spring security小结

配置web.xml

<listener>

      <listener-class>

  org.springframework.web.context.ContextLoaderListener

      </listener-class>

   </listener>

 

   <filter>  

      <filter-name>springSecurityFilterChain</filter-name>  

        <filter-class>

        org.springframework.web.filter.DelegatingFilterProxy

        </filter-class>  

   </filter>  

 

    <filter-mapping>  

        <filter-name>springSecurityFilterChain</filter-name>  

        <url-pattern>/*</url-pattern>  

    </filter-mapping> 

配置applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>  

<beans:beans xmlns="http://www.springframework.org/schema/security"  

    xmlns:beans="http://www.springframework.org/schema/beans"  

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  

    xsi:schemaLocation="http://www.springframework.org/schema/beans   

                        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd   

                        http://www.springframework.org/schema/security   

                        http://www.springframework.org/schema/security/spring-security-3.0.xsd"> 
 

 

   <!-- 数据源 --> 

    <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 

    <beans:property name="driverClassName" value="com.mysql.jdbc.Driver"></beans:property> 

<beans:property name="url" value="jdbc:mysql://localhost:3306/test"></beans:property> 

<beans:property name="username" value="root"></beans:property> 

<beans:property name="password" value="123456"></beans:property> 

    </beans:bean> 

   <!-- 权限设置 --> 
<http auto-config="true" access-denied-page="/accessDenied.jsp">
 <form-login login-page="/login.jsp" />
 <logout logout-success-url="/login.jsp"></logout>
  <intercept-url pattern="/login.jsp*" filters="none" />
   <intercept-url pattern="/index.jsp" access="ROLE_USER,ROLE_ADMIN" />
   <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" />
   <intercept-url pattern="/user.jsp" access="ROLE_USER" />
   <intercept-url pattern="/test.jsp" filters="none" />
</http>
   

<!--用户 --> 

<authentication-manager>  

        <authentication-provider> 

    <password-encoder hash="md5"></password-encoder>

    <jdbc-user-service data-source-ref="dataSource"/> 

      </authentication-provider>  

 </authentication-manager>  

 </beans:beans>

<!--index.jsp --> 

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>

<%@taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>

<%

String path = request.getContextPath();

String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>

  <head>

    <base href="<%=basePath%>">

    

    <title>My JSP 'index.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">    
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->

  </head>

  

  <body>

    This is my index page. <br>

        欢迎<sec:authentication property="name"></sec:authentication>登录。</br>

    <a href="j_spring_security_logout">退出系统</a>

  </body>

</html>

4000