`
zhouxingfu520
  • 浏览: 422457 次
  • 性别: Icon_minigender_1
  • 来自: 广州
社区版块
存档分类
最新评论

Spring Security3配置使用

阅读更多

 

    使用Spring Security3的几种方法概述

    一种是全部利用配置文件,将用户、权限、资源(url)硬编码在xml文件中,已经实现过

    二种是用户和权限用数据库存储,而资源(url)和权限的对应采用硬编码配置,目前这种方式已经实现。

    三种我使用的是第三种 第三种是细分角色和权限,并将用户、角色、权限和资源均采用数据库存储,并且自定义过滤器,代替原有的FilterSecurityInterceptor过滤器,
    并分别实现AccessDecisionManager、InvocationSecurityMetadataSourceService和UserDetailsService,并在配置文件中进行相应配置

    四种第四种方式我没有试过

 

    业务逻辑

    权限代码action为请求路径,权限信息拥有多个权限代码,角色可以拥有多个权限信息 用户属于用户组,用户组拥有多个角色,用户组必须拥有跟菜单同样权限代码action、页面菜单才能显示 最终实现菜单显示与请求路径权限验证。


  在上个项目开发中用到的技术: java1.5 + struts2.1.8 + spring3.0.7 + hibernate3.2.5 + spring security3.1.0 + mysql5.5 + tomcat6.0

    我这里只说明spring security,代码是项目里抽取权限部分出来讲解的
    spring security3.1 .0 的11 个jar包,分别为:
    spring-security-acl-3.1 .0 .RELEASE.jar
    spring-security-config-3.1 .0 .RELEASE.jar
    spring-security-core-3.1 .0 .RELEASE.jar
    spring-security-taglibs-3.1 .0 .RELEASE.jar
    spring-security-web-3.1 .0 .RELEASE.jar

    spring-security-aspects-3.1.0.RELEASE.jar

    spring-security-cas-3.1.0.RELEASE.jar

    spring-security-crypto-3.1.0.RELEASE.jar

    spring-security-ldap-3.1.0.RELEASE.jar

    spring-security-openid-3.1.0.RELEASE.jar

    spring-security-remoting-3.1.0.RELEASE.jar
    当然还有其他项目相关 的jar包,不贴出来了

年初讲解过spring security的旧版本Acegi的文章xml配置稍微复杂一些, spring security3配置相对比较简单

 

Spring Security3 配置使用

1 spring security3 主要实现类。

2 spring security3 主要配置文件。

3 web.xml配置文件。

4 实现流程说明

5 权限sql脚本

6 附件为完整程序与数据库脚本


1、spring security3 主要实现 (包含4个关键类):

myFilter

  (1) MySecurityFilter.java 过滤用户请求

package com.taskmanager.web.security;

import java.io.IOException;
import java.util.Collection;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityMetadataSource;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.access.intercept.InterceptorStatusToken;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

public class MySecurityFilter extends AbstractSecurityInterceptor implements
		Filter {
// 与applicationContext-security.xml里的myFilter的属性securityMetadataSource对应,
	// 其他的两个组件,已经在AbstractSecurityInterceptor定义
	private FilterInvocationSecurityMetadataSource securityMetadataSource;

	@Override
	public SecurityMetadataSource obtainSecurityMetadataSource() {
		return this.securityMetadataSource;
	}

	public void doFilter(ServletRequest request, ServletResponse response,
			FilterChain chain) throws IOException, ServletException {
		FilterInvocation fi = new FilterInvocation(request, response, chain);
		invoke(fi);
	}

	private void invoke(FilterInvocation fi) throws IOException,
			ServletException {
		// object为FilterInvocation对象
		// super.beforeInvocation(fi);//源码
		// 1.获取请求资源的权限
		 //执行 Collection<ConfigAttribute> attributes = 
                        //securityMetadataSource.getAttributes(fi);
		// 2.是否拥有权限
		// this.accessDecisionManager.decide(authenticated, fi, attributes);
		// this.accessDecisionManager.decide(authenticated, fi, attributes);
		InterceptorStatusToken token = super.beforeInvocation(fi);
		try {
			fi.getChain().doFilter(fi.getRequest(), fi.getResponse());
		} finally {
			super.afterInvocation(token, null);
		}
	}

	public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() {
		return securityMetadataSource;
	}

	public void setSecurityMetadataSource(
			FilterInvocationSecurityMetadataSource securityMetadataSource) {
		this.securityMetadataSource = securityMetadataSource;
	}

	public void init(FilterConfig arg0) throws ServletException {
		// TODO Auto-generated method stub
	}

	public void destroy() {
		// TODO Auto-generated method stub

	}

	@Override
	public Class<? extends Object> getSecureObjectClass() {
		//下面的MyAccessDecisionManager的supports方面必须放回true,否则会提醒类型错误  
		return FilterInvocation.class;
	}
}

  核心的InterceptorStatusToken token = super.beforeInvocation(fi);会调用我们定义的accessDecisionManager:decide(Object object)和securityMetadataSource

  :getAttributes(Object object)方法。

 

( 2) MySecurityMetadataSource.java 系统启动加载系统权限  用户登入验证权限

package com.taskmanager.web.security;

import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Map.Entry;

import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.security.web.util.AntPathRequestMatcher;
import org.springframework.security.web.util.RequestMatcher;

import com.taskmanager.exception.SystemRunException;
import com.taskmanager.hibernate.TSysPowerofaction;
import com.taskmanager.hibernate.TSysPowersystem;
import com.taskmanager.service.inter.PowerInter;
//1 加载资源与权限的对应关系  

/**
 * 该过滤器的主要作用就是通过spring著名的IoC生成securityMetadataSource。 
 * securityMetadataSource相当于本包中自定义的MyInvocationSecurityMetadataSourceService。 
 * 该MyInvocationSecurityMetadataSourceService的作用提从数据库提取权限和资源,装配到HashMap中, 
 * 供Spring Security使用,用于权限校验。 
 * @author sparta 11/3/29 
 */
public class MySecurityMetadataSource implements FilterInvocationSecurityMetadataSource {  
    	//由spring调用  
    	public MySecurityMetadataSource(PowerInter powerService) 
               throws SystemRunException {  
            this.powerService = powerService;  
            loadResourceDefine();  
        }  
      
        private PowerInter powerService;
        private static Map<String, Collection<ConfigAttribute>> resourceMap = null;  
    	private RequestMatcher pathMatcher;
        public Collection<ConfigAttribute> getAllConfigAttributes() {  
        	return new ArrayList<ConfigAttribute>();
        }  
      
        public boolean supports(Class<?> clazz) {  
            // TODO Auto-generated method stub  
            return true;  
        }  
        //加载所有资源与权限的关系  
        private void loadResourceDefine() throws SystemRunException {  
        	if (resourceMap == null) {
    			resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
    			List<TSysPowersystem> resources = this.powerService
    					.findByTSysPowersystem();
    			 for (TSysPowersystem resource : resources) {
    			Collection<ConfigAttribute> configAttributes =
                                    new ArrayList<ConfigAttribute>();
    			// 以权限名封装为Spring的security Object  
    			//resource.getRoleName() 角色名称 可随意 role_admin  或者 admin
    			ConfigAttribute configAttribute = 
                                    new SecurityConfig(resource.getRoleName());
    			configAttributes.add(configAttribute);
    			//resource.getInterceptUrl() 格式必须是 拦截的包路径  
                //或者是 比如  /manager/**/*.jh  或者  /system/manager/**/*.jsp
    			resourceMap.put(resource.getInterceptUrl(), configAttributes);
    			 }
    		}
                      
