如何使用安全约束将用户重定向到特定页面?

时间:2017-01-30 09:53:30

标签: java html xml login-control security-constraint

我有两组ts_admin和ts_users。登录页面中,登录后的管理员应该直接进入管理员视图,用户进入用户视图。我不知道该怎么做,我需要帮助。我已经加载了一个包含安全约束的XML页面,或许我们可以从那一点开始。 

<welcome-file-list>
    <welcome-file>index.html</welcome-file>
</welcome-file-list>

<security-constraint>
    <display-name>timesheet user permission</display-name>
    <web-resource-collection>
        <web-resource-name>timesheet_user_resources</web-resource-name>
        <url-pattern>/index.html</url-pattern>
        <url-pattern>/</url-pattern>
        <url-pattern>/rs/*</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>PUT</http-method>
        <http-method>DELETE</http-method>
        <http-method>OPTIONS</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ts_users</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<security-role>
    <role-name>ts_users</role-name>
</security-role>
<security-role>
    <role-name>ts_admins</role-name>
</security-role>

<security-constraint>
    <display-name>timesheet admin permissions</display-name>
    <web-resource-collection>
        <web-resource-name>timesheet_admin_resources</web-resource-name>
        <url-pattern>/rs/*</url-pattern>

        <url-pattern>/indexAdmin.html</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>PUT</http-method>
        <http-method>DELETE</http-method>
        <http-method>OPTIONS</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ts_admins</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>MyRealm</realm-name>

    <form-login-config id="FormLoginConfig_1">
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/error.html</form-error-page>
    </form-login-config>
</login-config>

1 个答案:

答案 0 :(得分:0)

加载的XML文件设置良好,不需要进行任何更改。我已在index和indexAdmin页面上创建链接以便于交换,并且我还使用ng-show仅显示系统对管理员进行身份验证时的链接。在JS页面上添加了read register read external swap (logic, route signals, no time for xor nor extra register stuff) same clock cycle as one of the reads. write both if one is external, if both are registers then an additional clock.

相关问题
最新问题