Spring Security 看了第一篇的一部分,后几个还没看:
http://www.cnblogs.com/javay/p/5822879.html
http://blog.csdn.net/zmx729618/article/details/51096593
http://www.importnew.com/20612.html
http://hotstrong.iteye.com/blog/1160153
Shiro 还没看:
http://blog.csdn.net/donggua3694857/article/details/52157313
------------------------------------------
手敲了第一篇的一些代码,记录一下:
<dependecy>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>4.1.2.RELEASE</version>
</dependecy>
<dependecy>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>4.1.2.RELEASE</version>
</dependecy>
<dependecy>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>4.1.2.RELEASE</version>
</dependecy>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<http security="none" pattern="/login.jsp"/>
<http security="none" pattern="/static/**"/>
<http use-expressions="true" auto-config="true">
<intercept url-pattern="/**" access="hasRole('ROLE_USER')"/>
<session-management>
<concurrency-control max-sessions="4" error-if-maximum-exceeded="true"/>
</session-management>
<csrf disabled="true"/>
<form-login login-page="/login.jsp" authentication-failure-handler-ref="authenticationFailureHandlerImpl"
authentication-success-handler-ref="authenticationSuccessHandlerImpl"/>
<logout logout-success-url="/logout.jsp" logout-url="logout" invalidate-session="true" delete-cookies="JSESSIONID">
</http>
<authentication-manager>
<authentication-provider user-service-ref="userService">
<password-encoder hash="bcrypt"/>
</authentication-provider>
</authentication-manager>
<beans:bean id="userService" class="com.**.user.service.impl.UserServiceImpl"/>
<beans:bean id="authenticationSuccessHandlerImpl" class="com.**.utils.springsecurity.AuthenticationSuccessHandlerImpl">
<beans:property name="url" value="/welcome.jsp"/>
</beans:bean>
<beans:bean id="authenticationFailureHandlerImpl" class="com.**.utils.springsecutity.AuthenticationFailureHandlerImpl">
<beans:property name="errorUrl" value="/error.jsp"/>
</beans:bean>
</beans:beans>