        }  
      //返回所请求资源所需要的权限  
        public Collection<ConfigAttribute> getAttributes(Object object)
                               throws IllegalArgumentException {  
        	Iterator<String> it = resourceMap.keySet().iterator();
    		while (it.hasNext()) {
    			String resURL = it.next();
    			Iterator<String> ite = resourceMap.keySet().iterator();
    			pathMatcher = new AntPathRequestMatcher(resURL);
    		if (pathMatcher.matches(((FilterInvocation) object).getRequest())) {
    				Collection<ConfigAttribute> returnCollection =
                                          resourceMap.get(resURL);
    				return returnCollection;
    			}
    		}
    		return null;
        }  
      
    }  

 这里的resourcesDao,熟悉Dao设计模式和Spring 注入的朋友应该看得明白。

 

( 3) MyUserDetailServiceImpl.java 点击登入跳转 保存 用户权限

package com.taskmanager.web.security;

import java.util.Collection;
import java.util.HashSet;
import java.util.Set;

import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

import com.taskmanager.exception.LoginException;
import com.taskmanager.exception.SystemRunException;
import com.taskmanager.hibernate.TSysCharacter;
import com.taskmanager.hibernate.TSysCharofgroup;
import com.taskmanager.hibernate.TSysPowersystemofchar;
import com.taskmanager.hibernate.TSysUser;
import com.taskmanager.hibernate.TSysUsergroup;
import com.taskmanager.hibernate.TSysUserofusergroup;
import com.taskmanager.service.inter.UserInter;

public class MyUserDetailServiceImpl implements UserDetailsService {

	UserInter userService;
	public UserInter getUserService() {
		return userService;
	}

	public void setUserService(UserInter userService) {
		this.userService = userService;
	}

	// 登入默认会调整到这里
	public UserDetails loadUserByUsername(String username)
			throws UsernameNotFoundException {
		System.out.println("username is " + username);
		TSysUser users=null;
		try {
			users = this.userService.findByUsersLogin(username);
		} catch (LoginException e) {
			throw new UsernameNotFoundException(username);
		} catch (SystemRunException e) {
			throw new UsernameNotFoundException(username);
		}
		if (users == null) {
			throw new UsernameNotFoundException(username);
		}else {
			if(!users.getStatus()){
				throw new UsernameNotFoundException("该用户处于锁定状态");
			}
		}
		Collection<GrantedAuthority> grantedAuths = obtionGrantedAuthorities(users);

		boolean enables = true;
		boolean accountNonExpired = true;
		boolean credentialsNonExpired = true;
		boolean accountNonLocked = true;
		User userdetail = new User(users.getCode(), users.getPassword(),
				enables, accountNonExpired, credentialsNonExpired,
				accountNonLocked, grantedAuths);
		return userdetail;
	}

	// 取得用户的权限
	private Set<GrantedAuthority> obtionGrantedAuthorities(TSysUser user) {
		Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>();
		//获取用户所属组
		Set<TSysUserofusergroup> userGroups = user.getTSysUserofusergroups();
		for(TSysUserofusergroup userGroup : userGroups ){
			//获取用户所属组 组对象
			TSysUsergroup usgroup=userGroup.getTSysUsergroup();
			//获取用户组对应 角色集合
			Set<TSysCharofgroup> charofgroups=usgroup.getTSysCharofgroups();
		for (TSysCharofgroup charofgroup : charofgroups) {
			TSysCharacter character=charofgroup.getTSysCharacter();
			//获取角色对应权限集合
			Set<TSysPowersystemofchar>  powerSystemofchars=
                              character.getTSysPowersystemofchars();
			for(TSysPowersystemofchar powerofchar : powerSystemofchars){
				authSet.add(
   new GrantedAuthorityImpl(powerofchar.getTSysPowersystem().getRoleName()));
			}
		}
		}
		return authSet;
	}
}

 

(4) MyAccessDecisionManager.java  验证是否拥有访问的权限

package com.taskmanager.web.security;

import java.util.Collection;
import java.util.Iterator;

import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
/** 
 *AccessdecisionManager在Spring security中是很重要的。 
 * 
 *在验证部分简略提过了,所有的Authentication实现需要保存在一个GrantedAuthority对象数组中。  
 *这就是赋予给主体的权限。 GrantedAuthority对象通过AuthenticationManager 
 *保存到 Authentication对象里,然后从AccessDecisionManager读出来,进行授权判断。  
 * 
 *Spring Security提供了一些拦截器,来控制对安全对象的访问权限,例如方法调用或web请求。  
 *一个是否允许执行调用的预调用决定,是由AccessDecisionManager实现的。  
 *这个 AccessDecisionManager 被AbstractSecurityInterceptor调用, 
 *它用来作最终访问控制的决定。 这个AccessDecisionManager接口包含三个方法:  
 * 
 void decide(Authentication authentication, Object secureObject, 
    List<ConfigAttributeDefinition> config) throws AccessDeniedException; 
 boolean supports(ConfigAttribute attribute); 
 boolean supports(Class clazz); 
  
  从第一个方法可以看出来,AccessDecisionManager使用方法参数传递所有信息,这好像在认证评估时进行决定。  
  特别是,在真实的安全方法期望调用的时候,传递安全Object启用那些参数。  
  比如,让我们假设安全对象是一个MethodInvocation。  
  很容易为任何Customer参数查询MethodInvocation, 
  然后在AccessDecisionManager里实现一些有序的安全逻辑,来确认主体是否允许在那个客户上操作。  
  如果访问被拒绝,实现将抛出一个AccessDeniedException异常。 
 
  这个 supports(ConfigAttribute) 方法在启动的时候被 
  AbstractSecurityInterceptor调用,来决定AccessDecisionManager 
  是否可以执行传递ConfigAttribute。  
  supports(Class)方法被安全拦截器实现调用, 
  包含安全拦截器将显示的AccessDecisionManager支持安全对象的类型。 
 */  
public class MyAccessDecisionManager implements AccessDecisionManager {  
          
        public void decide(Authentication authentication, Object object,
            Collection<ConfigAttribute> configAttributes) 
           throws AccessDeniedException, InsufficientAuthenticationException {  
            if(configAttributes == null) {  
                return;  
            }  
            //所请求的资源拥有的权限(一个资源对多个权限)  
            Iterator<ConfigAttribute> iterator = configAttributes.iterator();  
            while(iterator.hasNext()) {  
                ConfigAttribute configAttribute = iterator.next();  
                //访问所请求资源所需要的权限  
                String needPermission = configAttribute.getAttribute();  
                System.out.println("needPermission is " + needPermission); 
                //用户所拥有的权限authentication  
                for(GrantedAuthority ga : authentication.getAuthorities()) {  
                    if(needPermission.equals(ga.getAuthority())) {  
                        return;  
                    }  
                }  
            }  
            //没有权限    会跳转到login.jsp页面
            throw new AccessDeniedException(" 没有权限访问");  
        }  
      
        public boolean supports(ConfigAttribute attribute) {  
            // TODO Auto-generated method stub  
            return true;  
        }  
      
        public boolean supports(Class<?> clazz) {  
            // TODO Auto-generated method stub  
            return true;  
        }  
          
    }  

 

