我有一个tabs.jsp,其中包含指向其他页面的链接。管理员登录时,必须为其添加2个额外链接以添加用户和角色。虽然验证我能够验证用户是否是管理员。如果没有重定向回登录页面,如果用户存在则将验证返回到用户显示页面。如果用户是管理员,我该如何实现额外的2个链接?
我的控制器
@RequestMapping(value = "auth", method = RequestMethod.POST)
public ModelAndView printStringLogin(
@ModelAttribute("USERS") Users userAuthentication,
HttpSession httpSession, ModelMap model) {
System.out.println(userAuthentication.getUsers_email());
System.out.println(userAuthentication.getUsers_password());
UserAuthentication userAuthentication2 = new UserAuthentication();
boolean exists = false,admin = false;
try {
exists = userAuthentication2.doesUserExist(
userAuthentication.getUsers_email(),
userAuthentication.getUsers_password());
} catch (Exception e) {
e.printStackTrace();
}
if (exists == true) {
System.out.println("user present");
httpSession.setAttribute("id", userAuthentication.getUsers_email());
System.out.println("Session Attribute: "
+ httpSession.getAttribute("id"));
return new ModelAndView("redirect:employee");
} else {
System.out.println("user not present");
return new ModelAndView("loginpage");
}
}
用户身份验证
public class UserAuthentication {
public boolean doesUserExist(String uname, String passwrd) throws Exception {
GetSession ses = new GetSession();
Session session = ses.retSession();
String query = "from Users as u where u.users_email = :sUname and u.users_password = :sPass";
List list = session.createQuery(query).setString("sUname", uname)
.setString("sPass", passwrd).list();
Iterator iterator = list.iterator();
boolean userExists = false;
if (iterator.hasNext()) {
Users obj = (Users) iterator.next();
System.out.print(obj.getUsers_email() + "\t"
+ obj.getUsers_password() + "\n");
System.out.println(obj.getMyRoles());
System.out.println("Is Admin??? :" +obj.getMyRoles().toString().contains("Admin")); //gives if user is admin or not
System.out.println(obj.getUser_id());
userExists = true;
}
System.out.println(userExists);
return userExists;
}
}
Tabs.jsp
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<html>
<body>
<div id="tabs" style="background-color: #C8C8C8; font-family: fantasy;">
<a href="employee"> Employee Details </a>
<a href="department"> Departments </a>
<a href="designation"> Designation </a>
<a href="logout"> Logout </a>
<a href="user"> Users </a>
<a href="roles"> Roles </a>
</div>
</body>
</html>
仅当用户为admin且此tabs.jsp包含在应用程序的每个页面中时,才必须显示用户和角色链接。
答案 0 :(得分:2)
将User
对象放入Controller中的HttpSession
,并检查登录的User
是否为jsp管理员
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
pageEncoding="ISO-8859-1"%>
<html>
<body>
<div id="tabs" style="background-color: #C8C8C8; font-family: fantasy;">
<a href="employee"> Employee Details </a>
<a href="department"> Departments </a>
<a href="designation"> Designation </a>
<a href="logout"> Logout </a>
<c:if test=${sessionScope.user.isAdmin}>
<a href="user"> Users </a>
<a href="roles"> Roles </a>
</c:if>
</div>
</body>
</html>