• 在原有的springMVC基础上集成spring security


    spring mvc的spring security配置步骤

    1.引入相关的jar包 pom.xml

    <!-- Spring Security -->
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
            <version>5.4.2</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
            <version>5.4.2</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
            <version>5.4.2</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-taglibs</artifactId>
            <version>5.4.2</version>
        </dependency>

    2.在web.xml配置 spring security的过滤器链

      <!-- Spring security filter start -->
      <!-- Spring Security过滤器链,注意过滤器名称必须是springSecurityFilterChain -->
      <filter>
          <filter-name>springSecurityFilterChain</filter-name>
          <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
      </filter>
      <filter-mapping>
          <filter-name>springSecurityFilterChain</filter-name>
          <url-pattern>/*</url-pattern>
      </filter-mapping>
      
    
      <!-- Spring security filter end -->

    3.在applicationContext.xml里面进行相关的配置

        <!-- 10. Spring security认证权限配置-->
        <!-- ======== Spring security start ======== -->
        <import resource="classpath:applicationContext-security.xml"/>
        
        <!-- ====== Spring security end ======== -->

    4.新建的文件为 applicationContext-security.xml

    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns="http://www.springframework.org/schema/beans"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xmlns:aop="http://www.springframework.org/schema/aop"
           xmlns:context="http://www.springframework.org/schema/context"
           xmlns:jdbc="http://www.springframework.org/schema/jdbc"
           xmlns:jms="http://www.springframework.org/schema/jms"
           xmlns:mvc="http://www.springframework.org/schema/mvc"
           xmlns:mybatis-spring="http://mybatis.org/schema/mybatis-spring"
           xmlns:p="http://www.springframework.org/schema/p"
           xmlns:tx="http://www.springframework.org/schema/tx"
           xmlns:util="http://www.springframework.org/schema/util"
           xmlns:security="http://www.springframework.org/schema/security"
           xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
            http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
            http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd
            http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc.xsd
            http://www.springframework.org/schema/jms https://www.springframework.org/schema/jms/spring-jms.xsd
            http://www.springframework.org/schema/mvc https://www.springframework.org/schema/mvc/spring-mvc.xsd
            http://mybatis.org/schema/mybatis-spring http://mybatis.org/schema/mybatis-spring.xsd
            http://www.springframework.org/schema/tx https://www.springframework.org/schema/tx/spring-tx.xsd
            http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
            http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
    
        <!-- 10. Spring security认证权限配置-->
        <!-- ================ Spring security start ================ -->
    
        <!-- 1).配置springSecurity -->
        <!-- 
        auto-config="true" 表示自动加载springsecurity的配置文件
        use-expressions="true" 表示使用spring的el表达式来配置springsecurity
        
         -->
        <security:http auto-config="true" use-expressions="true">
            <!-- 2).拦截资源 -->
            <!-- 
            pattern="/**" 表示拦截所有资源
            access="hasAnyRole('ROLE_USER')" 表示只有ROLE_USER角色才能访问资源
             -->
            <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER')" /> 
        </security:http>
        
        <!-- 3).模拟用户(测试,不用连接数据库),设置spring security认证用户信息的来源 -->
        <!-- 
        springsecurity默认的认证必须加密,加上{noop}表示不加密认证
         -->
        <security:authentication-manager>
            <security:authentication-provider>
                <security:user-service>
                    <security:user name="user" password="{noop}user" authorities="ROLE_USER"/>
                    <security:user name="admin" password="{noop}admin" authorities="ROLE_ADMIN"/>
                </security:user-service>      
            </security:authentication-provider>
        </security:authentication-manager>
        
        
        
    
        <!-- ================ Spring security end ================ -->
    
    
    
    </beans>
  • 相关阅读:
    基元线程同步构造之用户模式易变构造volatile
    C# 基元线程同步构造
    idea 的Low Memory问题
    python工具——xmind
    VSCODE 远程开发树莓派
    firefox临时文件位置及修改方法
    Veeam Backup & Replication 9.5 备份方式详解
    Windows下登录凭证密码获取工具
    VMProtect虚拟机保护分析入门
    Applescrip
  • 原文地址:https://www.cnblogs.com/fps2tao/p/14475276.html
Copyright © 2020-2023  润新知