- 浏览: 422895 次
- 性别:
- 来自: 广州
最新评论
-
thinkInJava_rKing:
insert ... select...也不行
java检查sql语法是否正确 -
thinkInJava_rKing:
特别不支持各种join查询
java检查sql语法是否正确 -
thinkInJava_rKing:
你这个不支持嵌套 + 各种join union 查询
java检查sql语法是否正确 -
tangze0708:
非常好的汇总
Apache Commons工具集简介 -
630400918:
...
JPA 注解使用
使用Spring Security3的几种方法概述
一种是全部利用配置文件,将用户、权限、资源(url)硬编码在xml文件中,已经实现过。
二种是用户和权限用数据库存储,而资源(url)和权限的对应采用硬编码配置,目前这种方式已经实现。
三种我使用的是第三种 第三种是细分角色和权限,并将用户、角色、权限和资源均采用数据库存储,并且自定义过滤器,代替原有的FilterSecurityInterceptor过滤器,
并分别实现AccessDecisionManager、InvocationSecurityMetadataSourceService和UserDetailsService,并在配置文件中进行相应配置。
四种第四种方式我没有试过 。
业务逻辑
权限代码action为请求路径,权限信息拥有多个权限代码,角色可以拥有多个权限信息, 用户属于用户组,用户组拥有多个角色,用户组必须拥有跟菜单同样权限代码action、页面菜单才能显示 , 最终实现菜单显示与请求路径权限验证。
在上个项目开发中用到的技术: java1.5 + struts2.1.8 + spring3.0.7 + hibernate3.2.5 + spring security3.1.0 + mysql5.5 + tomcat6.0。
我这里只说明spring security,代码是项目里抽取权限部分出来讲解的,
spring security3.1
.0
的11
个jar包,分别为:
spring-security-acl-3.1
.0
.RELEASE.jar
spring-security-config-3.1
.0
.RELEASE.jar
spring-security-core-3.1
.0
.RELEASE.jar
spring-security-taglibs-3.1
.0
.RELEASE.jar
spring-security-web-3.1
.0
.RELEASE.jar
spring-security-aspects-3.1.0.RELEASE.jar
spring-security-cas-3.1.0.RELEASE.jar
spring-security-crypto-3.1.0.RELEASE.jar
spring-security-ldap-3.1.0.RELEASE.jar
spring-security-openid-3.1.0.RELEASE.jar
spring-security-remoting-3.1.0.RELEASE.jar
当然还有其他项目相关
的jar包,不贴出来了
。
年初讲解过spring security的旧版本Acegi的文章xml配置稍微复杂一些, spring security3配置相对比较简单。
Spring Security3 配置使用
1
spring security3 主要实现类。
2
spring security3 主要配置文件。
3 web.xml配置文件。
4 实现流程说明
5 权限sql脚本
6 附件为完整程序与数据库脚本
1、spring security3 主要实现类 (包含4个关键类):
myFilter
(1) MySecurityFilter.java 过滤用户请求
package com.taskmanager.web.security; import java.io.IOException; import java.util.Collection; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityMetadataSource; import org.springframework.security.access.intercept.AbstractSecurityInterceptor; import org.springframework.security.access.intercept.InterceptorStatusToken; import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; public class MySecurityFilter extends AbstractSecurityInterceptor implements Filter { // 与applicationContext-security.xml里的myFilter的属性securityMetadataSource对应, // 其他的两个组件,已经在AbstractSecurityInterceptor定义 private FilterInvocationSecurityMetadataSource securityMetadataSource; @Override public SecurityMetadataSource obtainSecurityMetadataSource() { return this.securityMetadataSource; } public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { FilterInvocation fi = new FilterInvocation(request, response, chain); invoke(fi); } private void invoke(FilterInvocation fi) throws IOException, ServletException { // object为FilterInvocation对象 // super.beforeInvocation(fi);//源码 // 1.获取请求资源的权限 //执行 Collection<ConfigAttribute> attributes = //securityMetadataSource.getAttributes(fi); // 2.是否拥有权限 // this.accessDecisionManager.decide(authenticated, fi, attributes); // this.accessDecisionManager.decide(authenticated, fi, attributes); InterceptorStatusToken token = super.beforeInvocation(fi); try { fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); } finally { super.afterInvocation(token, null); } } public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() { return securityMetadataSource; } public void setSecurityMetadataSource( FilterInvocationSecurityMetadataSource securityMetadataSource) { this.securityMetadataSource = securityMetadataSource; } public void init(FilterConfig arg0) throws ServletException { // TODO Auto-generated method stub } public void destroy() { // TODO Auto-generated method stub } @Override public Class<? extends Object> getSecureObjectClass() { //下面的MyAccessDecisionManager的supports方面必须放回true,否则会提醒类型错误 return FilterInvocation.class; } }
核心的InterceptorStatusToken token = super.beforeInvocation(fi);会调用我们定义的accessDecisionManager:decide(Object object)和securityMetadataSource
:getAttributes(Object object)方法。
(
2)
MySecurityMetadataSource.java
系统启动加载系统权限 用户登入验证权限
package com.taskmanager.web.security; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Set; import java.util.Map.Entry; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.web.FilterInvocation; import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource; import org.springframework.security.web.util.AntPathRequestMatcher; import org.springframework.security.web.util.RequestMatcher; import com.taskmanager.exception.SystemRunException; import com.taskmanager.hibernate.TSysPowerofaction; import com.taskmanager.hibernate.TSysPowersystem; import com.taskmanager.service.inter.PowerInter; //1 加载资源与权限的对应关系 /** * 该过滤器的主要作用就是通过spring著名的IoC生成securityMetadataSource。 * securityMetadataSource相当于本包中自定义的MyInvocationSecurityMetadataSourceService。 * 该MyInvocationSecurityMetadataSourceService的作用提从数据库提取权限和资源,装配到HashMap中, * 供Spring Security使用,用于权限校验。 * @author sparta 11/3/29 */ public class MySecurityMetadataSource implements FilterInvocationSecurityMetadataSource { //由spring调用 public MySecurityMetadataSource(PowerInter powerService) throws SystemRunException { this.powerService = powerService; loadResourceDefine(); } private PowerInter powerService; private static Map<String, Collection<ConfigAttribute>> resourceMap = null; private RequestMatcher pathMatcher; public Collection<ConfigAttribute> getAllConfigAttributes() { return new ArrayList<ConfigAttribute>(); } public boolean supports(Class<?> clazz) { // TODO Auto-generated method stub return true; } //加载所有资源与权限的关系 private void loadResourceDefine() throws SystemRunException { if (resourceMap == null) { resourceMap = new HashMap<String, Collection<ConfigAttribute>>(); List<TSysPowersystem> resources = this.powerService .findByTSysPowersystem(); for (TSysPowersystem resource : resources) { Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>(); // 以权限名封装为Spring的security Object //resource.getRoleName() 角色名称 可随意 role_admin 或者 admin ConfigAttribute configAttribute = new SecurityConfig(resource.getRoleName()); configAttributes.add(configAttribute); //resource.getInterceptUrl() 格式必须是 拦截的包路径 //或者是 比如 /manager/**/*.jh 或者 /system/manager/**/*.jsp resourceMap.put(resource.getInterceptUrl(), configAttributes); } } } //返回所请求资源所需要的权限 public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException { Iterator<String> it = resourceMap.keySet().iterator(); while (it.hasNext()) { String resURL = it.next(); Iterator<String> ite = resourceMap.keySet().iterator(); pathMatcher = new AntPathRequestMatcher(resURL); if (pathMatcher.matches(((FilterInvocation) object).getRequest())) { Collection<ConfigAttribute> returnCollection = resourceMap.get(resURL); return returnCollection; } } return null; } }
