SpringMVC+spring-security+sitemesh+hibernate+freemarker整合
2016-03-22 16:54
423 查看
SpringMVC-4.1.6
spring-security-4.0.0
sitemesh-3.0.0
hibernate-4.3.8
freemarker-2.3.22
3.[文件]springmvc.xml
4.[文件]Index.java
6.[文件]index.jsp
7.[文件]spring-security.xml
8.[文件]web.xml
spring-security-4.0.0
sitemesh-3.0.0
hibernate-4.3.8
freemarker-2.3.22
1.[文件]beans.xm
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
beans
xmlns
=
"http://www.springframework.org/schema/beans"
xmlns:aop
=
"http://www.springframework.org/schema/aop"
xmlns:cache
=
"http://www.springframework.org/schema/cache"
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xmlns:context
=
"http://www.springframework.org/schema/context"
xmlns:p
=
"http://www.springframework.org/schema/p"
xmlns:task
=
"http://www.springframework.org/schema/task"
xmlns:tx
=
"http://www.springframework.org/schema/tx"
xmlns:lang
=
"http://www.springframework.org/schema/lang"
xmlns:mvc
=
"http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang-4.1.xsd
http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.1.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.1.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.1.xsd
http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-4.1.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.1.xsd
http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache-4.1.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd">
<
bean
id
=
"propertyConfigurer"
class
=
"org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"
>
<
property
name
=
"locations"
>
<
list
>
<
value
>classpath:jdbc.properties</
value
>
<
value
>classpath:mail.properties</
value
>
</
list
>
</
property
>
</
bean
>
<!--如果sprinmvc和springioc扫描的包有重合就会把类初始化2次context:component-scan-->
<!--beans可以引用springmvc的类,但是springmvc不能引用spring的类-->
<!--Springmvc的ioc容器中的bean可以引用spring的ioc容器的bean,反之不可以-->
<
context:component-scan
base-package
=
"com.sniper.springmvc.hibernate.*,com.sniper.springmvc.scheduler"
>
<!--不扫描的带有这些注解的类-->
<
context:exclude-filter
type
=
"annotation"
expression
=
"org.springframework.stereotype.Controller"
/>
<
context:exclude-filter
type
=
"annotation"
expression
=
"org.springframework.web.bind.annotation.ControllerAdvice"
/>
</
context:component-scan
>
<!--配置数据源,其他框架-->
<!--分库配置master-->
<
bean
id
=
"dataSource_main"
class
=
"com.mchange.v2.c3p0.ComboPooledDataSource"
>
<
property
name
=
"driverClass"
value
=
"${jdbc.driverClass}"
/>
<
property
name
=
"jdbcUrl"
value
=
"${jdbc.jdbcUrl}"
/>
<
property
name
=
"user"
value
=
"${jdbc.user}"
/>
<
property
name
=
"password"
value
=
"${jdbc.password}"
/>
<
property
name
=
"idleConnectionTestPeriod"
value
=
"${c3p0.idleConnectionTestPeriod}"
/>
<
property
name
=
"preferredTestQuery"
value
=
"${c3p0.preferredTestQuery}"
/>
<
property
name
=
"testConnectionOnCheckin"
value
=
"${c3p0.testConnectionOnCheckin}"
/>
<
property
name
=
"testConnectionOnCheckout"
value
=
"${c3p0.testConnectionOnCheckout}"
/>
<
property
name
=
"maxPoolSize"
value
=
"${c3p0.maxPoolSize}"
/>
<
property
name
=
"minPoolSize"
value
=
"${c3p0.minPoolSize}"
/>
<
property
name
=
"initialPoolSize"
value
=
"${c3p0.initialPoolSize}"
/>
<
property
name
=
"acquireIncrement"
value
=
"${c3p0.acquireIncrement}"
/>
</
bean
>
<!--分库配置slave-->
<
bean
id
=
"dataSource_salve_1"
parent
=
"dataSource_main"
>
<
property
name
=
"jdbcUrl"
value
=
"${jdbc.jdbcUrl}"
/>
</
bean
>
<!--配置数据源路由器-->
<
bean
id
=
"dataSourceRouter"
class
=
"com.sniper.springmvc.datasource.DataSourceRouter"
>
<
property
name
=
"targetDataSources"
>
<
map
>
<
entry
key
=
"master"
value-ref
=
"dataSource_main"
/>
<
entry
key
=
"salve_a"
value-ref
=
"dataSource_salve_1"
/>
</
map
>
</
property
>
<!--默认数据源集合-->
<
property
name
=
"defaultTargetDataSource"
ref
=
"dataSource_main"
/>
</
bean
>
<!--呢目的会话工厂bean(spring整合hinernate的核心入口)-->
<
bean
id
=
"sessionFactory"
class
=
"org.springframework.orm.hibernate4.LocalSessionFactoryBean"