2、spring security3 主要配置文件。

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans 
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd  
http://www.springframework.org/schema/security 
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
	<global-method-security pre-post-annotations="enabled">
	</global-method-security>
	<!-- 该路径下的资源不用过滤 -->
	<http pattern="/include/js/**" security="none" />
	<http pattern="/include/css/**" security="none" />
	<http pattern="/include/scripts/**" security="none" />
	<http pattern="/include/jsp/**" security="none" />
	<http pattern="/images/**" security="none" />
	<http pattern="/login.jsp" security="none" />
	<!--auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session).-->
	<!-- lowercase-comparisons:表示URL比较前先转为小写。-->
        <!-- path-type:表示使用Apache Ant的匹配模式。-->
	<!--access-denied-page:访问拒绝时转向的页面。-->
	<!-- access-decision-manager-ref:指定了自定义的访问策略管理器。-->
	
	<http use-expressions="true" auto-config="true"
		access-denied-page="/include/jsp/timeout.jsp">
<!--login-page:指定登录页面。  -->
<!--	login-processing-url:指定了客户在登录页面中按下 Sign In 按钮时要访问的 URL。-->
		<!--	authentication-failure-url:指定了身份验证失败时跳转到的页面。-->
		<!--	default-target-url:指定了成功进行身份验证和授权后默认呈现给用户的页面。-->
<!--	always-use-default-target:指定了是否在身份验证通过后总是跳转到default-target-url属性指定的URL。
-->
		
<form-login login-page="/login.jsp" default-target-url='/system/default.jsp'
		always-use-default-target="true" authentication-failure-url="/login.jsp?login_error=1" />
<!--logout-url:指定了用于响应退出系统请求的URL。其默认值为:/j_spring_security_logout。-->
		<!--	logout-success-url:退出系统后转向的URL。-->
		<!--	invalidate-session:指定在退出系统时是否要销毁Session。-->
		<logout invalidate-session="true" logout-success-url="/login.jsp"
			logout-url="/j_spring_security_logout" />
		<!-- 实现免登陆验证 -->
		<remember-me />

		<!--	max-sessions:允许用户帐号登录的次数。范例限制用户只能登录一次。-->
<!-- 此值表示:用户第二次登录时,前一次的登录信息都被清空。-->
 <!--	exception-if-maximum-exceeded:默认为false,-->
<!--	当exception-if-maximum-exceeded="true"时系统会拒绝第二次登录。-->

		<session-management invalid-session-url="/login.jsp"
			session-fixation-protection="none">
			<concurrency-control max-sessions="1"
				error-if-maximum-exceeded="false" />
		</session-management>
		<custom-filter ref="myFilter" before="FILTER_SECURITY_INTERCEPTOR" />
		<session-management
			session-authentication-strategy-ref="sas" />

	</http>
<beans:bean id="sas"
class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
		<beans:constructor-arg name="sessionRegistry"
			ref="sessionRegistry" />
		<beans:property name="maximumSessions" value="1" />
		<!-- 防止session攻击 -->
		<beans:property name="alwaysCreateSession" value="true" />
		<beans:property name="migrateSessionAttributes" value="false" />
		<!--  同一个帐号 同时只能一个人登录 -->
		<beans:property name="exceptionIfMaximumExceeded"
			value="false" />
	</beans:bean>
	<beans:bean id="sessionRegistry"
		class="org.springframework.security.core.session.SessionRegistryImpl" />
	<!--
事件监听:实现了ApplicationListener监听接口,包括AuthenticationCredentialsNotFoundEvent 事件,-->
	<!--	AuthorizationFailureEvent事件,AuthorizedEvent事件, PublicInvocationEvent事件-->
	<beans:bean
		class="org.springframework.security.authentication.event.LoggerListener" />
	<!-- 自定义资源文件   提示信息 -->
	<beans:bean id="messageSource"
class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
		<beans:property name="basenames" value="classpath:message_zh_CN">
</beans:property>
	</beans:bean>
	<!-- 配置过滤器 -->
	<beans:bean id="myFilter"
		class="com.taskmanager.web.security.MySecurityFilter">
	<!-- 用户拥有的权限 -->
	<beans:property name="authenticationManager" ref="myAuthenticationManager" />
	<!-- 用户是否拥有所请求资源的权限 -->
	<beans:property name="accessDecisionManager" ref="myAccessDecisionManager" />
	<!-- 资源与权限对应关系 -->
	<beans:property name="securityMetadataSource" ref="mySecurityMetadataSource" />
	</beans:bean>
	<!-- 实现了UserDetailsService的Bean -->
	<authentication-manager alias="myAuthenticationManager">
		<authentication-provider user-service-ref="myUserDetailServiceImpl">
			<!-- 登入 密码  采用MD5加密 -->
			<password-encoder hash="md5" ref="passwordEncoder">
			</password-encoder>
		</authentication-provider>
	</authentication-manager>
	<!-- 验证用户请求资源  是否拥有权限 -->
	<beans:bean id="myAccessDecisionManager"
		class="com.taskmanager.web.security.MyAccessDecisionManager">
	</beans:bean>
	<!-- 系统运行时加载 系统要拦截的资源   与用户请求时要过滤的资源 -->
	<beans:bean id="mySecurityMetadataSource"
		class="com.taskmanager.web.security.MySecurityMetadataSource">
		<beans:constructor-arg name="powerService" ref="powerService">
</beans:constructor-arg>
	</beans:bean>
	<!-- 获取用户登入角色信息 -->
	<beans:bean id="myUserDetailServiceImpl"
		class="com.taskmanager.web.security.MyUserDetailServiceImpl">
		<beans:property name="userService" ref="userService"></beans:property>
	</beans:bean>

	<!-- 用户的密码加密或解密 -->
	<beans:bean id="passwordEncoder"
class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" />
</beans:beans>  

 

3 web.xml配置文件。

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
	http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
	<context-param>
		<description>Spring applicationContext</description>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/spring/application*.xml
		</param-value>
	</context-param>
<listener>
		<description>SpringContextLoaderListener</description>
		<display-name>SpringContextLoaderListener</display-name>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
<!-- spring scurity 拦截器 -->
	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>*.jh</url-pattern>
		<url-pattern>*.jsp</url-pattern>
		<url-pattern>/j_spring_security_check</url-pattern>
		<url-pattern>/j_spring_security_logout</url-pattern>
	</filter-mapping>
 

4、流程

 1)容器启动(MySecurityMetadataSource:loadResourceDefine加载系统资源与权限列表)
 2)用户发出请求
 3)过滤器拦截(MySecurityFilter:doFilter)
 4)取得请求资源所需权限(MySecurityMetadataSource:getAttributes)
 5)匹配用户拥有权限和请求权限(MyAccessDecisionManager:decide),如果用户没有相应的权限,

     执行第6步,否则执行第7步。
 6)登录
 7)验证并授权(MyUserDetailServiceImpl:loadUserByUsername)

 

5、权限sql脚本

/*
Navicat MySQL Data Transfer

Source Server         : mysql
Source Server Version : 50015
Source Host           : localhost:8036
Source Database       : taskmanager

Target Server Type    : MYSQL
Target Server Version : 50015
File Encoding         : 65001

Date: 2012-12-26 17:26:38
*/

SET FOREIGN_KEY_CHECKS=0;
-- ----------------------------
-- Table structure for `s_dict`
-- ----------------------------
DROP TABLE IF EXISTS `s_dict`;
CREATE TABLE `s_dict` (
  `ID` int(50) NOT NULL auto_increment,
  `DictType` varchar(10) NOT NULL,
  `Code` varchar(20) NOT NULL,
  `Name` varchar(50) NOT NULL,
  `ParentID` varchar(20) default NULL,
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk;



