使用JAXP(JEE6)解析一个简单的XML文档

前端之家收集整理的这篇文章主要介绍了使用JAXP(JEE6)解析一个简单的XML文档前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。
我想为我的网络应用程序创建一个授权过滤器(以便能够限制对某些页面的访问).

我创建了一个简单的.xml文件,其中包含允许每个用户访问的页面

  1. <access>
  2. <buyer>
  3. <page>buyoffer.xhtml</page>
  4. <page>faq.xhtml</page>
  5. <page>index.jsp</page>
  6. <page>login.xhtml</page>
  7. <page>main.xhtml</page>
  8. <page>registrationSucceded.xhtml</page>
  9. </buyer>
  10. <seller>
  11. <page>sellerpanel.xhtml</page>
  12. <page>faq.xhtml</page>
  13. <page>index.jsp</page>
  14. <page>login.xhtml</page>
  15. <page>main.xhtml</page>
  16. <page>registrationSucceded.xhtml</page>
  17. </seller>
  18. <administrator>
  19. <page>sellerpanel.xhtml</page>
  20. <page>faq.xhtml</page>
  21. <page>index.jsp</page>
  22. <page>login.xhtml</page>
  23. <page>main.xhtml</page>
  24. <page>registrationSucceded.xhtml</page>
  25. </administrator>
  26. </access>

然后我需要进行解析以提取页面的值,以便能够创建允许或重定向的条件(依赖).我只需要告诉某人如何从xml中提取这些页面的值.这就是我现在所做的:

  1. public class RestrictPageFilter implements Filter {
  2.  
  3. private FilterConfig fc;
  4. private DocumentBuilder builder;
  5. private Document document;
  6.  
  7. public void init(FilterConfig filterConfig) throws ServletException {
  8. // The easiest way to initialize the filter
  9. fc = filterConfig;
  10. // Get the file that contains the allowed pages
  11. File f = new File("/allowedpages.xml");
  12. // Prepare the file parsing
  13. try {
  14. builder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
  15. document = builder.parse(f);
  16. } catch (ParserConfigurationException e) {
  17. e.printStackTrace();
  18. } catch (SAXException e) {
  19. e.printStackTrace();
  20. } catch (IOException e) {
  21. e.printStackTrace();
  22. }
  23.  
  24. }
  25.  
  26. public void doFilter(ServletRequest request,ServletResponse response,FilterChain chain) throws IOException,ServletException {
  27.  
  28. HttpServletRequest req = (HttpServletRequest) request;
  29. HttpServletResponse resp = (HttpServletResponse) response;
  30. HttpSession session = req.getSession(true);
  31. String pageRequested = req.getRequestURL().toString();
  32.  
  33. // Get the value of the current logged user
  34. Role currentUser = (Role) session.getAttribute("userRole");
  35. if (currentUser != null) {
  36. if(currentUser.getType().equals("BUYER")) {
  37. //Loop BUYER Element of the .xml
  38. //if pageRequested.contains(value of the page at buyer element)
  39. // chain.doFilter(request,response);
  40. // Else
  41. // Redirect the user to the main page
  42. }
  43. else if(currentUser.getType().equals("SELLER")) {
  44. //Same as above just for seller element
  45. }
  46. else if(currentUser.getType().equals("ADMINISTRATOR")) {
  47. //Same as above just for administrator element
  48. }
  49. }
  50. }
  51.  
  52. public void destroy() {
  53. // Not needed
  54. }
  55. }

在doFilter方法内部的注释中解释了我需要做什么.有人可以给我一个提示,我应该如何遍历文件来查找每个用户类型的页面名称?我尝试从互联网上关注JAXP示例,但它们比我需要的更复杂.

更新
xml存储在WEB-INF / classes中

而是使用JAXB. JAXP是一个古老且非常详细的API. JAXB倾向于Javabeans,因此干净且相对容易.首先创建一个Javabean,它使用javax.xml.bind注释将1:1映射到XML文件.
  1. @XmlRootElement
  2. public class Access {
  3.  
  4. @XmlElement
  5. private User buyer;
  6.  
  7. @XmlElement
  8. private User seller;
  9.  
  10. @XmlElement
  11. private User administrator;
  12.  
  13. public User getBuyer() {
  14. return buyer;
  15. }
  16.  
  17. public User getSeller() {
  18. return seller;
  19. }
  20.  
  21. public User getAdministrator() {
  22. return administrator;
  23. }
  24.  
  25. public static class User {
  26.  
  27. @XmlElement(name="page")
  28. private List<String> pages;
  29.  
  30. public List<String> getPages() {
  31. return pages;
  32. }
  33.  
  34. }
  35.  
  36. }

后执行以下部分来映射它(假设allowedpages.xml放在类路径的根目录中).

  1. InputStream input = Thread.currentThread().getContextClassLoader().getResourceAsStream("allowedpages.xml");
  2. Access access = (Access) JAXBContext.newInstance(Access.class).createUnmarshaller().unmarshal(input);

请注意,您不应该为此使用新的File().另见getResourceAsStream() vs FileInputStream.

最后,您可以访问所有买家页面,如下所示:

  1. List<String> buyerPages = access.getBuyer().getPages();
  2. // ...

毋庸置疑,养老保障并不总是最佳做法. Java EE 6附带容器管理的安全性.

猜你在找的XML相关文章