>
<!--配置路由数据源-->
<
property
name
=
"dataSource"
ref
=
"dataSourceRouter"
/>
<
property
name
=
"configLocation"
value
=
"classpath:hibernate.cfg.xml"
/>
<!--注解-->
<
property
name
=
"packagesToScan"
>
<
list
>
<
value
>com.sniper.springmvc.model</
value
>
</
list
>
</
property
>
</
bean
>
<!--hibernate事务管理器,用来在service层面上实现事务管理,实现平台无关行-->
<
bean
id
=
"transactionManager"
class
=
"org.springframework.orm.hibernate4.HibernateTransactionManager"
>
<
property
name
=
"sessionFactory"
ref
=
"sessionFactory"
/>
</
bean
>
<!--事物通知-->
<!--rollback-for回滚事物,果存在一个事务,则支持当前事务。如果没有事务则开启-->
<!--aopalliance-1.0需要这个包否则报错,这个包在struts里面-->
<
tx:advice
id
=
"txAdvice"
transaction-manager
=
"transactionManager"
>
<
tx:attributes
>
<
tx:method
name
=
"save*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"delete*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"update*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"batch*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"execute*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"get*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
read-only
=
"true"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"load*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
read-only
=
"true"
rollback-for
=
"Exception"
/>
<
tx:method
name
=
"find*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
read-only
=
"true"
rollback-for
=
"Exception"
/>
<!--<tx:methodname="*"propagation="NOT_SUPPORTED"isolation="DEFAULT"
read-only="true"/>-->
<
tx:method
name
=
"*"
propagation
=
"REQUIRED"
isolation
=
"DEFAULT"
/>
</
tx:attributes
>
</
tx:advice
>
<!--切入点通知-->
<!--日志记录-->
<
bean
id
=
"logger"
class
=
"com.sniper.springmvc.advice.Logger"
/>
<!--EhCachelibrarysetup-->
<
bean
id
=
"ehcache"
class
=
"org.springframework.cache.ehcache.EhCacheManagerFactoryBean"
p:config-location
=
"classpath:ehcache.xml"
/>
<
bean
id
=
"cacheManager"
class
=
"org.springframework.cache.ehcache.EhCacheCacheManager"
p:cache-manager-ref
=
"ehcache"
/>
<!--自定义生成缓存key-->
<
bean
id
=
"surveyKey"
class
=
"com.sniper.springmvc.cache.SurveyKey"
></
bean
>
<
cache:advice
id
=
"cacheAdvice"
cache-manager
=
"cacheManager"
key-generator
=
"surveyKey"
>
<!---->
<
cache:caching
cache
=
"SurveyAdminRight"
>
<!--缓存方法保存的key-->
<
cache:cacheable
method
=
"getC*"
/>
<
cache:cacheable
method
=
"loadC*"
/>
<
cache:cacheable
method
=
"findC*"
/>
<!--删除缓存的方法就是当执行下面方法的时候除掉缓存需要配合aop切入点才管用-->
<
cache:cache-evict
method
=
"save*"
all-entries
=
"true"
/>
<
cache:cache-evict
method
=
"update*"
all-entries
=
"true"
/>
<
cache:cache-evict
method
=
"delete*"
all-entries
=
"true"
/>
<
cache:cache-evict
method
=
"clear*"
all-entries
=
"true"
/>
<
cache:cache-evict
method
=
"toggle*"
all-entries
=
"true"
/>
<
cache:cache-evict
method
=
"move*"
all-entries
=
"true"
/>
<
cache:cache-evict
method
=
"batch*"
all-entries
=
"true"
/>
</
cache:caching
>
</
cache:advice
>
<
aop:config
>
<!--order值越大优先值越低-->
<!--事务切入点通知-->
<
aop:advisor
advice-ref
=
"txAdvice"
pointcut
=
"execution(* *..*Service.*(..))"
order
=
"1"
/>
<!--缓存切入点通知-->
<
aop:advisor
advice-ref
=
"cacheAdvice"
pointcut="(execution(**..*Service.getC*(..))
orexecution(**..*Service.findC*(..))
orexecution(**..*Service.loadC*(..))
orexecution(**..*Service.save*(..))
orexecution(**..*Service.update*(..))
orexecution(**..*Service.delete*(..))
orexecution(**..*Service.move*(..))
orexecution(**..*Service.toggle*(..))
orexecution(**..*Service.clear*(..)))
and!bean(myUserDetail)
"
order
=
"0"
/>
<!--logger切面-->
<
aop:aspect
id
=
"loggerAspect"
ref
=
"logger"
order
=
"0"
>
<
aop:around
method
=
"record"
pointcut="(execution(**..*Service.save*(..))
orexecution(**..*Service.update*(..))
orexecution(**..*Service.delete*(..))
orexecution(**..*Service.batch*(..))
orexecution(**..*Service.new*(..))
orexecution(**..*Service.move*(..))
orexecution(**..*Service.clear*(..))
orexecution(**..*Service.toggle*(..)))