-- ----------------------------
-- Table structure for `t_sys_character`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_character`;
CREATE TABLE `t_sys_character` (
  `ID` varchar(50) NOT NULL COMMENT '角色ID',
  `NAME` varchar(30) NOT NULL COMMENT '角色名称',
  `DESCRIPT` varchar(200) default NULL COMMENT '角色描述',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '菜单状态',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  `SEQID` decimal(12,0) default NULL COMMENT '顺序号',
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='角色表';

-- ----------------------------
-- Records of t_sys_character
-- ----------------------------
INSERT INTO t_sys_character VALUES ('297ef0cb3915b16a013915c7eb112312', '系统管理员', '系统管理员1', '1', '999999999999999', '2012-09-03 14:03:25', '', null);
INSERT INTO t_sys_character VALUES ('8a8a9691396b237101396b44825a0001', '分发任务', '任务分发', '1', '999999999999999', '2012-09-02 15:55:12', '', null);
INSERT INTO t_sys_character VALUES ('8a8a9691396b237101396b44aa060002', '任务接受', '任务接受', '1', '999999999999999', '2012-09-02 15:55:39', '', null);
INSERT INTO t_sys_character VALUES ('8a8a9691396b237101396b55f45b0017', '任务审核', '任务审核', '1', '999999999999999', '2012-09-02 15:55:57', '', null);
INSERT INTO t_sys_character VALUES ('8a8a9691398b2dc201398b2f0c400001', '测试', '测试', '1', '999999999999999', '2012-09-03 16:11:19', null, null);

-- ----------------------------
-- Table structure for `t_sys_charofgroup`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_charofgroup`;
CREATE TABLE `t_sys_charofgroup` (
  `ID` varchar(50) NOT NULL COMMENT 'ID',
  `GROUPID` varchar(50) NOT NULL COMMENT '用户组ID',
  `CHARID` varchar(50) NOT NULL COMMENT '角色ID',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  PRIMARY KEY  (`ID`),
  KEY `t_sys_charofgroup_groupid` (`GROUPID`),
  KEY `t_sys_charofgroup_charid` (`CHARID`),
  CONSTRAINT `t_sys_charofgroup_charid` FOREIGN KEY (`CHARID`) REFERENCES `t_sys_character` (`ID`) ON DELETE CASCADE,
  CONSTRAINT `t_sys_charofgroup_groupid` FOREIGN KEY (`GROUPID`) REFERENCES `t_sys_usergroup` (`ID`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户组角色表';

-- ----------------------------
-- Records of t_sys_charofgroup
-- ----------------------------
INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b4bd0c6000a', '8a8a9691396b237101396b4b98be0009', '8a8a9691396b237101396b44aa060002', '1', '999999999999999', '2012-08-28 11:34:54', null);
INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b4bebb0000b', '8a8a9691396b237101396b4b819c0008', '8a8a9691396b237101396b44825a0001', '1', '999999999999999', '2012-08-28 11:35:01', null);
INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b594d2a001e', '1234567890', '297ef0cb3915b16a013915c7eb112312', '1', '999999999999999', '2012-08-28 11:49:38', null);
INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b5ec80f0022', '8a8a9691396b237101396b5ea8230021', '8a8a9691396b237101396b55f45b0017', '1', '999999999999999', '2012-08-28 11:55:37', null);

-- ----------------------------
-- Table structure for `t_sys_department`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_department`;
CREATE TABLE `t_sys_department` (
  `ID` varchar(50) NOT NULL COMMENT 'ID',
  `ZJJGDM` varchar(9) default NULL COMMENT '部门组织机构代码',
  `CODE` varchar(20) NOT NULL COMMENT '部门简码',
  `ABBRNAME` varchar(30) NOT NULL COMMENT '是否股室',
  `NAME` varchar(60) NOT NULL COMMENT '部门全体',
  `CHIEF` varchar(50) default NULL COMMENT '部门负责人名称',
  `INNET` decimal(1,0) default '1' COMMENT '是否在网',
  `ORDERNO` decimal(6,0) default NULL COMMENT '排列顺序',
  `STATUS` decimal(1,0) default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `OTHERS` varchar(50) default NULL COMMENT '备注',
  `ISENFOREORG` decimal(1,0) default '1' COMMENT '是否行政审批部门',
  `WEBSITENAME` varchar(100) default NULL COMMENT '门户网站名称',
  `WEBSITEADDR` varchar(200) default NULL COMMENT '门户网站地址',
  `XZQHID` varchar(20) default NULL COMMENT '行政区划ID',
  `JGGXSBM` varchar(4) default NULL COMMENT '监管关系识别码',
  `layer` int(11) NOT NULL default '1',
  `PARENTID` varchar(50) default NULL COMMENT '上级部门ID',
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='部门信息表';

-- ----------------------------
-- Records of t_sys_department
-- ----------------------------
INSERT INTO t_sys_department VALUES ('297ef0cb391b4ce301391b4e3d8e0001', null, '123', '否', '123', '999999999999999', '1', '123', '0', '999999999999999', '2012-10-08 17:45:08', null, null, null, '123', null, null, '2', '297ef0cb391b4ce301391b4e3d8e6530');
INSERT INTO t_sys_department VALUES ('297ef0cb391b4ce301391b4e3d8e6530', null, 'gly', '是', '管理员部门', '8a8a9691396b237101396b5f73ef0023', '1', '99', '1', '999999999999999', '2012-09-24 14:04:11', null, null, null, '', null, null, '1', '');

-- ----------------------------
-- Table structure for `t_sys_duty`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_duty`;
CREATE TABLE `t_sys_duty` (
  `id` varchar(50) NOT NULL COMMENT '职位代码',
  `name` varchar(20) NOT NULL COMMENT '职位名称',
  `ORDERNO` int(3) default NULL COMMENT '排序号',
  PRIMARY KEY  (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk;

-- ----------------------------
-- Records of t_sys_duty
-- ----------------------------
INSERT INTO t_sys_duty VALUES ('0001', '办事员', '1');
INSERT INTO t_sys_duty VALUES ('0002', '科员', '15');
INSERT INTO t_sys_duty VALUES ('0003', '站长', '16');

-- ----------------------------
-- Table structure for `t_sys_menu`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_menu`;
CREATE TABLE `t_sys_menu` (
  `ID` varchar(50) NOT NULL COMMENT 'ID',
  `NAME` varchar(30) NOT NULL COMMENT '菜单名称',
  `DESCRIPT` varchar(200) default NULL COMMENT '描述',
  `LAYER` int(1) NOT NULL default '1' COMMENT '层次,只会有1、2、3、4、5'';',
  `PARENTID` varchar(50) default NULL COMMENT '父菜单ID',
  `ACTIONNAME` varchar(100) default NULL COMMENT '响应此菜单的ACTION ,只有此菜单作为末级菜单时才填写',
  `ORDERNO` decimal(3,0) NOT NULL default '0' COMMENT '排列次序',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  `SYSTEM` decimal(1,0) NOT NULL default '0' COMMENT '菜单所属系统',
  `PARAMETER` varchar(50) default NULL COMMENT '链接此菜单的参数',
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='菜单表';

