问题描述
您知道吗,如果有可能检查谁在调用方法并限制他们是否可以使用 Java 注释执行它?
Do you know, if there is the possibility to check who is calling a method and to restrict whether they are allowed to execute it with Java Annotations?
例如,如果您有一个客户端和一个服务器.有几个用户,他们有不同的角色,他们登录到客户端.然后(同一个客户端)有不同的用户想要在服务器上调用一个getMethod.
For example if you have a client and a server. There are several users, which have different roles and they login into the client. Then (the same client) with different users wants to call a getMethod on the server.
我可以限制谁可以使用 Java 注释调用此方法吗?
Can I restrict, who is allowed to call this methos with Java Annotations?
喜欢:
@Role(role="AllowedRole")
public ReturnType getMethod() {
...
}
推荐答案
嗯,我曾经在 JBoss Server 中使用 Seam/DeltaSpike 来实现这一点.非常简单.
Well, I used to achieve this with Seam/DeltaSpike in JBoss Server. It's pretty straightforward.
基本上,您有一个用注释进行注释的方法.例如,我的是 @User
:
Basically, you have a method which you annotate with your annotation. For example, mine is @User
:
public class MyClass {
@User
public Object getMethod() {
//implementation
}
}
接下来,您需要一个定义如何检查注释的类:
Next, you need a class where you define how you check your annotations:
public class Restrictions {
@Secures @User
public boolean isOk(Identity identity) {
if (identity.getUsername("Peter")) {
return true;
}
return false;
}
}
就是这样!当然,您需要一些库并在某些 xml 文件(如 beans.xml)中定义这些拦截内容,但只需使用一点谷歌搜索就可以轻松完成.
That's it! Ofcourse, you need some libraries and to define these intercepting stuff in certain xml files (like beans.xml) but it can be easily done with a little googling.
从这些链接开始:
这篇关于使用 Java 注释限制方法的执行的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!