这里的resourcesDao,熟悉Dao设计模式和Spring 注入的朋友应该看得明白。
(
3)
MyUserDetailServiceImpl.java
点击登入跳转
保存
用户权限
package com.taskmanager.web.security; import java.util.Collection; import java.util.HashSet; import java.util.Set; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import com.taskmanager.exception.LoginException; import com.taskmanager.exception.SystemRunException; import com.taskmanager.hibernate.TSysCharacter; import com.taskmanager.hibernate.TSysCharofgroup; import com.taskmanager.hibernate.TSysPowersystemofchar; import com.taskmanager.hibernate.TSysUser; import com.taskmanager.hibernate.TSysUsergroup; import com.taskmanager.hibernate.TSysUserofusergroup; import com.taskmanager.service.inter.UserInter; public class MyUserDetailServiceImpl implements UserDetailsService { UserInter userService; public UserInter getUserService() { return userService; } public void setUserService(UserInter userService) { this.userService = userService; } // 登入默认会调整到这里 public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { System.out.println("username is " + username); TSysUser users=null; try { users = this.userService.findByUsersLogin(username); } catch (LoginException e) { throw new UsernameNotFoundException(username); } catch (SystemRunException e) { throw new UsernameNotFoundException(username); } if (users == null) { throw new UsernameNotFoundException(username); }else { if(!users.getStatus()){ throw new UsernameNotFoundException("该用户处于锁定状态"); } } Collection<GrantedAuthority> grantedAuths = obtionGrantedAuthorities(users); boolean enables = true; boolean accountNonExpired = true; boolean credentialsNonExpired = true; boolean accountNonLocked = true; User userdetail = new User(users.getCode(), users.getPassword(), enables, accountNonExpired, credentialsNonExpired, accountNonLocked, grantedAuths); return userdetail; } // 取得用户的权限 private Set<GrantedAuthority> obtionGrantedAuthorities(TSysUser user) { Set<GrantedAuthority> authSet = new HashSet<GrantedAuthority>(); //获取用户所属组 Set<TSysUserofusergroup> userGroups = user.getTSysUserofusergroups(); for(TSysUserofusergroup userGroup : userGroups ){ //获取用户所属组 组对象 TSysUsergroup usgroup=userGroup.getTSysUsergroup(); //获取用户组对应 角色集合 Set<TSysCharofgroup> charofgroups=usgroup.getTSysCharofgroups(); for (TSysCharofgroup charofgroup : charofgroups) { TSysCharacter character=charofgroup.getTSysCharacter(); //获取角色对应权限集合 Set<TSysPowersystemofchar> powerSystemofchars= character.getTSysPowersystemofchars(); for(TSysPowersystemofchar powerofchar : powerSystemofchars){ authSet.add( new GrantedAuthorityImpl(powerofchar.getTSysPowersystem().getRoleName())); } } } return authSet; } }
(4) MyAccessDecisionManager.java
验证是否拥有访问的权限
package com.taskmanager.web.security; import java.util.Collection; import java.util.Iterator; import org.springframework.security.access.AccessDecisionManager; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.authentication.InsufficientAuthenticationException; import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; /** *AccessdecisionManager在Spring security中是很重要的。 * *在验证部分简略提过了,所有的Authentication实现需要保存在一个GrantedAuthority对象数组中。 *这就是赋予给主体的权限。 GrantedAuthority对象通过AuthenticationManager *保存到 Authentication对象里,然后从AccessDecisionManager读出来,进行授权判断。 * *Spring Security提供了一些拦截器,来控制对安全对象的访问权限,例如方法调用或web请求。 *一个是否允许执行调用的预调用决定,是由AccessDecisionManager实现的。 *这个 AccessDecisionManager 被AbstractSecurityInterceptor调用, *它用来作最终访问控制的决定。 这个AccessDecisionManager接口包含三个方法: * void decide(Authentication authentication, Object secureObject, List<ConfigAttributeDefinition> config) throws AccessDeniedException; boolean supports(ConfigAttribute attribute); boolean supports(Class clazz); 从第一个方法可以看出来,AccessDecisionManager使用方法参数传递所有信息,这好像在认证评估时进行决定。 特别是,在真实的安全方法期望调用的时候,传递安全Object启用那些参数。 比如,让我们假设安全对象是一个MethodInvocation。 很容易为任何Customer参数查询MethodInvocation, 然后在AccessDecisionManager里实现一些有序的安全逻辑,来确认主体是否允许在那个客户上操作。 如果访问被拒绝,实现将抛出一个AccessDeniedException异常。 这个 supports(ConfigAttribute) 方法在启动的时候被 AbstractSecurityInterceptor调用,来决定AccessDecisionManager 是否可以执行传递ConfigAttribute。 supports(Class)方法被安全拦截器实现调用, 包含安全拦截器将显示的AccessDecisionManager支持安全对象的类型。 */ public class MyAccessDecisionManager implements AccessDecisionManager { public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException { if(configAttributes == null) { return; } //所请求的资源拥有的权限(一个资源对多个权限) Iterator<ConfigAttribute> iterator = configAttributes.iterator(); while(iterator.hasNext()) { ConfigAttribute configAttribute = iterator.next(); //访问所请求资源所需要的权限 String needPermission = configAttribute.getAttribute(); System.out.println("needPermission is " + needPermission); //用户所拥有的权限authentication for(GrantedAuthority ga : authentication.getAuthorities()) { if(needPermission.equals(ga.getAuthority())) { return; } } } //没有权限 会跳转到login.jsp页面 throw new AccessDeniedException(" 没有权限访问"); } public boolean supports(ConfigAttribute attribute) { // TODO Auto-generated method stub return true; } public boolean supports(Class<?> clazz) { // TODO Auto-generated method stub return true; } }
2、spring security3 主要配置文件。
