action 登录时查询用户权限，讲权限信息以集合形式存放在用户的实体类中！   

   <pre name="code" class="java">       ActionContext ac =  ActionContext.getContext();

     ActionContext ac =  ActionContext.getContext();
           Map<String, Object> ctx =ac.getSession();

           SysUserDTO uInfo=service.toSysUserDTO(user);
            //将角色信息放入用户
            List<SysRole> lst =service.findRoleByUserId(user.getId());
            uInfo.setRoleList(lst);

            ctx.put("userInfo", uInfo);

           Map<String, Object> ctx =ac.getSession();

           SysUserDTO uInfo=service.toSysUserDTO(user);
            //将角色信息放入用户
            List<SysRole> lst =service.findRoleByUserId(user.getId());
            uInfo.setRoleList(lst);

            ctx.put("userInfo", uInfo);

home hibernate框架返回实体类对象时，查询与剧中的表名要使用实体类名！

public List<SysRole> findByUserId(String userId){
        String sql= "select sr from SysUser  su,SysRole sr,SysUserRole  sur where sur.userId = su.id and sur.roleId = sr.id and sur.userId ='"+userId+"'";
        Query query =sessionFactory.getCurrentSession().createQuery(sql);
        return query.list();

    }

jsp 前台页面接受集合中相应权限的跳转路径，进行相应的跳转！

<%

    SysUserDTO userInfo = (SysUserDTO)session.getAttribute("userInfo");
        String homePage ="";
        if(userInfo.getRoleList().size()>0){
            homePage=userInfo.getRoleList().get(0).getHomePage();
        }
%>

var mainPage = '<%=homePage%>';