and!bean(logService)
"/>
</
aop:aspect
>
</
aop:config
>
<
bean
id
=
"mailSender"
class
=
"org.springframework.mail.javamail.JavaMailSenderImpl"
>
<
property
name
=
"defaultEncoding"
value
=
"${mail.smtp.encoding}"
/>
<
property
name
=
"host"
value
=
"${mail.smtp.host}"
/>
<
property
name
=
"username"
value
=
"${mail.smtp.username}"
/>
<
property
name
=
"password"
value
=
"${mail.smtp.password}"
/>
<
property
name
=
"javaMailProperties"
>
<
props
>
<!--是否开启验证-->
<
prop
key
=
"mail.smtp.auth"
>${mail.smtp.auth}</
prop
>
<
prop
key
=
"mail.debug"
>true</
prop
>
<!--设置发送延迟-->
<
prop
key
=
"mail.smtp.timeout"
>${mail.smtp.timeout}</
prop
>
</
props
>
</
property
>
</
bean
>
<!--设置计划人物扫描-->
<
task:annotation-driven
/>
<!--加载-->
<
bean
id
=
"springContextHelper"
class
=
"com.sniper.springmvc.security.SpringContextUtil"
></
bean
>
</
beans
>
2.[文件]MySiteMeshFilter.java
package
com.sniper.springmvc.sitemesh3;
import
org.sitemesh.builder.SiteMeshFilterBuilder;
import
org.sitemesh.config.ConfigurableSiteMeshFilter;
public
class
MySiteMeshFilter
extends
ConfigurableSiteMeshFilter {
@Override
protected
void
applyCustomConfiguration(SiteMeshFilterBuilder builder){
builder.addDecoratorPath(
"/admin/**"
,
"/WEB-INF/template/admin/main.jsp"
)
.addExcludedPath(
"/admin/login**"
)
.addExcludedPath(
"/admin/admin-print**"
)
.addExcludedPath(
"/admin/file-upload**"
)
.addDecoratorPath(
"/*"
,
"/WEB-INF/template/home/main.jsp"
)
.addExcludedPath(
"/myfiles/*"
);
}
}
3.[文件]springmvc.xml
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
beans
xmlns
=
"http://www.springframework.org/schema/beans"
xmlns:aop
=
"http://www.springframework.org/schema/aop"
xmlns:cache
=
"http://www.springframework.org/schema/cache"
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xmlns:context
=
"http://www.springframework.org/schema/context"
xmlns:p
=
"http://www.springframework.org/schema/p"
xmlns:task
=
"http://www.springframework.org/schema/task"
xmlns:tx
=
"http://www.springframework.org/schema/tx"
xmlns:lang
=
"http://www.springframework.org/schema/lang"
xmlns:mvc
=
"http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang-4.0.xsd
http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.1.xsd
http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.0.xsd
http://www.springframework.org/schema/cache http://www.springframework.org/schema/cache/spring-cache-4.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd">
<!--需要进行spring整合springmvc么还是需要加入spring的ioc容器是否需要在web.xml中配置springioc容器的ContextLoaderListener
1.需要:通常情况下,类似于数据源,事务,整合其他框架都是放在spring配置文件中(而不是放在springmv里面)2.不需要都放在springmvc的配置文件中,也可以分多个Spring
的配置文件然后import节点导入其他的配置文件实际上-->
<
context:component-scan
base-package
=
"com.sniper.springmvc"
>
<!--不扫描的带有这些注解的类-->
<
context:exclude-filter
type
=
"annotation"
expression
=
"org.springframework.stereotype.Service"
/>
</
context:component-scan
>
<!--配置freemarker解析器-->
<!--http://www.osblog.net/wangxp/140.html-->
<
bean
class
=
"org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver"
>
<
property
name
=
"viewClass"
value
=
"org.springframework.web.servlet.view.freemarker.FreeMarkerView"
/>
<
property
name
=
"suffix"
value
=
""
/>
<
property
name
=
"viewNames"
value
=
"*.ftl"
/>
<
property
name
=
"prefix"
value
=
""
/>
<
property
name
=
"cache"
value
=
"false"
/>
<
property
name
=
"contentType"
value
=
"text/html;charset=UTF-8"
/>
<
property
name
=
"exposeRequestAttributes"
value
=
"true"
/>
<
property
name
=
"exposeSessionAttributes"
value
=
"true"
/>
<
property
name
=
"exposeSpringMacroHelpers"
value
=
"true"
/>
<!--此变量值为pageContext.request,页面使用方法:base.contextPath-->
<
property
name
=
"requestContextAttribute"
value
=
"base"
/>
<
property
name
=
"order"
value
=
"200"
/>
</
bean
>
<
bean
id
=
"fmXmlEscape"
class
=
"freemarker.template.utility.XmlEscape"
></
bean
>
<
bean
id
=
"freemarkerConfig"
class
=
"org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer"
>
<
property
name
=
"templateLoaderPath"
value
=
"/WEB-INF/template/"
/>
<
property
name
=
"defaultEncoding"
value
=
"UTF-8"
/>
<
property
name
=
"freemarkerVariables"
>
<
map
>
<
entry
key
=
"xml_escape"
value-ref
=
"fmXmlEscape"
/>
</
map
>
</
property
>
<
property
name
=
"freemarkerSettings"
>
<
props
>
<
prop
key
=
"tag_syntax"
>auto_detect</
prop
>
<
prop
key
=
"template_update_delay"
>5</
prop
>
<
prop
key
=
"defaultEncoding"
>UTF-8</
prop
>
<
prop
key
=
"url_escaping_charset"
>UTF-8</
prop
>
<
prop
key
=
"locale"
>zh_CN</
prop
>
<
prop
key
=
"boolean_format"
>true,false</
prop
>
<
prop
key
=
"datetime_format"
>yyyy-MM-dd HH:mm:ss</
prop
>
<
prop
key
=
"date_format"
>yyyy-MM-dd</
prop
>
<
prop
key
=
"time_format"
>HH:mm:ss</
prop
>
<
prop
key
=
"number_format"
>0.######</
prop
>
<
prop
key
=
"whitespace_stripping"
>true</
prop
>
<!--空值处理<propkey="classic_compatible">true</prop>-->
<!--<propkey="auto_import">/ftl/tags/index.ftlasp,/ftl/spring.ftl
ass</prop>-->
</
props
>
</
property
>
</
bean
>
<!--配置试图解析器-->
<
bean
class
=
"org.springframework.web.servlet.view.InternalResourceViewResolver"
>
<
property
name
=
"prefix"
value
=
"/WEB-INF/template/"