-- ----------------------------
-- Records of t_sys_menu
-- ----------------------------
INSERT INTO t_sys_menu VALUES ('20050909150915816077', '权限代码管理', '', '2', '2006062709371100003', '/manager/power/list.jh', '2', '1', '999999999999999', '2012-08-18 17:47:53', '', '0', '');
INSERT INTO t_sys_menu VALUES ('20050909150953452259', '系统管理', '系统管理', '1', '', '', '0', '0', '999999999999999', '2012-08-17 16:38:14', '', '0', '');
INSERT INTO t_sys_menu VALUES ('20050909679021123458', '部门用户管理', '', '2', '2006062709371100003', '/manager/user/list.jh', '6', '1', '999999999999999', '2012-08-18 17:48:01', '', '0', '');
INSERT INTO t_sys_menu VALUES ('20050916100910655954', '部门用户组管理', '', '2', '2006062709371100003', '/manager/usergroup/list.jh', '5', '1', '999999999999999', '2012-08-18 17:48:10', '', '0', '');
INSERT INTO t_sys_menu VALUES ('2006042709371511122', '角色权限管理', '角色权限管理', '2', '2006062709371100003', '/manager/character/list.jh', '4', '1', '999999999999999', '2012-08-18 17:48:20', '', '0', '');
INSERT INTO t_sys_menu VALUES ('2006051180061800000', '个人设置', '个人设置', '1', '', '', '15', '1', '999999999999999', '2012-08-14 21:50:03', '', '0', '');
INSERT INTO t_sys_menu VALUES ('2006051180061800090', '修改密码', '修改密码', '2', '2006051180061800000', '/manager/user/pass.jh', '7', '1', '999999999999999', '2012-08-18 17:48:45', '', '0', '');
INSERT INTO t_sys_menu VALUES ('2006061909095300001', '系统菜单管理', '系统菜单管理', '2', '2006062709371100003', '/manager/menu/list.jh', '3', '1', '999999999999999', '2012-08-18 17:48:52', '', '0', '');
INSERT INTO t_sys_menu VALUES ('2006062709371100003', '系统管理', '系统管理', '1', '', '', '1', '1', '999999999999999', '2012-08-17 16:21:38', '系统管理', '0', '');
INSERT INTO t_sys_menu VALUES ('297ef0cb3913a1ff013913ac623d0001', '部门管理', '部门管理', '2', '2006062709371100003', '/manager/department/list.jh', '13', '1', '999999999999999', '2012-08-18 17:49:04', '部门管理', '0', '');
INSERT INTO t_sys_menu VALUES ('402880013956bf7e01395707b2050001', '审核', '任务审核', '2', '8a8a96913933a87f013933b0be1f0001', '/case/auditList.jh', '18', '1', '999999999999999', '2012-08-24 13:12:00', '', '0', '');
INSERT INTO t_sys_menu VALUES ('402880013956bf7e01395707ef1e0002', '完成', '任务完成', '2', '8a8a96913933a87f013933b0be1f0001', '/case/fulfilList.jh', '19', '0', '999999999999999', '2012-09-24 17:01:04', '', '0', '');
INSERT INTO t_sys_menu VALUES ('40288001397655b80139765885070001', '查询', '任务查询', '2', '8a8a96913933a87f013933b0be1f0001', '/case/queryList.jh', '20', '1', '999999999999999', '2012-08-30 15:09:04', '', '0', '');
INSERT INTO t_sys_menu VALUES ('40288001397655b80139765921080002', '统计', '任务统计', '2', '8a8a96913933a87f013933b0be1f0001', '/case/statisticsList.jh', '21', '1', '999999999999999', '2012-08-30 15:11:54', '', '0', '');
INSERT INTO t_sys_menu VALUES ('8a8a9691390a5c7001390a6703e70003', '安全退出', '安全退出', '2', '2006051180061800000', '/j_spring_security_logout', '11', '1', '999999999999999', '2012-08-09 16:01:27', '', '0', '');
INSERT INTO t_sys_menu VALUES ('8a8a96913933a87f013933b0be1f0001', '任务管理', '任务管理', '1', '', '', '0', '1', '999999999999999', '2012-08-17 16:38:27', '任务管理', '0', '');
INSERT INTO t_sys_menu VALUES ('8a8a96913933a87f013933b4c32d0002', '创建', '创建任务', '2', '8a8a96913933a87f013933b0be1f0001', '/case/createCase.jh', '15', '0', '999999999999999', '2012-09-21 22:45:17', '创建新任务', '0', '');
INSERT INTO t_sys_menu VALUES ('8a8a96913933a87f013933bdd022000b', '接收', '接收任务', '2', '8a8a96913933a87f013933b0be1f0001', '/case/receiveCase.jh', '16', '1', '999999999999999', '2012-08-18 17:49:30', '', '0', '');
INSERT INTO t_sys_menu VALUES ('8a8a9691394d77c001394da115300005', '发布', '分发任务', '2', '8a8a96913933a87f013933b0be1f0001', '/case/distributionCase.jh', '17', '1', '999999999999999', '2012-08-22 17:20:48', '分发任务', '0', '');
INSERT INTO t_sys_menu VALUES ('8a8a9691398ad08401398ad2adf20001', '系统权限管理', '系统权限管理', '2', '2006062709371100003', '/manager/powerSystem/list.jh', '4', '1', '999999999999999', '2012-09-03 14:30:26', '', '0', '');

-- ----------------------------
-- Table structure for `t_sys_power`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_power`;
CREATE TABLE `t_sys_power` (
  `ID` varchar(50) NOT NULL COMMENT '权限ID',
  `NAME` varchar(30) NOT NULL COMMENT '权限名称',
  `DESCRIPT` varchar(200) default NULL COMMENT '描述',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `ISPUBLIC` decimal(1,0) default '0' COMMENT '是否公共权限',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='权限代码表';

-- ----------------------------
-- Records of t_sys_power
-- ----------------------------
INSERT INTO t_sys_power VALUES ('200512012106555', '系统管理部门用户管理', '系统管理部门用户管理', '1', '1', '999999999999999', '2012-08-14 21:02:38', '');
INSERT INTO t_sys_power VALUES ('8a8a96913933a87f013933b6c0f10003', '任务分发组', '任务分发组的全新', '1', '1', '999999999999999', '2012-08-17 16:32:58', null);
INSERT INTO t_sys_power VALUES ('8a8a96913933a87f013933b768ba0004', '公共权限', '登入者通用的权限', '1', '1', '999999999999999', '2012-08-17 16:33:41', null);
INSERT INTO t_sys_power VALUES ('8a8a9691396b237101396b45cf5c0003', '任务接受组', '任务接受组', '1', '1', '999999999999999', '2012-08-28 11:28:20', null);
INSERT INTO t_sys_power VALUES ('8a8a9691396b237101396b523c350012', '任务审核', '', '1', '1', '999999999999999', '2012-08-28 11:41:55', null);

-- ----------------------------
-- Table structure for `t_sys_powerofaction`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_powerofaction`;
CREATE TABLE `t_sys_powerofaction` (
  `ID` varchar(50) NOT NULL COMMENT 'ID',
  `POWERID` varchar(50) NOT NULL COMMENT '权限ID',
  `ACTIONNAME` varchar(100) NOT NULL COMMENT '权限对应的ACTION名称',
  `DESCRIPT` varchar(200) default NULL COMMENT '描述',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  PRIMARY KEY  (`ID`),
  KEY `t_sys_powerofaction_id` (`POWERID`),
  KEY `t_sys_powerofaction_prid` (`POWERID`),
  CONSTRAINT `t_sys_powerofaction_prid` FOREIGN KEY (`POWERID`) REFERENCES `t_sys_power` (`ID`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='权限对应ACTION表';

