上一篇:【认证、授权攻略三(4)、spring security数据库认证JdbcDaoImpl(密码加密)】
spring-security.xml配置文件说明:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!-- 指定安全性为none,不走权限控制的过滤器链 -->
<security:http security="none" pattern="/login.jsp"/>
<security:http security="none" pattern="/error.jsp"/>
<security:http security="none" pattern="/error1.jsp"/>
<security:http security="none" pattern="/accessDeny.jsp"/>
<!-- http定义web相关权限控制的 -->
<security:http auto-config="true" use-expressions="true">
<!-- 定义权限控制的规则 -->
<!-- <security:intercept-url pattern="/**" access="hasRole('