/>
<!--下面2个都不允许设置-->
<!--<propertyname="suffix"value=""/>-->
</
bean
>
<
bean
id
=
"localeResolver"
class
=
"org.springframework.web.servlet.i18n.CookieLocaleResolver"
>
<
property
name
=
"cookieName"
value
=
"clientlanguage"
/>
<
property
name
=
"cookieMaxAge"
value
=
"-1"
/>
</
bean
>
<!--id必须是messageSource否则出错-->
<!--使用jstl资源国际化的设置-->
<
bean
id
=
"messageSource"
class
=
"org.springframework.context.support.ResourceBundleMessageSource"
>
<
property
name
=
"basename"
value
=
"i18n"
/>
</
bean
>
<!--配置试图beanNameViewResolver解析器,使用试图的名字来解析试图-->
<!--通过order来设置试图解析器的优先级,只要配置都会被默认的小-->
<
bean
class
=
"org.springframework.web.servlet.view.BeanNameViewResolver"
>
<
property
name
=
"order"
value
=
"100"
/>
</
bean
>
<!--配置直接转发的页面-->
<!--直接响应转发的页面不经过handler的方法,如果不加上下面的配置以前的url都会失效-->
<
mvc:view-controller
path
=
"/success"
view-name
=
"success"
/>
<!--取消对静态资源的解释,这样可以直接访问静态资源,这里判断访问资源是否被映射过-->
<!--这样不会出现找不到匹配资源的情况-->
<
mvc:default-servlet-handler
/>
<!--静态文件映射-->
<
mvc:resources
location
=
"/myfiles/"
mapping
=
"/myfiles/**"
/>
<!--下面是我学习是写的可以把你们没有的删除即可-->
<!--在实际开发中都通常需要配置mvc:annotion-driven标签-->
<!--加上这个配置就不会除了mvc之外的url都不能使用-->
<!--作用有很多会住测三个bean支持实例对表单参数类型转换支持很多类型注解数据类型的格式化-->
<!---->
<
mvc:annotation-driven
/>
<!--下面的写法可以使用自定义转换器,自定义类型转换器和系统类型转换器一起使用-->
<!--<mvc:annotation-drivenconversion-service="conversionService"/>-->
<!--配置conversionService-->
<!--org.springframework.context.support.ConversionServiceFactoryBean-->
<
bean
id
=
"conversionService"
class
=
"org.springframework.format.support.FormattingConversionServiceFactoryBean"
>
<
property
name
=
"converters"
>
<
set
>
<!--使用@Component注册用spring扫描-->
<
ref
bean
=
"userConverter"
/>
</
set
>
</
property
>
</
bean
>
<!--验证-->
<
bean
id
=
"validationFactoryBean"
class
=
"org.springframework.validation.beanvalidation.LocalValidatorFactoryBean"
>
</
bean
>
<!--配置SessionLocaleResolver-->
<
bean
id
=
"localResolver"
class
=
"org.springframework.web.servlet.i18n.SessionLocaleResolver"
/>
<!--下面的拦截器可以指定url开始的-->
<!--配置链接修改语言环境的拦截器org.springframework.web.servlet.i18n.LocaleChangeInterceptor-->
<
mvc:interceptors
>
<!--配置自定义拦截器,controller的使用时间-->
<
mvc:interceptor
>
<
mvc:mapping
path
=
"/**"
/>
<
mvc:exclude-mapping
path
=
"/myfiles/**"
/>
<
mvc:exclude-mapping
path
=
"/verify**"
/>
<
bean
class
=
"com.sniper.springmvc.interceptions.RunTimeInterceptor"
/>
<!--链接改变语言环境的session拦截器-->
</
mvc:interceptor
>
<
mvc:interceptor
>
<
mvc:mapping
path
=
"/**"
/>
<
mvc:exclude-mapping
path
=
"/myfiles/**"
/>
<
mvc:exclude-mapping
path
=
"/verify**"
/>
<!--链接改变语言环境的session拦截器-->
<
bean
class
=
"com.sniper.springmvc.interceptions.MyLocaleChangeInterceptor"
/>
</
mvc:interceptor
>
<
mvc:interceptor
>
<!--拦截器管用的路径-->
<
mvc:mapping
path
=
"/springmvc"
/>
<!--那个拦截器使用此条规则-->
<
bean
class
=
"com.sniper.springmvc.interceptions.SecondInterceptor"
/>
<!--拦截器不管用的路径-->
<!--<mvc:exclude-mappingpath="/abc"/>-->
</
mvc:interceptor
>
</
mvc:interceptors
>
<!--上传文件配置-->
<
bean
id
=
"multipartResolver"
class
=
"org.springframework.web.multipart.commons.CommonsMultipartResolver"
>
<
property
name
=
"defaultEncoding"
value
=
"UTF-8"
/>
<
property
name
=
"maxUploadSize"
value
=
"10485760"
/>
</
bean
>
<!--配置错误处理页面-->
<!--通过SimpleMappingExceptionResolver处理错误页面-->
<
bean
class
=
"org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"
>
<!--更改试图中exception的名称-->
<!--<propertyname="exceptionAttribute"value="ex"></property><property
name="exceptionMappings"><props><propkey="java.lang.ArrayIndexOutOfRoundsException"></prop>
</props></property>-->
<!--<propertyname="exceptionMappings"><props><propkey="java.lang.Throwable">500</prop>
</props></property><propertyname="warnLogCategory"value="WARN"></property>
<propertyname="defaultErrorView"value="500"></property><propertyname="defaultStatusCode"
value="500"></property><propertyname="statusCodes"><props><propkey="404">404</prop>
<propkey="500">500</prop></props></property>-->
</
bean
>
</
beans
>
4.[文件]Index.java
package
com.sniper.springmvc.action.home;
import
java.util.Date;
import
java.util.Map;
import
org.springframework.stereotype.Controller;
import
org.springframework.web.bind.annotation.RequestBody;
import
org.springframework.web.bind.annotation.RequestMapping;
import
org.springframework.web.bind.annotation.ResponseBody;
import
com.sniper.springmvc.model.SystemConfig;
@Controller
public
class
Index
extends
BaseAction<SystemConfig> {
@RequestMapping
(
"/"
)
public
Stringindex(Map<String,Object>map){
System.out.println(model.getClass());
System.out.println(
"执行我的次数"
);
return
"home/index/index.jsp"
;
}
/**
*数据下载例子
*
*@parammap
*@return
*/
@RequestMapping
(
"goto"
)
public
Stringdownload(Map<String,Object>map){
map.put(
"path"
,
"/approot/soft/ffmpeg-2.5.2.tar.bz2"
);
return
"redirect:download"
;
}
@RequestMapping
(
"toupload"
)
public
Stringupload(){
return
"home/index/index.jsp"
;
}
@RequestMapping
(
"freemarker"
)
public
Stringfreemarker(){
return
"home/index/index.ftl"
;
}
@ResponseBody
public
StringreponseBody(
@RequestBody
String body){
//返回客户端一个字符串
System.out.println(body);
return
"aa"
+
new
Date();
}
}
5.[文件]index.ftl
<!
