Configure three tables: role table, permission table, and role permission table. The backend configuration of a global interceptor, in the interception of each request, to check whether the user in the table corresponding role permission exists, if there is, it will be rejected and prompt.

Design database table structure

  • Character sheet

  • Permissions on the table

  • Role permission mapping table

Configure global interceptors

AllInterceptor.java

Public class AllInterceptor implements HandlerInterceptor {/** * service */ @autoWired private MenuService menuService; /** * @autowired private UrlService UrlService; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object Handler) throws Exception {// Get the request address. String URL = request.getrequestURI (); HttpSession session = request.getSession(); String projectName = "/CustomerSystem"; Url = url.substring(projectname.length (), url.length()); url_info uInfo = this.urlService.selectUrl(url); if(uInfo ! = null){ menu_info mInfo = new menu_info(); mInfo.setType(Integer.parseInt((String)session.getAttribute("type")) + 1); mInfo.setUrlId(uInfo.getId()); int a = this.menuService.selectMenu(mInfo); If (a > 0){return true; SetAttribute (" MSG ", "<script type='text/javascript'>alert(' Sorry, you do not have this function permission! ')</script>"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); return false; SetAttribute (" MSG ", "<script type='text/javascript'>alert(' sorry, you do not have permission for this function! ')</script>"); request.getRequestDispatcher("/WEB-INF/jsp/login.jsp").forward(request, response); return false; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView model) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response,Object handler, Exception ex) throws Exception { } }Copy the code

Declare the global interceptor in the springMVC configuration file

springmvc-config.xml

<! < MVC :interceptors> < MVC :interceptor> < MVC :mapping path="/**"/> <! --> < MVC :exclude-mapping path="/cus_login.action"/> < MVC :exclude-mapping path="/cus_checklogin.action"/> <mvc:exclude-mapping path="/cus_exit.action"/> <! -- -- -- in the interceptor into the spring container > < bean class = "com. Itheima. Core. The interceptor. CustomerAllInterceptor" > < / bean > < / MVC: interceptor > </mvc:interceptors>Copy the code

At this point, permission management is complete.

Iii. The following is the page of the permission management module in the campus course selection system that I have designed

The GitHub address of the project,Click to

Welcome, everybody. Give me a star.

Home page:

The login page is displayed

Permission management page for the administrator after login