我想在用户login系统后控制访问。 例如: administrator : can add, delete and give rights to employee employee : fill forms only … 所以在知道用户拥有哪个权限之后,在数据库中检查,我想限制这个用户可以看到和做的事情。 有一个简单的方法来做到这一点? 编辑 @WebFilter("/integra/user/*") public class LoginFilter implements Filter { @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException { HttpServletRequest req = (HttpServletRequest) request; Authorization authorization = (Authorization) req.getSession().getAttribute("authorization"); if (authorization != null […]