<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <global-method-security pre-post-annotations="enabled"> </global-method-security> <!-- 该路径下的资源不用过滤 --> <http pattern="/include/js/**" security="none" /> <http pattern="/include/css/**" security="none" /> <http pattern="/include/scripts/**" security="none" /> <http pattern="/include/jsp/**" security="none" /> <http pattern="/images/**" security="none" /> <http pattern="/login.jsp" security="none" /> <!--auto-config = true 则使用from-login. 如果不使用该属性 则默认为http-basic(没有session).--> <!-- lowercase-comparisons:表示URL比较前先转为小写。--> <!-- path-type:表示使用Apache Ant的匹配模式。--> <!--access-denied-page:访问拒绝时转向的页面。--> <!-- access-decision-manager-ref:指定了自定义的访问策略管理器。--> <http use-expressions="true" auto-config="true" access-denied-page="/include/jsp/timeout.jsp"> <!--login-page:指定登录页面。 --> <!-- login-processing-url:指定了客户在登录页面中按下 Sign In 按钮时要访问的 URL。--> <!-- authentication-failure-url:指定了身份验证失败时跳转到的页面。--> <!-- default-target-url:指定了成功进行身份验证和授权后默认呈现给用户的页面。--> <!-- always-use-default-target:指定了是否在身份验证通过后总是跳转到default-target-url属性指定的URL。 --> <form-login login-page="/login.jsp" default-target-url='/system/default.jsp' always-use-default-target="true" authentication-failure-url="/login.jsp?login_error=1" /> <!--logout-url:指定了用于响应退出系统请求的URL。其默认值为:/j_spring_security_logout。--> <!-- logout-success-url:退出系统后转向的URL。--> <!-- invalidate-session:指定在退出系统时是否要销毁Session。--> <logout invalidate-session="true" logout-success-url="/login.jsp" logout-url="/j_spring_security_logout" /> <!-- 实现免登陆验证 --> <remember-me /> <!-- max-sessions:允许用户帐号登录的次数。范例限制用户只能登录一次。--> <!-- 此值表示:用户第二次登录时,前一次的登录信息都被清空。--> <!-- exception-if-maximum-exceeded:默认为false,--> <!-- 当exception-if-maximum-exceeded="true"时系统会拒绝第二次登录。--> <session-management invalid-session-url="/login.jsp" session-fixation-protection="none"> <concurrency-control max-sessions="1" error-if-maximum-exceeded="false" /> </session-management> <custom-filter ref="myFilter" before="FILTER_SECURITY_INTERCEPTOR" /> <session-management session-authentication-strategy-ref="sas" /> </http> <beans:bean id="sas" class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy"> <beans:constructor-arg name="sessionRegistry" ref="sessionRegistry" /> <beans:property name="maximumSessions" value="1" /> <!-- 防止session攻击 --> <beans:property name="alwaysCreateSession" value="true" /> <beans:property name="migrateSessionAttributes" value="false" /> <!-- 同一个帐号 同时只能一个人登录 --> <beans:property name="exceptionIfMaximumExceeded" value="false" /> </beans:bean> <beans:bean id="sessionRegistry" class="org.springframework.security.core.session.SessionRegistryImpl" /> <!-- 事件监听:实现了ApplicationListener监听接口,包括AuthenticationCredentialsNotFoundEvent 事件,--> <!-- AuthorizationFailureEvent事件,AuthorizedEvent事件, PublicInvocationEvent事件--> <beans:bean class="org.springframework.security.authentication.event.LoggerListener" /> <!-- 自定义资源文件 提示信息 --> <beans:bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource"> <beans:property name="basenames" value="classpath:message_zh_CN"> </beans:property> </beans:bean> <!-- 配置过滤器 --> <beans:bean id="myFilter" class="com.taskmanager.web.security.MySecurityFilter"> <!-- 用户拥有的权限 --> <beans:property name="authenticationManager" ref="myAuthenticationManager" /> <!-- 用户是否拥有所请求资源的权限 --> <beans:property name="accessDecisionManager" ref="myAccessDecisionManager" /> <!-- 资源与权限对应关系 --> <beans:property name="securityMetadataSource" ref="mySecurityMetadataSource" /> </beans:bean> <!-- 实现了UserDetailsService的Bean --> <authentication-manager alias="myAuthenticationManager"> <authentication-provider user-service-ref="myUserDetailServiceImpl"> <!-- 登入 密码 采用MD5加密 --> <password-encoder hash="md5" ref="passwordEncoder"> </password-encoder> </authentication-provider> </authentication-manager> <!-- 验证用户请求资源 是否拥有权限 --> <beans:bean id="myAccessDecisionManager" class="com.taskmanager.web.security.MyAccessDecisionManager"> </beans:bean> <!-- 系统运行时加载 系统要拦截的资源 与用户请求时要过滤的资源 --> <beans:bean id="mySecurityMetadataSource" class="com.taskmanager.web.security.MySecurityMetadataSource"> <beans:constructor-arg name="powerService" ref="powerService"> </beans:constructor-arg> </beans:bean> <!-- 获取用户登入角色信息 --> <beans:bean id="myUserDetailServiceImpl" class="com.taskmanager.web.security.MyUserDetailServiceImpl"> <beans:property name="userService" ref="userService"></beans:property> </beans:bean> <!-- 用户的密码加密或解密 --> <beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder" /> </beans:beans>
3、 web.xml配置文件。
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <context-param> <description>Spring applicationContext</description> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/spring/application*.xml </param-value> </context-param> <listener> <description>SpringContextLoaderListener</description> <display-name>SpringContextLoaderListener</display-name> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <!-- spring scurity 拦截器 --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>*.jh</url-pattern> <url-pattern>*.jsp</url-pattern> <url-pattern>/j_spring_security_check</url-pattern> <url-pattern>/j_spring_security_logout</url-pattern> </filter-mapping>
4、流程
1)容器启动(MySecurityMetadataSource:loadResourceDefine加载系统资源与权限列表)
2)用户发出请求
3)过滤器拦截(MySecurityFilter:doFilter)
4)取得请求资源所需权限(MySecurityMetadataSource:getAttributes)
5)匹配用户拥有权限和请求权限(MyAccessDecisionManager:decide),如果用户没有相应的权限,
执行第6步,否则执行第7步。
6)登录
7)验证并授权(MyUserDetailServiceImpl:loadUserByUsername)
5、权限sql脚本
