文章详情

  • 游戏榜单
  • 软件榜单
关闭导航
热搜榜
热门下载
热门标签
php爱好者> php文档>springSecurity3的配置文件

springSecurity3的配置文件

时间:2010-09-10  来源:记录

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <global-method-security pre-post-annotations="enabled">

    </global-method-security>

    <!-- entry-point-ref 为用户第一次访问受保护的url时的处理程序.  -->
    <http use-expressions="true"    entry-point-ref="authenticationEntryPoint">

        <!-- 这里是拒绝用户访问的处理程序 -->
        <access-denied-handler ref="accessDeniedHandler" />
        <!-- 配置一些不需要认证过滤的地址 -->
        <intercept-url pattern="/roots/login.jsp" filters="none" />
        <intercept-url pattern="/css/**" filters="none" />
        <intercept-url pattern="/common/**" filters="none" />
        <intercept-url pattern="/images/**" filters="none" />
        <intercept-url pattern="/scripts/**" filters="none" />
        <intercept-url pattern="/DatePicker/**" filters="none" />
        <intercept-url pattern="/fckeditor/**" filters="none" />
        <!-- cooki认证的配置,具体 看rememberMeServices的配置. -->
        <remember-me services-ref="rememberMeServices" />

        <!--
            增加一个filter,这点与Acegi是不一样的,不能修改默认的filter了,这个filter位于FILTER_SECURITY_INTERCEPTOR之前
        -->
        <custom-filter position="LOGOUT_FILTER" ref="logoutFilter"></custom-filter>
        <custom-filter before="FILTER_SECURITY_INTERCEPTOR" ref="myFilter" />
        <custom-filter position="FORM_LOGIN_FILTER" ref="myAuthFilter" />
        <!-- 限制用户的最大登陆数,防止一个账号被多人使用 -->
        <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
        <session-management
            session-authentication-strategy-ref="sas" />
    </http>

    <!-- 认证管理器,实现用户认证的入口,主要实现UserDetailsService接口即可 如下,可以配置多个Provider-->
    <authentication-manager alias="authenticationManager">

        <authentication-provider ref="daoAuthenticationProvider">
            <password-encoder hash="plaintext"></password-encoder>
        </authentication-provider>
        <authentication-provider ref="rememberMeAuthenticationProvider">
            <password-encoder hash="plaintext"></password-encoder>
        </authentication-provider>
    </authentication-manager>

    <beans:bean id="daoAuthenticationProvider"
        class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
        <beans:property name="userDetailsService" ref="myUserDetailService" />
    </beans:bean>

    <!--
        一个自定义的filter,必须包含authenticationManager,accessDecisionManager,securityMetadataSource三个属性,
        我们的所有控制将在这三个类中实现,解释详见具体配置
    -->
    <beans:bean id="myFilter" class="com.security.MyFilterSecurityInterceptor">
        <beans:property name="authenticationManager" ref="authenticationManager" />
        <beans:property name="accessDecisionManager" ref="myAccessDecisionManagerBean" />
        <beans:property name="securityMetadataSource" ref="securityMetadataSource" />
    </beans:bean>

    <!--
        下面的3个类,已做自动扫描 <beans:bean id="myUserDetailService"
        class="com.security.MyUserDetailService" />

        访问决策器,决定某个用户具有的角色,是否有足够的权限去访问某个资源 <beans:bean
        id="myAccessDecisionManagerBean"
        class="com.security.MyAccessDecisionManager"> </beans:bean>

        资源源数据定义,即定义某一资源可以被哪些角色访问 <beans:bean id="securityMetadataSource"
        class="com.security.MyInvocationSecurityMetadataSource" >

        </beans:bean>
    -->

    <beans:bean id="logoutFilter"
        class="org.springframework.security.web.authentication.logout.LogoutFilter">
        <beans:constructor-arg value="/roots/login.jsp" />
        <beans:constructor-arg>
            <beans:list>
                <beans:ref local="rememberMeServices" />
                <beans:bean
                    class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"></beans:bean>
            </beans:list>
        </beans:constructor-arg>
        <beans:property name="filterProcessesUrl" value="/ss_Loginout"></beans:property>
    </beans:bean>

    <beans:bean id="concurrencyFilter"
        class="org.springframework.security.web.session.ConcurrentSessionFilter">
        <beans:property name="sessionRegistry" ref="sessionRegistry" />
        <beans:property name="expiredUrl" value="/error/expired.jsp" />
    </beans:bean>
    <beans:bean id="sas"
        class="org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy">
        <beans:constructor-arg name="sessionRegistry"
            ref="sessionRegistry" />
        <beans:property name="maximumSessions" value="1" />
    </beans:bean>

    <beans:bean id="myAuthFilter"
        class="com.security.fliter.MyUsernamePasswordAuthenticationFilter">
        <beans:property name="sessionAuthenticationStrategy"
            ref="sas" />
        <beans:property name="authenticationManager" ref="authenticationManager" />
        <beans:property name="rememberMeServices" ref="rememberMeServices"></beans:property>
        <beans:property name="authenticationFailureHandler"
            ref="failureHandler" />
        <beans:property name="authenticationSuccessHandler"
            ref="successHandler" />
        <beans:property name="filterProcessesUrl" value="/ss_Login"></beans:property>

    </beans:bean>
    <beans:bean id="successHandler"
        class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
        <beans:property name="defaultTargetUrl" value="/roots/index.jsp" />
    </beans:bean>
    <beans:bean id="failureHandler"
        class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
        <beans:property name="defaultFailureUrl" value="/roots/login.jsp?error=true" />
    </beans:bean>

    <beans:bean id="sessionRegistry"
        class="org.springframework.security.core.session.SessionRegistryImpl" />

 

文章出处:飞诺网(www.firnow.com):http://dev.firnow.com/course/3_program/java/javajs/20100719/461036.html

相关阅读 更多 +
排行榜 更多 +
辰域智控app

辰域智控app

系统工具 下载
网医联盟app

网医联盟app

运动健身 下载
汇丰汇选App

汇丰汇选App

金融理财 下载