-- ----------------------------
-- Records of t_sys_powerofaction
-- ----------------------------
INSERT INTO t_sys_powerofaction VALUES ('200512012102112', '200512012106555', '/manager/power/list.jh', '权限代码管理', '1', '999999999999999', '2012-08-18 17:46:27', null);
INSERT INTO t_sys_powerofaction VALUES ('200512012197343', '200512012106555', '/manager/menu/list.jh', '菜单管理', '1', '999999999999999', '2012-08-18 17:50:23', null);
INSERT INTO t_sys_powerofaction VALUES ('200512012197349', '200512012106555', '/manager/character/list.jh', '角色权限管理', '1', '999999999999999', '2012-08-18 17:50:34', null);
INSERT INTO t_sys_powerofaction VALUES ('200512012412244', '200512012106555', '/manager/user/list.jh', '部门用户管理', '1', '999999999999999', '2012-08-18 17:50:40', null);
INSERT INTO t_sys_powerofaction VALUES ('200512012435444', '200512012106555', '/manager/usergroup/list.jh', '部门用户组管理', '1', '999999999999999', '2012-08-18 17:50:47', null);
INSERT INTO t_sys_powerofaction VALUES ('297ef0cb3913a1ff013913ad56520002', '200512012106555', '/manager/department/list.jh', '部门管理', '1', '999999999999999', '2012-08-18 17:50:56', null);
INSERT INTO t_sys_powerofaction VALUES ('40288001397655b80139765d3f990003', '8a8a96913933a87f013933b768ba0004', '/case/queryList.jh', '任务查询', '1', '999999999999999', '2012-08-30 15:09:46', null);
INSERT INTO t_sys_powerofaction VALUES ('40288001397655b80139765ea8ce0004', '8a8a96913933a87f013933b768ba0004', '/case/statisticsList.jh', '任务统计', '1', '999999999999999', '2012-08-30 15:11:18', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a96913933a87f013933b8268c0005', '8a8a96913933a87f013933b768ba0004', '/system/default.jsp', '系统默认首页', '1', '999999999999999', '2012-08-20 13:09:49', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a96913933a87f013933b8b05d0006', '8a8a96913933a87f013933b768ba0004', '/manager/user/pass.jh', '修改密码', '1', '999999999999999', '2012-08-18 17:52:09', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a96913933a87f013933b91adf0007', '8a8a96913933a87f013933b6c0f10003', '/case/createCase.jh', '创建任务', '1', '999999999999999', '2012-08-18 17:51:19', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a9691394d77c001394da301500006', '8a8a96913933a87f013933b6c0f10003', '/case/distributionCase.jh', '任务分发', '1', '999999999999999', '2012-08-22 17:21:31', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a9691396b237101396b469b660004', '8a8a9691396b237101396b45cf5c0003', '/case/receiveCase.jh', '任务接受', '1', '999999999999999', '2012-08-28 11:29:13', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a9691396b237101396b47605c0005', '8a8a9691396b237101396b45cf5c0003', '/case/fulfilList.jh', '任务完成', '1', '999999999999999', '2012-08-28 11:30:03', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a9691396b237101396b52745c0013', '8a8a9691396b237101396b523c350012', '/case/auditList.jh', '任务审核', '1', '999999999999999', '2012-08-28 11:42:09', null);
INSERT INTO t_sys_powerofaction VALUES ('8a8a9691398ad08401398ad3798f0002', '200512012106555', '/manager/powerSystem/list.jh', '系统权限管理', '1', '999999999999999', '2012-09-03 14:31:18', null);

-- ----------------------------
-- Table structure for `t_sys_powerofchar`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_powerofchar`;
CREATE TABLE `t_sys_powerofchar` (
  `ID` varchar(50) NOT NULL COMMENT 'ID',
  `CHARID` varchar(50) NOT NULL COMMENT '角色ID',
  `POWERID` varchar(50) NOT NULL COMMENT '权限ID',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  PRIMARY KEY  (`ID`),
  KEY `t_sys_powerofchar_powerid` (`POWERID`),
  KEY `t_sys_powerofchar_cid` (`CHARID`),
  KEY `t_sys_powerofchar_chid` (`CHARID`),
  KEY `t_sys_powerof_prid` (`POWERID`),
  CONSTRAINT `t_sys_powerofchar_chid` FOREIGN KEY (`CHARID`) REFERENCES `t_sys_character` (`ID`) ON DELETE CASCADE,
  CONSTRAINT `t_sys_powerof_prid` FOREIGN KEY (`POWERID`) REFERENCES `t_sys_power` (`ID`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='角色权限表';

-- ----------------------------
-- Records of t_sys_powerofchar
-- ----------------------------
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4edd4a000e', '8a8a9691396b237101396b44825a0001', '8a8a96913933a87f013933b6c0f10003', '1', '999999999999999', '2012-08-28 11:38:14', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4edd4a000f', '8a8a9691396b237101396b44825a0001', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:38:14', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4ef14f0010', '8a8a9691396b237101396b44aa060002', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:38:19', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4ef14f0011', '8a8a9691396b237101396b44aa060002', '8a8a9691396b237101396b45cf5c0003', '1', '999999999999999', '2012-08-28 11:38:19', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924b30019', '297ef0cb3915b16a013915c7eb112312', '200512012106555', '1', '999999999999999', '2012-08-28 11:49:27', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924b3001a', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b6c0f10003', '1', '999999999999999', '2012-08-28 11:49:27', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924c3001b', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:49:27', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924c3001c', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b45cf5c0003', '1', '999999999999999', '2012-08-28 11:49:27', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924d2001d', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b523c350012', '1', '999999999999999', '2012-08-28 11:49:27', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5e28c2001f', '8a8a9691396b237101396b55f45b0017', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:54:56', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5e28c20020', '8a8a9691396b237101396b55f45b0017', '8a8a9691396b237101396b523c350012', '1', '999999999999999', '2012-08-28 11:54:56', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090010', '297ef0cb3915b16a013915c7eb112312', '200512012106555', '1', '999999999999999', '2012-09-03 16:14:46', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090011', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b6c0f10003', '1', '999999999999999', '2012-09-03 16:14:46', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090012', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-09-03 16:14:46', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090013', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b45cf5c0003', '1', '999999999999999', '2012-09-03 16:14:46', null);
INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090014', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b523c350012', '1', '999999999999999', '2012-09-03 16:14:46', null);

-- ----------------------------
-- Table structure for `t_sys_powersystem`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_powersystem`;
CREATE TABLE `t_sys_powersystem` (
  `ID` varchar(20) NOT NULL,
  `role_name` varchar(20) NOT NULL,
  `intercept_url` varchar(50) NOT NULL,
  `STATUS` decimal(11,0) NOT NULL default '1',
  `MODPERSON` varchar(20) default NULL,
  `MODTIME` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  `REMARK` varchar(100) default NULL,
  `DESCRIPT` varchar(50) default NULL,
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk;

-- ----------------------------
-- Records of t_sys_powersystem
-- ----------------------------
INSERT INTO t_sys_powersystem VALUES ('9201209031534081000', 'role_admin', '/manager/**/*.jh', '1', '999999999999999', '2012-09-03 15:34:08', '管理员', null);
INSERT INTO t_sys_powersystem VALUES ('9201209031534551001', 'role_admin', '/system/manager/**/*.jsp', '1', '999999999999999', '2012-09-03 15:34:55', '管理员', null);