DOCTYPE
html>
<
html
lang
=
"zh-cn"
>
<
head
>
<
meta
charset
=
"utf-8"
>
<
title
>登录</
title
>
<
base
href
=
"${baseHref.baseHref}"
>
<
meta
name
=
"viewport"
content
=
"width=device-width, initial-scale=1.0"
>
<
meta
http-equiv
=
"X-UA-Compatible"
content
=
"IE=edge"
>
<
script
type
=
"text/javascript"
src
=
"myfiles/js/jquery-1.11.1.min.js"
></
script
>
<
script
type
=
"text/javascript"
src
=
"myfiles/Plugin/Bootstrap/js/bootstrap.min.js"
></
script
>
<
link
href
=
"myfiles/Plugin/Bootstrap/css/bootstrap.min.css"
media
=
"screen"
rel
=
"stylesheet"
type
=
"text/css"
>
<
link
href
=
"myfiles/Plugin/Bootstrap/css/bootstrap-theme.min.css"
media
=
"screen"
rel
=
"stylesheet"
type
=
"text/css"
>
<!--HTML5ShimandRespond.jsIE8supportofHTML5elementsandmediaqueries-->
<!--WARNING:Respond.jsdoesn'tworkifyouviewthepageviafile://-->
<!--[ifltIE9]>
<scriptsrc="myfiles/Plugin/Bootstrap/js/html5shiv.min.js"></script>
<![endif]-->
<
script
type
=
"text/javascript"
src
=
"myfiles/js/jquery.backstretch.min.js"
></
script
>
<
style
type
=
"text/css"
>
.form-signin{
margin:0auto;
max-width:330px;
padding:15px;
}
</
style
>
</
head
>
<
body
>
<
div
class
=
"container"
>
<
form
data-status
=
''
class
=
"form-signin"
role
=
"form"
name
=
"login"
action
=
"login_check"
method
=
"post"
>
<
h2
class
=
"form-signin-heading"
>登录</
h2
>
<
input
type
=
"hidden"
name
=
"${_csrf.parameterName}"
value
=
"${_csrf.token}"
/>
<#ifloginError??>
<
div
class
=
"alert
alert-warningalert-dismissible"
role
=
"alert"
>
<
button
type
=
"button"
class
=
"close"
data-dismiss
=
"alert"
>
<
span
aria-hidden
=
"true"
>×</
span
><
span
class
=
"sr-only"
>Close</
span
>
</
button
>
${loginError}
</
div
>
</#if>
<
div
class
=
"form-group input-group-lg"
>
<
label
for
=
"username"
>用户名</
label
>
<
input
type
=
"text"
id
=
"username"
value
=
"${lastLoginName!''}"
name
=
"username"
class
=
"form-control"
placeholder
=
""
required autofocus>
</
div
>
<
div
class
=
"form-group input-group-lg"
>
<
label
for
=
"password"
>密码</
label
>
<
input
id
=
"password"
type
=
"password"
name
=
"password"
class
=
"form-control"
placeholder
=
""
name
=
""
required>
</
div
>
<#ifloginNum??&&loginNum?evalgt300>
<
div
class
=
"form-group input-group-lg"
>
<
label
for
=
"verifycode"
class
=
"col-sm-2
control-labelsr-only"
>
验证码
</
label
>
<
input
type
=
"text"
name
=
"sessionVerifyName"
style
=
"
display:inline;width:44%;float:left;"
placeholder
=
""
id
=
"verifycode"
class
=
"form-control"
>
<
img
alt
=
""
style
=
"cursor:
pointer;margin-left:2%"
src
=
"verify"
class
=
"fl"
>
</
div
>
</#if>
<
div
class
=
"form-group input-group-lg"
>
<
label
class
=
""
>
<
input
type
=
"checkbox"
name
=
"remember-me"
>
Rememberme
</
label
>
</
div
>
<
button
class
=
"btn
btn-lgbtn-primarybtn-block"
type
=
"submit"
>
登录
</
button
>
<
p
class
=
"text-muted pull-right"
><
a
href
=
"password/getPassword"
>忘记密码?</
a
></
p
>
</
form
>
</
div
>
<!--/container-->
<
script
language
=
"javascript"
>
$(function(){
$('formimg').click(function(){
fleshVerify();
});
});
functionfleshVerify(){
vartimenow=newDate().getTime();
varsrc=$('formimg').attr("src");
varindexof=src.indexOf("?");
if(indexof!=-1){
src=src.substring(0,src.indexOf("?"));
}
$('formimg').attr("src",src+'?d='+timenow);
}
</
script
>
</
body
>
</
html
>
6.[文件]index.jsp
<%@pagelanguage="java"import="java.util.*"pageEncoding="UTF-8"%>
<!
