[SSM整合Spring-Security]Spring-Security 入门Demo案例xml配置

  • 时间:
  • 浏览:
  • 来源:互联网

web.xml

<?xml version="1.0" encoding="UTF-8"?>
  <web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
     http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
     version="3.1">
<welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.htm</welcome-file>
    <welcome-file>index.jsp</welcome-file>
    <welcome-file>default.html</welcome-file>
    <welcome-file>default.htm</welcome-file>
    <welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
    <servlet-name>springmvc</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <!-- 指定加载的配置文件 ,通过参数contextConfigLocation加载 -->
    <init-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>classpath:spring-security.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>

</servlet>
<!--<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>-->
<servlet-mapping>
    <servlet-name>springmvc</servlet-name>
    <url-pattern>*.do</url-pattern>
</servlet-mapping>
<!--配置代理过滤器-->
<filter>
    <!--DelegatingFilterProxy用于整合第三方框架整合Spring Security时过滤器的名称必须为springSecurityFilterChain,
    否则会抛出NoSuchBeanDefinitionException异常-->
    <filter-name>springSecurityFilterChain</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
    <filter-name>springSecurityFilterChain</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

</web-app>

spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:security="http://www.springframework.org/schema/security"
   xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans.xsd
   http://www.springframework.org/schema/security
   http://www.springframework.org/schema/security/spring-security.xsd
   http://www.springframework.org/schema/beans/spring-beans.xsd">
<!--    1.配置需要权限才能访问的资源
        auto-config属性: true
        use-expressions属性:  false 不使用表达式
-->
 <security:http auto-config="true" use-expressions="false">
    <!--配置拦截的路径 pattern属性: 拦截的路径规则; access属性:需要什么角色才能访问-->
    <security:intercept-url pattern="/**" access="ROLE_ADMIN"></security:intercept-url>
 </security:http>
<!--2.配置认证管理器-->
<security:authentication-manager>
    <security:authentication-provider>
        <security:user-service>
            <!--配置账号密码,以及该账号的角色信息     name属性: 用户名; password属性:密码({noop}不加密方式);  authorities属性:赋予的角色     -->
            <security:user name="admin" authorities="ROLE_ADMIN" password="{noop}admin"></security:user>
        </security:user-service>
    </security:authentication-provider>
</security:authentication-manager>

本文链接http://element-ui.cn/news/show-341884.aspx