/* Navicat MySQL Data Transfer Source Server : mysql Source Server Version : 50015 Source Host : localhost:8036 Source Database : taskmanager Target Server Type : MYSQL Target Server Version : 50015 File Encoding : 65001 Date: 2012-12-26 17:26:38 */ SET FOREIGN_KEY_CHECKS=0; -- ---------------------------- -- Table structure for `s_dict` -- ---------------------------- DROP TABLE IF EXISTS `s_dict`; CREATE TABLE `s_dict` ( `ID` int(50) NOT NULL auto_increment, `DictType` varchar(10) NOT NULL, `Code` varchar(20) NOT NULL, `Name` varchar(50) NOT NULL, `ParentID` varchar(20) default NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk; -- ---------------------------- -- Table structure for `t_sys_character` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_character`; CREATE TABLE `t_sys_character` ( `ID` varchar(50) NOT NULL COMMENT '角色ID', `NAME` varchar(30) NOT NULL COMMENT '角色名称', `DESCRIPT` varchar(200) default NULL COMMENT '角色描述', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '菜单状态', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', `SEQID` decimal(12,0) default NULL COMMENT '顺序号', PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='角色表'; -- ---------------------------- -- Records of t_sys_character -- ---------------------------- INSERT INTO t_sys_character VALUES ('297ef0cb3915b16a013915c7eb112312', '系统管理员', '系统管理员1', '1', '999999999999999', '2012-09-03 14:03:25', '', null); INSERT INTO t_sys_character VALUES ('8a8a9691396b237101396b44825a0001', '分发任务', '任务分发', '1', '999999999999999', '2012-09-02 15:55:12', '', null); INSERT INTO t_sys_character VALUES ('8a8a9691396b237101396b44aa060002', '任务接受', '任务接受', '1', '999999999999999', '2012-09-02 15:55:39', '', null); INSERT INTO t_sys_character VALUES ('8a8a9691396b237101396b55f45b0017', '任务审核', '任务审核', '1', '999999999999999', '2012-09-02 15:55:57', '', null); INSERT INTO t_sys_character VALUES ('8a8a9691398b2dc201398b2f0c400001', '测试', '测试', '1', '999999999999999', '2012-09-03 16:11:19', null, null); -- ---------------------------- -- Table structure for `t_sys_charofgroup` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_charofgroup`; CREATE TABLE `t_sys_charofgroup` ( `ID` varchar(50) NOT NULL COMMENT 'ID', `GROUPID` varchar(50) NOT NULL COMMENT '用户组ID', `CHARID` varchar(50) NOT NULL COMMENT '角色ID', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', PRIMARY KEY (`ID`), KEY `t_sys_charofgroup_groupid` (`GROUPID`), KEY `t_sys_charofgroup_charid` (`CHARID`), CONSTRAINT `t_sys_charofgroup_charid` FOREIGN KEY (`CHARID`) REFERENCES `t_sys_character` (`ID`) ON DELETE CASCADE, CONSTRAINT `t_sys_charofgroup_groupid` FOREIGN KEY (`GROUPID`) REFERENCES `t_sys_usergroup` (`ID`) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户组角色表'; -- ---------------------------- -- Records of t_sys_charofgroup -- ---------------------------- INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b4bd0c6000a', '8a8a9691396b237101396b4b98be0009', '8a8a9691396b237101396b44aa060002', '1', '999999999999999', '2012-08-28 11:34:54', null); INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b4bebb0000b', '8a8a9691396b237101396b4b819c0008', '8a8a9691396b237101396b44825a0001', '1', '999999999999999', '2012-08-28 11:35:01', null); INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b594d2a001e', '1234567890', '297ef0cb3915b16a013915c7eb112312', '1', '999999999999999', '2012-08-28 11:49:38', null); INSERT INTO t_sys_charofgroup VALUES ('8a8a9691396b237101396b5ec80f0022', '8a8a9691396b237101396b5ea8230021', '8a8a9691396b237101396b55f45b0017', '1', '999999999999999', '2012-08-28 11:55:37', null); -- ---------------------------- -- Table structure for `t_sys_department` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_department`; CREATE TABLE `t_sys_department` ( `ID` varchar(50) NOT NULL COMMENT 'ID', `ZJJGDM` varchar(9) default NULL COMMENT '部门组织机构代码', `CODE` varchar(20) NOT NULL COMMENT '部门简码', `ABBRNAME` varchar(30) NOT NULL COMMENT '是否股室', `NAME` varchar(60) NOT NULL COMMENT '部门全体', `CHIEF` varchar(50) default NULL COMMENT '部门负责人名称', `INNET` decimal(1,0) default '1' COMMENT '是否在网', `ORDERNO` decimal(6,0) default NULL COMMENT '排列顺序', `STATUS` decimal(1,0) default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `OTHERS` varchar(50) default NULL COMMENT '备注', `ISENFOREORG` decimal(1,0) default '1' COMMENT '是否行政审批部门', `WEBSITENAME` varchar(100) default NULL COMMENT '门户网站名称', `WEBSITEADDR` varchar(200) default NULL COMMENT '门户网站地址', `XZQHID` varchar(20) default NULL COMMENT '行政区划ID', `JGGXSBM` varchar(4) default NULL COMMENT '监管关系识别码', `layer` int(11) NOT NULL default '1', `PARENTID` varchar(50) default NULL COMMENT '上级部门ID', PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='部门信息表'; -- ---------------------------- -- Records of t_sys_department -- ---------------------------- INSERT INTO t_sys_department VALUES ('297ef0cb391b4ce301391b4e3d8e0001', null, '123', '否', '123', '999999999999999', '1', '123', '0', '999999999999999', '2012-10-08 17:45:08', null, null, null, '123', null, null, '2', '297ef0cb391b4ce301391b4e3d8e6530'); INSERT INTO t_sys_department VALUES ('297ef0cb391b4ce301391b4e3d8e6530', null, 'gly', '是', '管理员部门', '8a8a9691396b237101396b5f73ef0023', '1', '99', '1', '999999999999999', '2012-09-24 14:04:11', null, null, null, '', null, null, '1', ''); -- ---------------------------- -- Table structure for `t_sys_duty` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_duty`; CREATE TABLE `t_sys_duty` ( `id` varchar(50) NOT NULL COMMENT '职位代码', `name` varchar(20) NOT NULL COMMENT '职位名称', `ORDERNO` int(3) default NULL COMMENT '排序号', PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk; -- ---------------------------- -- Records of t_sys_duty -- ---------------------------- INSERT INTO t_sys_duty VALUES ('0001', '办事员', '1'); INSERT INTO t_sys_duty VALUES ('0002', '科员', '15'); INSERT INTO t_sys_duty VALUES ('0003', '站长', '16'); -- ---------------------------- -- Table structure for `t_sys_menu` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_menu`; CREATE TABLE `t_sys_menu` ( `ID` varchar(50) NOT NULL COMMENT 'ID', `NAME` varchar(30) NOT NULL COMMENT '菜单名称', `DESCRIPT` varchar(200) default NULL COMMENT '描述', `LAYER` int(1) NOT NULL default '1' COMMENT '层次,只会有1、2、3、4、5'';', `PARENTID` varchar(50) default NULL COMMENT '父菜单ID', `ACTIONNAME` varchar(100) default NULL COMMENT '响应此菜单的ACTION ,只有此菜单作为末级菜单时才填写', `ORDERNO` decimal(3,0) NOT NULL default '0' COMMENT '排列次序', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', `SYSTEM` decimal(1,0) NOT NULL default '0' COMMENT '菜单所属系统', `PARAMETER` varchar(50) default NULL COMMENT '链接此菜单的参数', PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='菜单表'; -- ---------------------------- -- Records of t_sys_menu -- ---------------------------- INSERT INTO t_sys_menu VALUES ('20050909150915816077', '权限代码管理', '', '2', '2006062709371100003', '/manager/power/list.jh', '2', '1', '999999999999999', '2012-08-18 17:47:53', '', '0', ''); INSERT INTO t_sys_menu VALUES ('20050909150953452259', '系统管理', '系统管理', '1', '', '', '0', '0', '999999999999999', '2012-08-17 16:38:14', '', '0', ''); INSERT INTO t_sys_menu VALUES ('20050909679021123458', '部门用户管理', '', '2', '2006062709371100003', '/manager/user/list.jh', '6', '1', '999999999999999', '2012-08-18 17:48:01', '', '0', ''); INSERT INTO t_sys_menu VALUES ('20050916100910655954', '部门用户组管理', '', '2', '2006062709371100003', '/manager/usergroup/list.jh', '5', '1', '999999999999999', '2012-08-18 17:48:10', '', '0', ''); INSERT INTO t_sys_menu VALUES ('2006042709371511122', '角色权限管理', '角色权限管理', '2', '2006062709371100003', '/manager/character/list.jh', '4', '1', '999999999999999', '2012-08-18 17:48:20', '', '0', ''); INSERT INTO t_sys_menu VALUES ('2006051180061800000', '个人设置', '个人设置', '1', '', '', '15', '1', '999999999999999', '2012-08-14 21:50:03', '', '0', ''); INSERT INTO t_sys_menu VALUES ('2006051180061800090', '修改密码', '修改密码', '2', '2006051180061800000', '/manager/user/pass.jh', '7', '1', '999999999999999', '2012-08-18 17:48:45', '', '0', ''); INSERT INTO t_sys_menu VALUES ('2006061909095300001', '系统菜单管理', '系统菜单管理', '2', '2006062709371100003', '/manager/menu/list.jh', '3', '1', '999999999999999', '2012-08-18 17:48:52', '', '0', ''); INSERT INTO t_sys_menu VALUES ('2006062709371100003', '系统管理', '系统管理', '1', '', '', '1', '1', '999999999999999', '2012-08-17 16:21:38', '系统管理', '0', ''); INSERT INTO t_sys_menu VALUES ('297ef0cb3913a1ff013913ac623d0001', '部门管理', '部门管理', '2', '2006062709371100003', '/manager/department/list.jh', '13', '1', '999999999999999', '2012-08-18 17:49:04', '部门管理', '0', ''); INSERT INTO t_sys_menu VALUES ('402880013956bf7e01395707b2050001', '审核', '任务审核', '2', '8a8a96913933a87f013933b0be1f0001', '/case/auditList.jh', '18', '1', '999999999999999', '2012-08-24 13:12:00', '', '0', ''); INSERT INTO t_sys_menu VALUES ('402880013956bf7e01395707ef1e0002', '完成', '任务完成', '2', '8a8a96913933a87f013933b0be1f0001', '/case/fulfilList.jh', '19', '0', '999999999999999', '2012-09-24 17:01:04', '', '0', ''); INSERT INTO t_sys_menu VALUES ('40288001397655b80139765885070001', '查询', '任务查询', '2', '8a8a96913933a87f013933b0be1f0001', '/case/queryList.jh', '20', '1', '999999999999999', '2012-08-30 15:09:04', '', '0', ''); INSERT INTO t_sys_menu VALUES ('40288001397655b80139765921080002', '统计', '任务统计', '2', '8a8a96913933a87f013933b0be1f0001', '/case/statisticsList.jh', '21', '1', '999999999999999', '2012-08-30 15:11:54', '', '0', ''); INSERT INTO t_sys_menu VALUES ('8a8a9691390a5c7001390a6703e70003', '安全退出', '安全退出', '2', '2006051180061800000', '/j_spring_security_logout', '11', '1', '999999999999999', '2012-08-09 16:01:27', '', '0', ''); INSERT INTO t_sys_menu VALUES ('8a8a96913933a87f013933b0be1f0001', '任务管理', '任务管理', '1', '', '', '0', '1', '999999999999999', '2012-08-17 16:38:27', '任务管理', '0', ''); INSERT INTO t_sys_menu VALUES ('8a8a96913933a87f013933b4c32d0002', '创建', '创建任务', '2', '8a8a96913933a87f013933b0be1f0001', '/case/createCase.jh', '15', '0', '999999999999999', '2012-09-21 22:45:17', '创建新任务', '0', ''); INSERT INTO t_sys_menu VALUES ('8a8a96913933a87f013933bdd022000b', '接收', '接收任务', '2', '8a8a96913933a87f013933b0be1f0001', '/case/receiveCase.jh', '16', '1', '999999999999999', '2012-08-18 17:49:30', '', '0', ''); INSERT INTO t_sys_menu VALUES ('8a8a9691394d77c001394da115300005', '发布', '分发任务', '2', '8a8a96913933a87f013933b0be1f0001', '/case/distributionCase.jh', '17', '1', '999999999999999', '2012-08-22 17:20:48', '分发任务', '0', ''); INSERT INTO t_sys_menu VALUES ('8a8a9691398ad08401398ad2adf20001', '系统权限管理', '系统权限管理', '2', '2006062709371100003', '/manager/powerSystem/list.jh', '4', '1', '999999999999999', '2012-09-03 14:30:26', '', '0', ''); -- ---------------------------- -- Table structure for `t_sys_power` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_power`; CREATE TABLE `t_sys_power` ( `ID` varchar(50) NOT NULL COMMENT '权限ID', `NAME` varchar(30) NOT NULL COMMENT '权限名称', `DESCRIPT` varchar(200) default NULL COMMENT '描述', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `ISPUBLIC` decimal(1,0) default '0' COMMENT '是否公共权限', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='权限代码表'; -- ---------------------------- -- Records of t_sys_power -- ---------------------------- INSERT INTO t_sys_power VALUES ('200512012106555', '系统管理部门用户管理', '系统管理部门用户管理', '1', '1', '999999999999999', '2012-08-14 21:02:38', ''); INSERT INTO t_sys_power VALUES ('8a8a96913933a87f013933b6c0f10003', '任务分发组', '任务分发组的全新', '1', '1', '999999999999999', '2012-08-17 16:32:58', null); INSERT INTO t_sys_power VALUES ('8a8a96913933a87f013933b768ba0004', '公共权限', '登入者通用的权限', '1', '1', '999999999999999', '2012-08-17 16:33:41', null); INSERT INTO t_sys_power VALUES ('8a8a9691396b237101396b45cf5c0003', '任务接受组', '任务接受组', '1', '1', '999999999999999', '2012-08-28 11:28:20', null); INSERT INTO t_sys_power VALUES ('8a8a9691396b237101396b523c350012', '任务审核', '', '1', '1', '999999999999999', '2012-08-28 11:41:55', null); -- ---------------------------- -- Table structure for `t_sys_powerofaction` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_powerofaction`; CREATE TABLE `t_sys_powerofaction` ( `ID` varchar(50) NOT NULL COMMENT 'ID', `POWERID` varchar(50) NOT NULL COMMENT '权限ID', `ACTIONNAME` varchar(100) NOT NULL COMMENT '权限对应的ACTION名称', `DESCRIPT` varchar(200) default NULL COMMENT '描述', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', PRIMARY KEY (`ID`), KEY `t_sys_powerofaction_id` (`POWERID`), KEY `t_sys_powerofaction_prid` (`POWERID`), CONSTRAINT `t_sys_powerofaction_prid` FOREIGN KEY (`POWERID`) REFERENCES `t_sys_power` (`ID`) ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='权限对应ACTION表'; -- ---------------------------- -- Records of t_sys_powerofaction -- ---------------------------- INSERT INTO t_sys_powerofaction VALUES ('200512012102112', '200512012106555', '/manager/power/list.jh', '权限代码管理', '1', '999999999999999', '2012-08-18 