-- ----------------------------
-- Table structure for `t_sys_powersystemofchar`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_powersystemofchar`;
CREATE TABLE `t_sys_powersystemofchar` (
  `ID` varchar(20) NOT NULL,
  `CHARID` varchar(50) default NULL,
  `POWERsystemID` varchar(50) default NULL,
  `STATUS` decimal(11,0) NOT NULL default '1',
  `MODPERSON` varchar(20) default NULL,
  `MODTIME` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
  `REMARK` varchar(100) default NULL,
  PRIMARY KEY  (`ID`),
  KEY `t_sys_powersystemofchar_CHARID` (`CHARID`),
  KEY `t_sys_powersystemofchar_POWERsystemID` (`POWERsystemID`),
  CONSTRAINT `t_sys_powersystemofchar_CHARID` FOREIGN KEY (`CHARID`) REFERENCES `t_sys_character` (`ID`),
  CONSTRAINT `t_sys_powersystemofchar_POWERsystemID` FOREIGN KEY (`POWERsystemID`) REFERENCES `t_sys_powersystem` (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk;

-- ----------------------------
-- Records of t_sys_powersystemofchar
-- ----------------------------
INSERT INTO t_sys_powersystemofchar VALUES ('9201209031608531000', '297ef0cb3915b16a013915c7eb112312', '9201209031534081000', '1', '999999999999999', '2012-09-03 16:08:53', null);
INSERT INTO t_sys_powersystemofchar VALUES ('9201209031608531001', '297ef0cb3915b16a013915c7eb112312', '9201209031534551001', '1', '999999999999999', '2012-09-03 16:08:53', null);



-- ----------------------------
-- Table structure for `t_sys_user`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_user`;
CREATE TABLE `t_sys_user` (
  `ID` varchar(50) NOT NULL COMMENT '用户ID',
  `CODE` varchar(20) NOT NULL COMMENT '用户登入代码',
  `NAME` varchar(40) NOT NULL COMMENT '用户中文姓名',
  `PASSWORD` varchar(60) NOT NULL COMMENT '用户登入密码',
  `DUTYID` varchar(6) NOT NULL COMMENT '职务',
  `LOGINTYPE` decimal(1,0) default '0' COMMENT '登入类别',
  `SEX` decimal(1,0) default '1' COMMENT '性别',
  `MOBILE` varchar(50) default NULL COMMENT '手机',
  `EMAIL` varchar(120) default NULL COMMENT '邮件',
  `CAID` varchar(128) default NULL COMMENT '对应CA的唯一ID',
  `ORDERNO` varchar(6) default NULL COMMENT '排列顺序',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  `departmentID` varchar(59) NOT NULL,
  PRIMARY KEY  (`ID`),
  UNIQUE KEY `CODE_UNIQUE` (`CODE`),
  KEY `t_sys_userdepartmentID` (`departmentID`),
  KEY `t_sys_userdutyID` (`DUTYID`),
  CONSTRAINT `t_sys_userdepartmentID` FOREIGN KEY (`departmentID`) REFERENCES `t_sys_department` (`ID`) ON DELETE NO ACTION,
  CONSTRAINT `t_sys_userdutyID` FOREIGN KEY (`DUTYID`) REFERENCES `t_sys_duty` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户表';

-- ----------------------------
-- Records of t_sys_user
-- ----------------------------
INSERT INTO t_sys_user VALUES ('8a8a9691396b237101396b4e0624000c', '123456', '任务分发', 'e10adc3949ba59abbe56e057f20f883e', '0001', null, '1', '', '', null, '', '1', '999999999999999', '2012-08-28 11:37:19', '', '297ef0cb391b4ce301391b4e3d8e6530');
INSERT INTO t_sys_user VALUES ('8a8a9691396b237101396b5f73ef0023', '666666', '任务接受', 'f379eaf3c831b04de153469d1bec345e', '0003', null, '1', '', '', null, '', '1', '999999999999999', '2012-08-28 11:56:21', '', '297ef0cb391b4ce301391b4e3d8e6530');
INSERT INTO t_sys_user VALUES ('999999999999999', 'admin', '超级管理员', '21232f297a57a5a743894a0e4a801fc3', '0022', null, '1', '', 'zhou@136.com', null, '20', '1', '999999999999999', '2012-09-14 11:17:18', '123', '297ef0cb391b4ce301391b4e3d8e6530');

-- ----------------------------
-- Table structure for `t_sys_usergroup`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_usergroup`;
CREATE TABLE `t_sys_usergroup` (
  `ID` varchar(50) NOT NULL COMMENT '用户组ID',
  `NAME` varchar(30) NOT NULL COMMENT '用户组名称',
  `DESCRIPT` varchar(200) default NULL COMMENT '描述',
  `DEPARTID` varchar(20) default NULL COMMENT '部门ID',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  `PARENT` varchar(20) default NULL,
  `XZQHID` varchar(20) default NULL COMMENT '关联的行政区域ID',
  `LAYER` decimal(2,0) default NULL,
  PRIMARY KEY  (`ID`)
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户组表';

-- ----------------------------
-- Records of t_sys_usergroup
-- ----------------------------
INSERT INTO t_sys_usergroup VALUES ('1234567890', '系统管理员组', '系统管理员', null, '1', '999999999999999', '2012-08-18 18:11:52', null, null, null, null);
INSERT INTO t_sys_usergroup VALUES ('8a8a9691396b237101396b4b819c0008', '任务分发', '任务分发', null, '1', '999999999999999', '2012-08-28 11:34:34', null, null, null, null);
INSERT INTO t_sys_usergroup VALUES ('8a8a9691396b237101396b4b98be0009', '任务接受', '任务接受', null, '1', '999999999999999', '2012-08-28 11:34:40', null, null, null, null);
INSERT INTO t_sys_usergroup VALUES ('8a8a9691396b237101396b5ea8230021', '任务审核', '任务审核', null, '1', '999999999999999', '2012-08-28 11:55:29', null, null, null, null);

-- ----------------------------
-- Table structure for `t_sys_userofusergroup`
-- ----------------------------
DROP TABLE IF EXISTS `t_sys_userofusergroup`;
CREATE TABLE `t_sys_userofusergroup` (
  `ID` varchar(50) NOT NULL,
  `USERID` varchar(50) NOT NULL COMMENT '用户ID',
  `USERGROUPID` varchar(50) NOT NULL COMMENT '用户组ID',
  `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效',
  `MODPERSON` varchar(50) default NULL COMMENT '最后修改人',
  `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间',
  `REMARK` varchar(100) default NULL COMMENT '备注',
  PRIMARY KEY  (`ID`),
  KEY `t_sys_userofusergroup_userid` (`USERID`),
  KEY `t_sys_userofusergroup_usergroupid` (`USERGROUPID`),
  CONSTRAINT `t_sys_userofusergroup_usergroupid` FOREIGN KEY (`USERGROUPID`) REFERENCES `t_sys_usergroup` (`ID`) ON DELETE CASCADE,
  CONSTRAINT `t_sys_userofusergroup_userid` FOREIGN KEY (`USERID`) REFERENCES `t_sys_user` (`ID`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户组对应用户关系表';

