

4

1 回答 1

2

User对象放入HttpSessionController中并User在jsp中检查登录是否为admin

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
        pageEncoding="ISO-8859-1"%>
    <html>
    <body>
        <div id="tabs" style="background-color: #C8C8C8; font-family: fantasy;">
            <a href="employee">&nbsp; Employee Details </a>
            <a href="department"> Departments </a>
            <a href="designation"> Designation </a>
            <a href="logout"> Logout </a>
            <c:if test=${sessionScope.user.isAdmin}>
            <a href="user"> Users </a>
            <a href="roles"> Roles </a>
            </c:if>
        </div>
    </body>
    </html>
于 2013-10-04T08:42:14.407 回答