17:46:27', null); INSERT INTO t_sys_powerofaction VALUES ('200512012197343', '200512012106555', '/manager/menu/list.jh', '菜单管理', '1', '999999999999999', '2012-08-18 17:50:23', null); INSERT INTO t_sys_powerofaction VALUES ('200512012197349', '200512012106555', '/manager/character/list.jh', '角色权限管理', '1', '999999999999999', '2012-08-18 17:50:34', null); INSERT INTO t_sys_powerofaction VALUES ('200512012412244', '200512012106555', '/manager/user/list.jh', '部门用户管理', '1', '999999999999999', '2012-08-18 17:50:40', null); INSERT INTO t_sys_powerofaction VALUES ('200512012435444', '200512012106555', '/manager/usergroup/list.jh', '部门用户组管理', '1', '999999999999999', '2012-08-18 17:50:47', null); INSERT INTO t_sys_powerofaction VALUES ('297ef0cb3913a1ff013913ad56520002', '200512012106555', '/manager/department/list.jh', '部门管理', '1', '999999999999999', '2012-08-18 17:50:56', null); INSERT INTO t_sys_powerofaction VALUES ('40288001397655b80139765d3f990003', '8a8a96913933a87f013933b768ba0004', '/case/queryList.jh', '任务查询', '1', '999999999999999', '2012-08-30 15:09:46', null); INSERT INTO t_sys_powerofaction VALUES ('40288001397655b80139765ea8ce0004', '8a8a96913933a87f013933b768ba0004', '/case/statisticsList.jh', '任务统计', '1', '999999999999999', '2012-08-30 15:11:18', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a96913933a87f013933b8268c0005', '8a8a96913933a87f013933b768ba0004', '/system/default.jsp', '系统默认首页', '1', '999999999999999', '2012-08-20 13:09:49', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a96913933a87f013933b8b05d0006', '8a8a96913933a87f013933b768ba0004', '/manager/user/pass.jh', '修改密码', '1', '999999999999999', '2012-08-18 17:52:09', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a96913933a87f013933b91adf0007', '8a8a96913933a87f013933b6c0f10003', '/case/createCase.jh', '创建任务', '1', '999999999999999', '2012-08-18 17:51:19', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a9691394d77c001394da301500006', '8a8a96913933a87f013933b6c0f10003', '/case/distributionCase.jh', '任务分发', '1', '999999999999999', '2012-08-22 17:21:31', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a9691396b237101396b469b660004', '8a8a9691396b237101396b45cf5c0003', '/case/receiveCase.jh', '任务接受', '1', '999999999999999', '2012-08-28 11:29:13', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a9691396b237101396b47605c0005', '8a8a9691396b237101396b45cf5c0003', '/case/fulfilList.jh', '任务完成', '1', '999999999999999', '2012-08-28 11:30:03', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a9691396b237101396b52745c0013', '8a8a9691396b237101396b523c350012', '/case/auditList.jh', '任务审核', '1', '999999999999999', '2012-08-28 11:42:09', null); INSERT INTO t_sys_powerofaction VALUES ('8a8a9691398ad08401398ad3798f0002', '200512012106555', '/manager/powerSystem/list.jh', '系统权限管理', '1', '999999999999999', '2012-09-03 14:31:18', null); -- ---------------------------- -- Table structure for `t_sys_powerofchar` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_powerofchar`; CREATE TABLE `t_sys_powerofchar` ( `ID` varchar(50) NOT NULL COMMENT 'ID', `CHARID` varchar(50) NOT NULL COMMENT '角色ID', `POWERID` varchar(50) NOT NULL COMMENT '权限ID', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', PRIMARY KEY (`ID`), KEY `t_sys_powerofchar_powerid` (`POWERID`), KEY `t_sys_powerofchar_cid` (`CHARID`), KEY `t_sys_powerofchar_chid` (`CHARID`), KEY `t_sys_powerof_prid` (`POWERID`), CONSTRAINT `t_sys_powerofchar_chid` FOREIGN KEY (`CHARID`) REFERENCES `t_sys_character` (`ID`) ON DELETE CASCADE, CONSTRAINT `t_sys_powerof_prid` FOREIGN KEY (`POWERID`) REFERENCES `t_sys_power` (`ID`) ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='角色权限表'; -- ---------------------------- -- Records of t_sys_powerofchar -- ---------------------------- INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4edd4a000e', '8a8a9691396b237101396b44825a0001', '8a8a96913933a87f013933b6c0f10003', '1', '999999999999999', '2012-08-28 11:38:14', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4edd4a000f', '8a8a9691396b237101396b44825a0001', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:38:14', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4ef14f0010', '8a8a9691396b237101396b44aa060002', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:38:19', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b4ef14f0011', '8a8a9691396b237101396b44aa060002', '8a8a9691396b237101396b45cf5c0003', '1', '999999999999999', '2012-08-28 11:38:19', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924b30019', '297ef0cb3915b16a013915c7eb112312', '200512012106555', '1', '999999999999999', '2012-08-28 11:49:27', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924b3001a', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b6c0f10003', '1', '999999999999999', '2012-08-28 11:49:27', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924c3001b', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:49:27', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924c3001c', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b45cf5c0003', '1', '999999999999999', '2012-08-28 11:49:27', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5924d2001d', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b523c350012', '1', '999999999999999', '2012-08-28 11:49:27', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5e28c2001f', '8a8a9691396b237101396b55f45b0017', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-08-28 11:54:56', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691396b237101396b5e28c20020', '8a8a9691396b237101396b55f45b0017', '8a8a9691396b237101396b523c350012', '1', '999999999999999', '2012-08-28 11:54:56', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090010', '297ef0cb3915b16a013915c7eb112312', '200512012106555', '1', '999999999999999', '2012-09-03 16:14:46', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090011', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b6c0f10003', '1', '999999999999999', '2012-09-03 