-- ----------------------------
-- Records of t_sys_userofusergroup
-- ----------------------------
INSERT INTO t_sys_userofusergroup VALUES ('297ef0cb3919d144013919e873fd0008', '999999999999999', '1234567890', '1', '999999999999999', '2012-08-13 09:48:56', null);
INSERT INTO t_sys_userofusergroup VALUES ('8a8a9691396b237101396b4e0634000d', '8a8a9691396b237101396b4e0624000c', '8a8a9691396b237101396b4b819c0008', '1', '8a8a9691396b237101396b4e0624000c', '2012-08-28 11:37:19', null);
INSERT INTO t_sys_userofusergroup VALUES ('8a8a9691396b237101396b5f73ff0024', '8a8a9691396b237101396b5f73ef0023', '8a8a9691396b237101396b4b98be0009', '1', '8a8a9691396b237101396b5f73ef0023', '2012-08-28 11:56:21', null);

 

6 、附件为完整程序与数据库脚本, 导入sql脚本时请注意工具的差异化, 我用的工具是Navicat Lite

 

下篇期待linux相关文章

  • backs.zip (6.1 KB)
  • 描述: 数据库脚本
  • 下载次数: 1003
  • lib2.zip (5.4 MB)
  • 描述: 包
  • 下载次数: 1141
分享到:
评论
7 楼 zhengqiang.wu 2015-06-02  
zhangyu_2100 写道
程序启动的时候加载系统资源与权限列表,启动完成之后,如果从数据库删除系统资源与权限的关系,如何保障加载的数据与数据库存放的数据一致性?

我也想问同样的问题,现在我就是遇到这个问题了,我现在把那几个map放到userService的实现里了!单点登陆系统session过来,再加载权限
6 楼 yp0123456789 2014-08-29  
MySecurityMetadataSource 初始化资源权限映射,提供获取某用户权限映射。
MyUserDetailServiceImpl 登陆验证并获取用户权限。
MyAccessDecisionManager 双重循环资源权限映射和某用户权限映射进行判断。
MySecurityFilter 触发过滤器,触发调用上述方法。
5 楼 yp0123456789 2014-08-29  
好好说话。一个很简单的东西说的谁都听不懂。你这个说话方式叫做程序体吗?
4 楼 ice86rain 2014-02-24  
您好,我下载你的源码,数据库链接拒绝, org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mySecurityMetadataSource' defined in ServletContext resource [/WEB-INF/spring/application-security.xml]: Instantiation of bean failed; nested exception is org.springframework.beans.BeanInstantiationException: Could not instantiate bean class [com.taskmanager.web.security.MySecurityMetadataSource]: Constructor threw exception; nested exception is org.hibernate.exception.JDBCConnectionException: Cannot open connection
很多错误,怎么才能修改正确,我的QQ 940054977
3 楼 ga0yang 2013-12-21  
2楼问的我也想知道
2 楼 zhangyu_2100 2013-08-20  
程序启动的时候加载系统资源与权限列表,启动完成之后,如果从数据库删除系统资源与权限的关系,如何保障加载的数据与数据库存放的数据一致性?
1 楼 429537044 2013-01-16  
学习了。多谢

相关推荐

    Spring Security3 配置使用

    **Spring Security 3 配置使用详解** Spring Security 是一个强大的、高度可定制的身份验证和访问控制框架,广泛应用于Java企业级应用中。在Spring Security 3版本中,它提供了许多改进和新特性,旨在简化安全配置...

    Spring Security3配置使用.rar

    本文件“Spring Security3配置使用.rar”包含了关于如何配置和使用Spring Security3的具体代码和配置信息,帮助开发者理解和实践这个框架的核心功能。 1. **基本概念** - **认证(Authentication)**:确定用户...

    spring-security3 配置和使用

    Spring Security 3 配置和使用 Spring Security 是一个强大且灵活的安全框架,旨在保护基于 Java 的 Web 应用程序。Spring Security 3 是 Spring Security 框架的第三个主要版本,提供了许多新的功能和改进。下面...

    springsecurity使用配置详解

    在提供的压缩包`springsecurity配置demo`中,你将找到示例代码和详细说明,这将帮助你更好地理解和实践上述概念。通过学习和实践这些示例,你将能够为自己的Spring应用程序构建强大的安全防护。

    SpringSecurity 3配置文件

    在本文中,我们将深入探讨Spring Security 3的配置文件,以及如何理解和使用这些配置来增强应用的安全性。 首先,Spring Security的配置通常位于一个或多个XML文件中,这些文件通过`&lt;beans&gt;`标签定义了安全相关的...

    spring security3配置和使用实例+教程

    教程文档`教你使用_SpringSecurity_3.0_52页.pdf`会详细指导你如何一步步配置和使用Spring Security。它应该包含了配置文件的示例、如何集成到Spring应用中、如何创建自定义认证逻辑以及如何进行授权设置等内容。...

    spring security2配置

    在这个"Spring Security2配置"的主题中,我们将深入探讨如何配置Spring Security来保护我们的应用程序,以及它的一些核心概念。 首先,让我们理解Spring Security的基本组件。`Users.java`、`Roles.java`暗示了用户...

    spring security3配置和使用

    ### Spring Security3 配置与使用详解 #### 一、Spring Security3 概览 Spring Security 是一个功能强大且高度可定制的身份验证和访问控制框架。最初由 Ben Alex 在 2003 年创建,名为 "The Acegi Security System...

    spring security 项目配置源码

    在这个"Spring Security 项目配置源码"中,我们有机会深入理解这个框架如何在实际项目中配置和使用。下面将详细介绍Spring Security的核心概念、配置过程以及如何在Eclipse环境中运行该项目。 1. **核心概念** - *...

    spring security 2 配置说明

    - **配置**:这是Spring Security配置中最核心的部分,通过`&lt;http&gt;`元素可以定义哪些URL需要进行身份验证和授权。`auto-config='true'`属性表示自动配置,简化了配置过程。`&lt;intercept-url&gt;`元素用于指定特定URL的...

    Spring Security 基本使用和配置代码

    这是自定义Spring Security配置的主要地方。你可以重写`configure(HttpSecurity http)`方法来定义HTTP安全规则。 ```java @Configuration @EnableWebSecurity public class SecurityConfig extends ...

    spring security3 中文版本

    ### Spring Security 3.0.1 中文版知识点解析...通过上述知识点的介绍,我们了解了 Spring Security 的核心概念、配置方式以及一些高级特性,这有助于开发者更好地利用 Spring Security 为应用程序构建强大的安全防护。

    Spring Security in Action

    Spring Security 实践指南 ...* 高度可配置性:Spring Security 的配置项非常灵活,可以根据实际需求进行配置。 Spring Security 是一个功能强大且灵活的安全框架,广泛应用于 Java 应用开发中。

    spring security3配置

    4. **集成到Spring Security配置中**:在`applicationContext_security.xml`中配置自定义的安全元数据源。 通过以上步骤,就可以实现动态的权限管理机制,使得应用程序能够根据数据库中的配置实时调整用户的访问...

    spring_security3_0_5安全配置手册

    - springsecurity3.0.5 - commonslogging1.6.1 - oraclejdbc1.1 这些依赖包提供了Spring Security框架运行所必需的类库和驱动支持。 #### 4. 配置过滤器 为了在Spring应用中使用Spring Security,需要在web.xml...

    spring security 使用及配置

    Spring Security 使用及配置 Spring Security 是一个基于 Java 的安全框架,提供了丰富的安全功能,包括身份验证、授权、加密、会话管理等。下面将对 Spring Security 的使用及配置进行详细介绍。 身份验证 身份...

Global site tag (gtag.js) - Google Analytics