DOCTYPE
HTMLPUBLIC"-//W3C//DTDHTML4.01Transitional//EN">
<
html
>
<
head
>
<
title
>MyJSP'index.jsp'startingpage</
title
>
<
meta
http-equiv
=
"pragma"
content
=
"no-cache"
>
<
meta
http-equiv
=
"cache-control"
content
=
"no-cache"
>
<
meta
http-equiv
=
"expires"
content
=
"0"
>
<
meta
http-equiv
=
"keywords"
content
=
"keyword1,keyword2,keyword3"
>
<
meta
http-equiv
=
"description"
content
=
"This
ismypage"
>
</
head
>
<
body
>
</
body
>
</
html
>
7.[文件]spring-security.xml
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
beans:beans
xmlns
=
"http://www.springframework.org/schema/security"
xmlns:beans
=
"http://www.springframework.org/schema/beans"
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd">
<
global-method-security
pre-post-annotations
=
"enabled"
/>
<
http
pattern
=
"/myfiles/**"
security
=
"none"
/>
<
http
pattern
=
"/attachments/**"
security
=
"none"
/>
<
http
pattern
=
"/verify**"
security
=
"none"
/>
<
http
disable-url-rewriting
=
"true"
use-expressions
=
"false"
entry-point-ref
=
"authenticationProcessingFilterEntryPoint"
>
<!--匿名授权-->
<
access-denied-handler
error-page
=
"/WEB-INF/template/error/error_no_right.jsp"
/>
<!--auto-config=true则使用from-login.如果不使用该属性则默认为http-basic(没有session).-->
<!--lowercase-comparisons:表示URL比较前先转为小写。-->
<!--path-type:表示使用ApacheAnt的匹配模式。-->
<!--access-denied-page:访问拒绝时转向的页面。-->
<!--access-decision-manager-ref:指定了自定义的访问策略管理器。-->
<
intercept-url
pattern
=
"/**"
access
=
"IS_AUTHENTICATED_ANONYMOUSLY"
/>
<
intercept-url
pattern
=
"/admin**"
access
=
"ROLE_ADMIN"
/>
<!--<form-login/>-->
<!--username-parameter="j_username"password-parameter="j_password"login-processing-url="j_spring_security_check"-->
<!--<form-loginlogin-page="/admin/login"authentication-failure-url="/admin/login?error=true"
default-target-url="/admin"username-parameter="username"password-parameter="password"
/>-->
<!--login-page:指定登录页面。-->
<!--login-processing-url:指定了客户在登录页面中按下SignIn按钮时要访问的URL。-->
<!--authentication-failure-url:指定了身份验证失败时跳转到的页面。-->
<!--default-target-url:指定了成功进行身份验证和授权后默认呈现给用户的页面。-->
<!--always-use-default-target:指定了是否在身份验证通过后总是跳转到default-target-url属性指定的URL。-->
<!--/j_spring_security_logout,注销页面-->
<!--logout-url:指定了用于响应退出系统请求的URL。其默认值为:/j_spring_security_logout。-->
<!--logout-success-url:退出系统后转向的URL。-->
<!--invalidate-session:指定在退出系统时是否要销毁Session。-->
<
logout
logout-success-url
=
"/admin/login"
logout-url
=
"/logout"
delete-cookies
=
"JSESSIONID"
/>
<!--表单中的name是remember_me-->
<!--services-ref="rememberMeServices"-->
<
remember-me
remember-me-parameter
=
"_spring_security_remember_me"
remember-me-cookie
=
"SPRING_SECURITY_REMEMBER_ME_COOKIE"
/>
<!--<http-basic/>-->
<
csrf
disabled
=
"false"
/>
<
headers
disabled
=
"false"
>
<
cache-control
/>
<
content-type-options
/>
<
hsts
/>
<!--<frame-options/>-->
<
xss-protection
/>
<!--静态头部信息-->
<!--<headername="Content-Security-Policy"value="default-src'self'"
/><headername="Content-Security-Report-Only"value="default-src'self'"
/>-->
</
headers
>
<!--检测session是否可用的地址max-sessions=1配合单用户登录最大session个数=1-->
<!--session-fixation-protection解决session伪造-->
<!--error-if-maximum-exceeded解决单一登录,不提出第一个登录-->
<!--max-sessions:允许用户帐号登录的次数。范例限制用户只能登录一次。-->
<!--此值表示:用户第二次登录时,前一次的登录信息都被清空。-->
<!--需要在web.xml添加监听器org.springframework.security.web.session.HttpSessionEventPublisher-->
<
session-management
session-fixation-protection
=
"none"
>
<
concurrency-control
max-sessions
=
"1"
error-if-maximum-exceeded
=
"true"
/>
</
session-management
>
<!--设置验证filter-->
<!--<custom-filterref="csrfFilter"before="CSRF_FILTER"/>-->
<
custom-filter
ref
=
"myLoginFilter"
before
=
"FORM_LOGIN_FILTER"
/>
<
custom-filter
ref
=
"mySniperFilter"
before
=
"FILTER_SECURITY_INTERCEPTOR"
/>
<!--cas单点登录配置-->
<!--<custom-filterref="myLogoutFilter"before="LOGOUT_FILTER"/><custom-filter
ref="myCasFilter"before="CAS_FILTER"/>-->
</
http
>
<!--<beans:beanid="requestDataValueProcessor"class="org.springframework.security.web.servlet.support.csrf.CsrfRequestDataValueProcessor"
/><beans:beanid="csrfFilter"class="org.springframework.security.web.csrf.CsrfFilter">
<beans:constructor-arg><beans:beanclass="org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository">
<beans:propertyname="headerName"value="X-SECURITY"/></beans:bean></beans:constructor-arg>
