摘要
为了在不降低系统性能的前提下,提升前后端分离Web系统内访问控制模块的开发效率,介绍了一种以基于角色的访问控制为核心思想,通过解析特定格式的API访问地址来调用不同的Spring MVC拦截器以决定控制策略的访问控制模块开发方法。该方法实现了在前后端分离Web系统开发过程中,业务逻辑与访问控制分离,使开发者在扩展与维护系统访问控制模块时能够通过修改所涉及到功能的API访问地址使其变得更加轻松与便捷。
In order to improve the development efficiency of access control module of Web system with frontend-backend separation, without degrading the system performance, this paper introduces an access control module development method which takes Role-Based Access Control(RBAC) as the main part and calls different spring MVC interceptors to determine the control strategy by parsing the API access address in specific format. In the development process of web system with frontend-backend separation, the business logic is separated from the access control, so that the developer can modify the function-related API access address when extending and maintaining the system access control module, make it easier and more convenient.
作者
宋清卿
Song Qingqing(Nanjing Institute of Industry Technology,Nanjing,Jiangsu 210046,China)
出处
《计算机时代》
2020年第5期23-26,共4页
Computer Era