16:14:46', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090012', '297ef0cb3915b16a013915c7eb112312', '8a8a96913933a87f013933b768ba0004', '1', '999999999999999', '2012-09-03 16:14:46', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090013', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b45cf5c0003', '1', '999999999999999', '2012-09-03 16:14:46', null); INSERT INTO t_sys_powerofchar VALUES ('8a8a9691398b2dc201398b3232090014', '297ef0cb3915b16a013915c7eb112312', '8a8a9691396b237101396b523c350012', '1', '999999999999999', '2012-09-03 16:14:46', null); -- ---------------------------- -- Table structure for `t_sys_powersystem` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_powersystem`; CREATE TABLE `t_sys_powersystem` ( `ID` varchar(20) NOT NULL, `role_name` varchar(20) NOT NULL, `intercept_url` varchar(50) NOT NULL, `STATUS` decimal(11,0) NOT NULL default '1', `MODPERSON` varchar(20) default NULL, `MODTIME` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, `REMARK` varchar(100) default NULL, `DESCRIPT` varchar(50) default NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk; -- ---------------------------- -- Records of t_sys_powersystem -- ---------------------------- INSERT INTO t_sys_powersystem VALUES ('9201209031534081000', 'role_admin', '/manager/**/*.jh', '1', '999999999999999', '2012-09-03 15:34:08', '管理员', null); INSERT INTO t_sys_powersystem VALUES ('9201209031534551001', 'role_admin', '/system/manager/**/*.jsp', '1', '999999999999999', '2012-09-03 15:34:55', '管理员', null); -- ---------------------------- -- Table structure for `t_sys_powersystemofchar` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_powersystemofchar`; CREATE TABLE `t_sys_powersystemofchar` ( `ID` varchar(20) NOT NULL, `CHARID` varchar(50) default NULL, `POWERsystemID` varchar(50) default NULL, `STATUS` decimal(11,0) NOT NULL default '1', `MODPERSON` varchar(20) default NULL, `MODTIME` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, `REMARK` varchar(100) default NULL, PRIMARY KEY (`ID`), KEY `t_sys_powersystemofchar_CHARID` (`CHARID`), KEY `t_sys_powersystemofchar_POWERsystemID` (`POWERsystemID`), CONSTRAINT `t_sys_powersystemofchar_CHARID` FOREIGN KEY (`CHARID`) REFERENCES `t_sys_character` (`ID`), CONSTRAINT `t_sys_powersystemofchar_POWERsystemID` FOREIGN KEY (`POWERsystemID`) REFERENCES `t_sys_powersystem` (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk; -- ---------------------------- -- Records of t_sys_powersystemofchar -- ---------------------------- INSERT INTO t_sys_powersystemofchar VALUES ('9201209031608531000', '297ef0cb3915b16a013915c7eb112312', '9201209031534081000', '1', '999999999999999', '2012-09-03 16:08:53', null); INSERT INTO t_sys_powersystemofchar VALUES ('9201209031608531001', '297ef0cb3915b16a013915c7eb112312', '9201209031534551001', '1', '999999999999999', '2012-09-03 16:08:53', null); -- ---------------------------- -- Table structure for `t_sys_user` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_user`; CREATE TABLE `t_sys_user` ( `ID` varchar(50) NOT NULL COMMENT '用户ID', `CODE` varchar(20) NOT NULL COMMENT '用户登入代码', `NAME` varchar(40) NOT NULL COMMENT '用户中文姓名', `PASSWORD` varchar(60) NOT NULL COMMENT '用户登入密码', `DUTYID` varchar(6) NOT NULL COMMENT '职务', `LOGINTYPE` decimal(1,0) default '0' COMMENT '登入类别', `SEX` decimal(1,0) default '1' COMMENT '性别', `MOBILE` varchar(50) default NULL COMMENT '手机', `EMAIL` varchar(120) default NULL COMMENT '邮件', `CAID` varchar(128) default NULL COMMENT '对应CA的唯一ID', `ORDERNO` varchar(6) default NULL COMMENT '排列顺序', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', `departmentID` varchar(59) NOT NULL, PRIMARY KEY (`ID`), UNIQUE KEY `CODE_UNIQUE` (`CODE`), KEY `t_sys_userdepartmentID` (`departmentID`), KEY `t_sys_userdutyID` (`DUTYID`), CONSTRAINT `t_sys_userdepartmentID` FOREIGN KEY (`departmentID`) REFERENCES `t_sys_department` (`ID`) ON DELETE NO ACTION, CONSTRAINT `t_sys_userdutyID` FOREIGN KEY (`DUTYID`) REFERENCES `t_sys_duty` (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户表'; -- ---------------------------- -- Records of t_sys_user -- ---------------------------- INSERT INTO t_sys_user VALUES ('8a8a9691396b237101396b4e0624000c', '123456', '任务分发', 'e10adc3949ba59abbe56e057f20f883e', '0001', null, '1', '', '', null, '', '1', '999999999999999', '2012-08-28 11:37:19', '', '297ef0cb391b4ce301391b4e3d8e6530'); INSERT INTO t_sys_user VALUES ('8a8a9691396b237101396b5f73ef0023', '666666', '任务接受', 'f379eaf3c831b04de153469d1bec345e', '0003', null, '1', '', '', null, '', '1', '999999999999999', '2012-08-28 11:56:21', '', '297ef0cb391b4ce301391b4e3d8e6530'); INSERT INTO t_sys_user VALUES ('999999999999999', 'admin', '超级管理员', '21232f297a57a5a743894a0e4a801fc3', '0022', null, '1', '', 'zhou@136.com', null, '20', '1', '999999999999999', '2012-09-14 11:17:18', '123', '297ef0cb391b4ce301391b4e3d8e6530'); -- ---------------------------- -- Table structure for `t_sys_usergroup` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_usergroup`; CREATE TABLE `t_sys_usergroup` ( `ID` varchar(50) NOT NULL COMMENT '用户组ID', `NAME` varchar(30) NOT NULL COMMENT '用户组名称', `DESCRIPT` varchar(200) default NULL COMMENT '描述', `DEPARTID` varchar(20) default NULL COMMENT '部门ID', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', `PARENT` varchar(20) default NULL, `XZQHID` varchar(20) default NULL COMMENT '关联的行政区域ID', `LAYER` decimal(2,0) default NULL, PRIMARY KEY (`ID`) ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户组表'; -- ---------------------------- -- Records of t_sys_usergroup -- ---------------------------- INSERT INTO t_sys_usergroup VALUES ('1234567890', '系统管理员组', '系统管理员', null, '1', '999999999999999', '2012-08-18 18:11:52', null, null, null, null); INSERT INTO t_sys_usergroup VALUES ('8a8a9691396b237101396b4b819c0008', '任务分发', '任务分发', null, '1', '999999999999999', '2012-08-28 11:34:34', null, null, null, null); INSERT INTO t_sys_usergroup VALUES ('8a8a9691396b237101396b4b98be0009', '任务接受', '任务接受', null, '1', '999999999999999', '2012-08-28 11:34:40', null, null, null, null); INSERT INTO t_sys_usergroup VALUES ('8a8a9691396b237101396b5ea8230021', '任务审核', '任务审核', null, '1', '999999999999999', '2012-08-28 11:55:29', null, null, null, null); -- ---------------------------- -- Table structure for `t_sys_userofusergroup` -- ---------------------------- DROP TABLE IF EXISTS `t_sys_userofusergroup`; CREATE TABLE `t_sys_userofusergroup` ( `ID` varchar(50) NOT NULL, `USERID` varchar(50) NOT NULL COMMENT '用户ID', `USERGROUPID` varchar(50) NOT NULL COMMENT '用户组ID', `STATUS` decimal(1,0) NOT NULL default '1' COMMENT '是否有效', `MODPERSON` varchar(50) default NULL COMMENT '最后修改人', `MODTIME` timestamp NULL default NULL COMMENT '最后修改时间', `REMARK` varchar(100) default NULL COMMENT '备注', PRIMARY KEY (`ID`), KEY `t_sys_userofusergroup_userid` (`USERID`), KEY `t_sys_userofusergroup_usergroupid` (`USERGROUPID`), CONSTRAINT `t_sys_userofusergroup_usergroupid` FOREIGN KEY (`USERGROUPID`) REFERENCES `t_sys_usergroup` (`ID`) ON DELETE CASCADE, CONSTRAINT `t_sys_userofusergroup_userid` FOREIGN KEY (`USERID`) REFERENCES `t_sys_user` (`ID`) ON DELETE CASCADE ON UPDATE NO ACTION ) ENGINE=InnoDB DEFAULT CHARSET=gbk COMMENT='用户组对应用户关系表'; -- ---------------------------- -- Records of t_sys_userofusergroup -- ---------------------------- INSERT INTO t_sys_userofusergroup VALUES ('297ef0cb3919d144013919e873fd0008', '999999999999999', '1234567890', '1', '999999999999999', '2012-08-13 09:48:56', null); INSERT INTO t_sys_userofusergroup VALUES ('8a8a9691396b237101396b4e0634000d', '8a8a9691396b237101396b4e0624000c', '8a8a9691396b237101396b4b819c0008', '1', '8a8a9691396b237101396b4e0624000c', '2012-08-28 11:37:19', null); INSERT INTO t_sys_userofusergroup VALUES ('8a8a9691396b237101396b5f73ff0024', '8a8a9691396b237101396b5f73ef0023', '8a8a9691396b237101396b4b98be0009', '1', '8a8a9691396b237101396b5f73ef0023', '2012-08-28 11:56:21', null);
6
、附件为完整程序与数据库脚本, 导入sql脚本时请注意工具的差异化, 我用的工具是Navicat Lite
下篇期待linux相关文章
- backs.zip (6.1 KB)
- 描述: 数据库脚本
- 下载次数: 1003
- spring-lib.zip (4.3 MB)
- 描述: spring包
- 下载次数: 1088
- lib2.zip (5.4 MB)
- 描述: 包
- 下载次数: 1141
- lib1.zip (5.7 MB)
- 下载次数: 1024
- lib3.zip (5.2 MB)
- 下载次数: 1101
- lib4.zip (5.1 MB)
- 下载次数: 1110
- task_managerfinal.zip (4.7 MB)
- 描述: 程序代码
- 下载次数: 1671
评论
我也想问同样的问题,现在我就是遇到这个问题了,我现在把那几个map放到userService的实现里了!单点登陆系统session过来,再加载权限
MyUserDetailServiceImpl 登陆验证并获取用户权限。
MyAccessDecisionManager 双重循环资源权限映射和某用户权限映射进行判断。
MySecurityFilter 触发过滤器,触发调用上述方法。
很多错误,怎么才能修改正确,我的QQ 940054977
发表评论
-
Java虚拟机参数 -XX等相关参数应用
2013-08-29 12:55 0Java虚拟机参数 -XX等相关参数应用 通常,我们为 ... -
weblogic培训笔记(三)java虚拟机配置
2013-08-29 12:53 0weblogic培训笔记(三)java虚拟机配置 u ... -
(转)BEA WebLogic平台下J2EE调优攻略
2013-08-29 12:51 0(转)BEA WebLogic平台下J2EE调优攻略 摘要 ... -
java c#平台加密实现通讯
2013-08-24 13:58 0java与c#平台通过 加密互相调用实现两端通讯。 ... -
WebLogic10部署struts2使用注解问题
2013-05-08 15:18 2573这两天部署了一个使用了convention约定插件的SSH ... -
PLSQL中汉字显示乱码问题
2013-05-03 21:49 1996遇到问题: PLSQL中汉字显示乱码,并且SQL语句中如果 ... -
http 使用BASE64发送图片
2013-03-05 18:15 11743服务器端 方法内代码 String fileName = ... -
linux 安装oracle10g
2013-02-27 16:43 1450一.基本配置 (1)硬盘剩余空间:10G以上 虽 ... -
Oracle常用命令笔记
2013-02-17 15:56 2254一、ORACLE的启动和关闭1、在单机环境下要想启动或关闭O ... -
【转】分享我的大型Java多用户商城系统开发的心得和困难
2013-02-05 10:53 2978本人一直从事Java企业 ... -
Apache Commons工具集简介
2013-01-15 11:26 66136Apache Commons包含了很多开源 ... -
Apache Commons工具集简介
2013-01-15 11:24 2Apache Commons包含了很多开源 ... -
oracle 无效的月份的错误
2013-01-11 13:36 2462linux服务器oracle导出的sql脚本 在导入本地的o ... -
linux(centos) java+apache+tomcat配置
2013-01-07 16:34 2578去年文章讲解过windowx下apache+t ... -
linux java+apache+tomcat配置
2013-01-03 14:38 0去年文章讲解过windowx下apache+t ... -
Spring Security3 配置使用
2012-12-27 17:34 3使用Spring Security3的几种方法概 ... -
linux mysql5.5安装与配置
2012-12-24 18:33 9013MySQL是一个关系型数据库管理系统 ,由 ...
相关推荐
**Spring Security 3 配置使用详解** Spring Security 是一个强大的、高度可定制的身份验证和访问控制框架,广泛应用于Java企业级应用中。在Spring Security 3版本中,它提供了许多改进和新特性,旨在简化安全配置...
本文件“Spring Security3配置使用.rar”包含了关于如何配置和使用Spring Security3的具体代码和配置信息,帮助开发者理解和实践这个框架的核心功能。 1. **基本概念** - **认证(Authentication)**:确定用户...
Spring Security 3 配置和使用 Spring Security 是一个强大且灵活的安全框架,旨在保护基于 Java 的 Web 应用程序。Spring Security 3 是 Spring Security 框架的第三个主要版本,提供了许多新的功能和改进。下面...
在提供的压缩包`springsecurity配置demo`中,你将找到示例代码和详细说明,这将帮助你更好地理解和实践上述概念。通过学习和实践这些示例,你将能够为自己的Spring应用程序构建强大的安全防护。
在本文中,我们将深入探讨Spring Security 3的配置文件,以及如何理解和使用这些配置来增强应用的安全性。 首先,Spring Security的配置通常位于一个或多个XML文件中,这些文件通过`<beans>`标签定义了安全相关的...
教程文档`教你使用_SpringSecurity_3.0_52页.pdf`会详细指导你如何一步步配置和使用Spring Security。它应该包含了配置文件的示例、如何集成到Spring应用中、如何创建自定义认证逻辑以及如何进行授权设置等内容。...
在这个"Spring Security2配置"的主题中,我们将深入探讨如何配置Spring Security来保护我们的应用程序,以及它的一些核心概念。 首先,让我们理解Spring Security的基本组件。`Users.java`、`Roles.java`暗示了用户...
### Spring Security3 配置与使用详解 #### 一、Spring Security3 概览 Spring Security 是一个功能强大且高度可定制的身份验证和访问控制框架。最初由 Ben Alex 在 2003 年创建,名为 "The Acegi Security System...
在这个"Spring Security 项目配置源码"中,我们有机会深入理解这个框架如何在实际项目中配置和使用。下面将详细介绍Spring Security的核心概念、配置过程以及如何在Eclipse环境中运行该项目。 1. **核心概念** - *...
- **配置**:这是Spring Security配置中最核心的部分,通过`<http>`元素可以定义哪些URL需要进行身份验证和授权。`auto-config='true'`属性表示自动配置,简化了配置过程。`<intercept-url>`元素用于指定特定URL的...
这是自定义Spring Security配置的主要地方。你可以重写`configure(HttpSecurity http)`方法来定义HTTP安全规则。 ```java @Configuration @EnableWebSecurity public class SecurityConfig extends ...
### Spring Security 3.0.1 中文版知识点解析...通过上述知识点的介绍,我们了解了 Spring Security 的核心概念、配置方式以及一些高级特性,这有助于开发者更好地利用 Spring Security 为应用程序构建强大的安全防护。
Spring Security 实践指南 ...* 高度可配置性:Spring Security 的配置项非常灵活,可以根据实际需求进行配置。 Spring Security 是一个功能强大且灵活的安全框架,广泛应用于 Java 应用开发中。
4. **集成到Spring Security配置中**:在`applicationContext_security.xml`中配置自定义的安全元数据源。 通过以上步骤,就可以实现动态的权限管理机制,使得应用程序能够根据数据库中的配置实时调整用户的访问...
这三份资料——"实战Spring Security 3.x.pdf"、"Spring Security 3.pdf" 和 "Spring Security使用手册.pdf" 将深入探讨这些概念,并提供实践指导,帮助读者掌握如何在实际项目中应用Spring Security。通过学习这些...
- springsecurity3.0.5 - commonslogging1.6.1 - oraclejdbc1.1 这些依赖包提供了Spring Security框架运行所必需的类库和驱动支持。 #### 4. 配置过滤器 为了在Spring应用中使用Spring Security,需要在web.xml...