• Spring Security 3 网站安全授权

    继续我们的Spring Roo之旅,今天看看站点安全的使用,roo中集成了Spring security,命令行下输入

    security setup,即自动建立相关的配置和依赖。然后可以使用spring security的各种基础设施了。

    不过对于一般的网站设置也很简单,具体如下: 

    1、 Spring Security XML configuration file 配置文件

    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xsi:schemaLocation="
    http://www.springframework.org/schema/beans 
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security 
    http://www.springframework.org/schema/security/spring-security-3.0.xsd
    ">
    <http auto-config="true">
    <intercept-url pattern="/*" access="ROLE_USER"/>
    </http>
    <authentication-manager alias="authenticationManager">
    <authentication-provider>
    <user-service>
    <user authorities="ROLE_USER" name="guest" password="guest"/>
    </user-service>
    </authentication-provider>
    </authentication-manager>
    </beans:beans>
    2、 Adding the Spring DelegatingFilterProxy to your web.xml file 
    <filter>
    <filter-name>springSecurityFilterChain</filter-name>
    <filterclass>
    org.springframework.web.filter.DelegatingFilterProxy
    </filter-class>
    </filter>
    <filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
    </filter-mapping>
    3、 Adding the Spring Security XML configuration file reference to web.xml
    两个形式:
    A: web.xml中有Servlet
    <servlet>
    <servlet-name>dogstore</servlet-name>
    <servletclass>
    org.springframework.web.servlet.DispatcherServlet
    </servlet-class>
    <load-on-startup>1</load-on-startup>
    </servlet>
    As the name of the servlet (<servlet-name>) is dogstore, Spring's Convention over Configuration (CoC) rules will search for an XML configuration file called dogstore-servlet.xml in WEB-INF.
    B:
      <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>
    /WEB-INF/dogstore-security.xml
    /WEB-INF/dogstore-base.xml
    </param-value>
       </context-param>
      <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
      </listener>

    详细的可以参考如下的这本书,特别是附书的代码很有参考价值 

    Spring Security 3 Secure your web applications against malicious intruders with this easy to follow practical guide 

    http://www.packtpub.com/spring-security-3/book 


    如果需要更方便的权限处理,可以参考国人开源的一个中间件 ralasfe

    http://www.ralasafe.cn/
  • 相关阅读:
    小米手机4 rom 下载链接
    java 两个线程交替打印到100
    获取积分最多的人(二)
    刷题通过的题目排名
    考试分数(二)
    牛客的课程订单分析(二)
    牛客的课程订单分析(三)
    docker使用小记
    Dynamic Graph Collaborative Filtering
    Learnable Embedding Sizes for Recommender Systems
  • 原文地址:https://www.cnblogs.com/2018/p/2230943.html
Copyright © 2020-2023  润新知