</beans:bean>-->
<
beans:bean
id
=
"rememberMeServices"
class
=
"org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices"
>
<
beans:constructor-arg
name
=
"userDetailsService"
ref
=
"myUserDetail"
/>
<
beans:constructor-arg
name
=
"key"
value
=
"remember_me"
/>
<
beans:property
name
=
"alwaysRemember"
value
=
"true"
/>
<
beans:property
name
=
"tokenValiditySeconds"
value
=
"86400"
/>
<
beans:property
name
=
"parameter"
value
=
"remember_me"
/>
<
beans:property
name
=
"cookieName"
value
=
"spring_security_remember_me_cookies"
/>
</
beans:bean
>
<!--配置过滤器-->
<
beans:bean
id
=
"mySniperFilter"
class
=
"com.sniper.springmvc.security.MyFilterSecurityInterceptor"
>
<!--用户拥有的权限-->
<
beans:property
name
=
"authenticationManager"
ref
=
"authenticationManager"
/>
<!--用户是否拥有所请求资源的权限-->
<
beans:property
name
=
"accessDecisionManager"
ref
=
"myAccessDecisionManagerBean"
/>
<!--资源与权限对应关系-->
<
beans:property
name
=
"securityMetadataSource"
ref
=
"securityMetadataSource"
/>
</
beans:bean
>
<!--认真管理器,实现用户认证的入口,主要实现USerDetailsService接口即可-->
<
authentication-manager
alias
=
"authenticationManager"
>
<
authentication-provider
user-service-ref
=
"myUserDetail"
>
<!--因为用户登录自定义,密码加密在自定义里面加密过了所以这里不用设置加密-->
<!--<password-encoderhash="md5">-->
<!--<salt-sourceuser-property="username"/><salt-sourceuser-property="password"/>-->
<!--</password-encoder>-->
</
authentication-provider
>
</
authentication-manager
>
<!--读取用户的密码,角色信息,是否锁定,账号是否过期-->
<
beans:bean
id
=
"myUserDetail"
class
=
"com.sniper.springmvc.security.MyUserDetailsService"
>
<
beans:constructor-arg
name
=
"adminUserService"
ref
=
"adminUserService"
/>
</
beans:bean
>
<!--访问决策其,决定那个用户具有的角色,是否足够权限访问-->
<
beans:bean
id
=
"myAccessDecisionManagerBean"
class
=
"com.sniper.springmvc.security.myAccessDecisionManagerBean"
/>
<!--资源数据定义,将所有的资源和权限对应关系建立起来,及定义木易资源可以被大写橘色访问-->
<
beans:bean
id
=
"securityMetadataSource"
class
=
"com.sniper.springmvc.security.MySecurityMetadataSource"
>
<
beans:property
name
=
"adminRightService"
ref
=
"adminRightService"
/>
</
beans:bean
>
<!--自定义登录filter-->
<
beans:bean
id
=
"myLoginFilter"
class
=
"com.sniper.springmvc.security.MyUsernamePasswordAuthenticationFilter"
>
<!--处理登录-->
<
beans:property
name
=
"filterProcessesUrl"
value
=
"/login_check"
/>
<!--处理登录成功之后的处理-->
<
beans:property
name
=
"authenticationSuccessHandler"
ref
=
"loginLogAuthenticationSuccessHandler"
/>
<!--验证失败-->
<
beans:property
name
=
"authenticationFailureHandler"
ref
=
"simpleUrlAuthenticationFailureHandler"
/>
<
beans:property
name
=
"authenticationManager"
ref
=
"authenticationManager"
/>
<!--注入用户dao-->
<
beans:property
name
=
"adminUserService"
ref
=
"adminUserService"
/>
<!--<beans:propertyname="rememberMeServices"ref="rememberMeServices"
/>-->
</
beans:bean
>
<!--登录成功后跳转页面-->
<
beans:bean
id
=
"loginLogAuthenticationSuccessHandler"
class
=
"org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
>
<
beans:property
name
=
"defaultTargetUrl"
value
=
"/admin/"
/>
</
beans:bean
>
<!--登录失败后跳转页面-->
<
beans:bean
id
=
"simpleUrlAuthenticationFailureHandler"
class
=
"org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"
>
<!--可以配置相应的跳转方式。属性forwardToDestination为true采用forwardfalse为sendRedirect-->
<
beans:property
name
=
"defaultFailureUrl"
value
=
"/admin/login?error=true"
/>
</
beans:bean
>
<!--ThisfilterhandlesaSingleLogoutRequestfromtheCASServer-->
<!--<beans:beanid="myCasFilter"class="org.jasig.cas.client.session.SingleSignOutFilter"></beans:bean>-->
<!--ThisfilterredirectstotheCASServertosignalSingleLogoutshould
beperformed-->
<!--<beans:beanid="myLogoutFilter"class="org.springframework.security.web.authentication.logout.LogoutFilter">
<constructor-argvalue="https://localhost:9443/cas/logout"/>
<constructor-arg>
<beanclass="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</constructor-arg><propertyname="filterProcessesUrl"value="/j_spring_cas_security_logout"/>
</beans:bean>-->
<!--未登录用户跳转页面-->
<
beans:bean
id
=
"authenticationProcessingFilterEntryPoint"
class
=
"org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"
>
<
beans:constructor-arg
value
=
"/admin/login"
/>
</
beans:bean
>
</
beans:beans
>
8.[文件]web.xml
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
web-app
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xmlns
=
