关闭

一起来学springSecurity安全框架(一)

279人阅读 评论(0) 收藏 举报
分类:

开头:springSecurity很强大,也很方便,可以赋予登录用户不同的角色,用来决定这些用户可以访问那些资源

好处很多...下面我们简易搭建起来springSecurity.一遍搭建 一边学

第一步:搭建maven项目 

maven坐标(只引入了springsecurity的一些必须坐标)

 
  <dependencies>
  <dependency>
		<groupId>javax.servlet</groupId>
		<artifactId>javax.servlet-api</artifactId>
		<version>3.1.0</version>
		<scope>provided</scope>
	</dependency>
	<dependency>
		<groupId>javax.servlet</groupId>
		<artifactId>jstl</artifactId>
		<version>1.2</version>
		<scope>provided</scope>
	</dependency>

	<dependency>
		<groupId>javax.servlet.jsp</groupId>
		<artifactId>jsp-api</artifactId>
		<version>2.2</version>
		<scope>provided</scope>
	</dependency>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>4.8.1</version>
      <scope>test</scope>
    </dependency>
    <dependency>
    	<groupId>org.springframework</groupId>
    	<artifactId>spring-webmvc</artifactId>
    	<version>3.0.5.RELEASE</version>
    </dependency>
    <dependency>
				<groupId>org.springframework.security</groupId>
				<artifactId>spring-security-core</artifactId>
				<version>3.0.5.RELEASE</version>
			</dependency>
    <dependency>
    	<groupId>org.springframework</groupId>
    	<artifactId>spring-orm</artifactId>
    	<version>3.0.5.RELEASE</version>
    </dependency>
    <dependency>
    	<groupId>org.springframework.security</groupId>
    	<artifactId>spring-security-config</artifactId>
    	<version>3.0.5.RELEASE</version>
    </dependency>
    <dependency>
    	<groupId>org.springframework.security</groupId>
    	<artifactId>spring-security-taglibs</artifactId>
    	<version>3.0.5.RELEASE</version>
    </dependency>
    <dependency>
    	<groupId>taglibs</groupId>
    	<artifactId>standard</artifactId>
    	<version>1.1.2</version>
    </dependency>
    <dependency>
    	<groupId>jstl</groupId>
    	<artifactId>jstl</artifactId>
    	<version>1.1.2</version>
    	<scope>compile</scope>
    </dependency>
    <dependency>
    	<groupId>log4j</groupId>
    	<artifactId>log4j</artifactId>
    	<version>1.2.15</version>
    </dependency>
  </dependencies>

第二步:springSecurity的配置文件(其中springmvc是为之后的项目准备可以忽略)

web.xml(注意:springSecurity的过滤器名称为固定写法.同struts2过滤器一样)

<?xml version="1.0" encoding="UTF-8"?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" version="3.0">
	<display-name></display-name>
	<!-- 加载spring 配置文件 -->
	<context-param>
	  <param-name>contextConfigLocation</param-name>
	  <param-value>classpath:spring.xml</param-value>
	</context-param>
	<listener>
	  <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
	<!-- springmvc -->
		<servlet>    
		  <servlet-name>securitydemo</servlet-name>    
		  <servlet-class>    
		    org.springframework.web.servlet.DispatcherServlet    
		  </servlet-class>    
		  <init-param>
		      <param-name>contextConfigLocation</param-name>
			<param-value>classpath:spring-mvc.xml</param-value>
		  </init-param>
		  <load-on-startup>1</load-on-startup>    
		</servlet> 
		<servlet-mapping>
			<servlet-name>securitydemo</servlet-name>    
			<url-pattern>/*</url-pattern>
		</servlet-mapping>
		<!-- springSecurity 过滤器 -->
		<filter>    
	 		 <filter-name>springSecurityFilterChain</filter-name>    
	 		 <filter-class>    
	   			 org.springframework.web.filter.DelegatingFilterProxy    
			  </filter-class>    
		</filter>    
		<filter-mapping>    
	 		 <filter-name>springSecurityFilterChain</filter-name>    
			  <url-pattern>/*</url-pattern>    
		</filter-mapping> 
</web-app>

spring.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"     
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:mvc="http://www.springframework.org/schema/mvc"
    xsi:schemaLocation="http://www.springframework.org/schema/beans               
           http://www.springframework.org/schema/beans/spring-beans-3.2.xsd      
           http://www.springframework.org/schema/context      
           http://www.springframework.org/schema/context/spring-context-3.2.xsd     
           http://www.springframework.org/schema/mvc      
           http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd">

    <import resource="classpath:spring-security.xml" />  
</beans>


spring-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:security="http://www.springframework.org/schema/security"
	xsi:schemaLocation="http://www.springframework.org/schema/beans 
	   		http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
			http://www.springframework.org/schema/security 
			http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <!-- 拦截规则 -->
    <security:http auto-config="true">
        <security:intercept-url pattern="/*" access="ROLE_USER"/>
    </security:http>
    <!-- 配置校验管理器 -->
   <security:authentication-manager alias="authenticationManager">
       <security:authentication-provider>
           <security:user-service>
               <security:user name="zx" password="zx" authorities="ROLE_USER"/>
           </security:user-service>
       </security:authentication-provider>
   </security:authentication-manager>
</beans>

第三步:现在启动项目.访问我们的项目根目录 你会发现.凭空出来了一个登陆页面


试着输入账号密码   



第四步:走到这一步相比大家和我一样会有很多疑惑.或者不满的地方.

1.账号密码怎么能配置到配置文件中(答:这以后可以配合数据库)

2.登陆界面可以换么(可以)

这仅仅是一个小小的demo ,接下来的几遍文章.让我们一步步的揭开springSecurity的真面容


0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:119655次
    • 积分:2129
    • 等级:
    • 排名:第17897名
    • 原创:72篇
    • 转载:133篇
    • 译文:0篇
    • 评论:42条
    联系方式
    邮箱

    zx_fendoubuzhi@126.com
    最新评论