"http://xmlns.jcp.org/xml/ns/javaee"
xmlns:jsp
=
"http://java.sun.com/xml/ns/javaee/jsp"
xsi:schemaLocation
=
"http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
id
=
"WebApp_ID"
version
=
"3.1"
>
<
display-name
>springmvc_food</
display-name
>
<
description
>springmvc_food</
description
>
<
context-param
>
<
param-name
>webAppRootKey</
param-name
>
<
param-value
>app.root.food</
param-value
>
</
context-param
>
<
context-param
>
<
param-name
>privateKey</
param-name
>
<
param-value
>MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEAmbcvGVNGREmiuQPehURivFsMFwanlqAr8PGzdMSQMW1bPHd8jfGUkSQMey0G7BH3rFZjQITBt1NICN2wVznBAwIDAQABAj80PQzEjohSrLOgLLBymcr0N/zj1l8d0VEdkQZrqGFYakkh5FbLBS/wveLuLBTwoeNDEh8D680psFgCq0XDVeECIQDnr5LM8vo6UjwjsjESOjwYVJDzIZwseepeJDFMvrP4EQIhAKnY4Fsy66PsuVafncJXdUakZiZN3VokbU7S+wE4kpvTAiB9rCoIC+CZlBPVFQozJe2FERITH+8T3Qm5CQ7I30TF0QIgKcg6WPUL1sWTSmX1rytIpFoo7t9UxqoTYcKxELnUBxUCIQC3mJSmwP6dXijCy10aiBm/b4pfpdveA5dj4yegZnLYPw==</
param-value
>
<
description
></
description
>
</
context-param
>
<
context-param
>
<
param-name
>publicKey</
param-name
>
<
param-value
>MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJm3LxlTRkRJorkD3oVEYrxbDBcGp5agK/Dxs3TEkDFtWzx3fI3xlJEkDHstBuwR96xWY0CEwbdTSAjdsFc5wQMCAwEAAQ==</
param-value
>
<
description
></
description
>
</
context-param
>
<
context-param
>
<
param-name
>contextConfigLocation</
param-name
>
<
param-value
>
classpath:beans.xml,
classpath:spring-security.xml
</
param-value
>
</
context-param
>
<!--spring整合索赔日内个mvc的时候是否需要写ContextLoaderListener-->
<
listener
>
<
listener-class
>org.springframework.web.context.ContextLoaderListener</
listener-class
>
</
listener
>
<
filter
>
<
filter-name
>characterEncodingFilter</
filter-name
>
<
filter-class
>org.springframework.web.filter.CharacterEncodingFilter</
filter-class
>
<
init-param
>
<
param-name
>encoding</
param-name
>
<
param-value
>UTF-8</
param-value
>
</
init-param
>
<
init-param
>
<
param-name
>ForceEncoding</
param-name
>
<
param-value
>true</
param-value
>
</
init-param
>
</
filter
>
<
filter-mapping
>
<
filter-name
>characterEncodingFilter</
filter-name
>
<
url-pattern
>/*</
url-pattern
>
</
filter-mapping
>
<!--登录验证权限-->
<
filter
>
<
filter-name
>springSecurityFilterChain</
filter-name
>
<
filter-class
>org.springframework.web.filter.DelegatingFilterProxy</
filter-class
>
</
filter
>
<
filter-mapping
>
<
filter-name
>springSecurityFilterChain</
filter-name
>
<
url-pattern
>/*</
url-pattern
>
</
filter-mapping
>
<!--配置HiddenHttpMethodFilter请可以把post请求转为delete请求或者post请求改成put-->
<
filter
>
<
filter-name
>hiddenHttpMethodfilter</
filter-name
>
<
filter-class
>org.springframework.web.filter.HiddenHttpMethodFilter</
filter-class
>
</
filter
>
<
filter-mapping
>
<
filter-name
>hiddenHttpMethodfilter</
filter-name
>
<
url-pattern
>/*</
url-pattern
>
</
filter-mapping
>
<!--sitemesh配置-->
<
filter
>
<
filter-name
>sitemesh</
filter-name
>
<
filter-class
>com.sniper.springmvc.sitemesh3.MySiteMeshFilter</
filter-class
>
</
filter
>
<
filter-mapping
>
<
filter-name
>sitemesh</
filter-name
>
<
url-pattern
>/*</
url-pattern
>
</
filter-mapping
>
<!--springmvc配置-->
<
servlet
>
<
servlet-name
>springDispatcherServlet</
servlet-name
>
<
servlet-class
>org.springframework.web.servlet.DispatcherServlet</
servlet-class
>
<
init-param
>
<
param-name
>contextConfigLocation</
param-name
>
<
param-value
>classpath:springmvc.xml</
param-value
>
</
init-param
>
<!--加载时创建-->
<
load-on-startup
>1</
load-on-startup
>
</
servlet
>
<
servlet-mapping
>
<
servlet-name
>springDispatcherServlet</
servlet-name
>
<
url-pattern
>/</
url-pattern
>
</
servlet-mapping
>
<
jsp-config
>
<
jsp-property-group
>
<
url-pattern
>*.jsp</
url-pattern
>
<
url-pattern
>*.ftl</
url-pattern
>
<
trim-directive-whitespaces
>true</
trim-directive-whitespaces
>
</
jsp-property-group
>
</
jsp-config
>
</
web-app
>
相关文章推荐
- dubbo + zookeeper + spring
- java 1.8 ArrayList容量增长方式
- JAVA第二次作业展示与学习心得
- ketlle中调用User Defined Java Class插件链接数据库并操作
- 基于Springmvc支付宝接口
- java给iphone应用实现推送
- Java基础知识点总结
- spring jms topic
- Java学习
- maven学习笔记 maven的安装和配置
- spring的功能
- Java内部DNS查询实现和参数设置
- Spring Security(11)——匿名认证
- java super 和this的用法
- java中的自增问题
- 在Spring下集成ActiveMQ
- Java Native
- windows下配置JDK环境
- java的精髓要点!
- 【java模板引擎】-beetl