此文章只为记录一下自己spring-security的配置,同时让与我一样的新手参考一下。
Eclipse版本--------------Luna Service Release 1(4.4.1)
spring-security版本-----3.2.3.RELEASE.jar
系统OS-------------------window 7 旗舰版
JDK版本------------------jdk1.7.0_67
tomcat版本------------tomcat-7.0.56
springMVC+spring-security文件结构与必须的jar
注:图片的中的包都是必须的,缺少会报各种各样的错误
做项目的时候需要用到spring-security的东西,于是花费了几天去进行配置,参考了很多网上的资料但是感觉配置的很乱,不熟悉每个配置项到底作用是什么。后来突然意识到,所谓的spring-security应该类似与一个拦截器,在web.xml中监听访问的url,选择你想要监听的url然后进行拦截,然后再在spring-security.xml中具体配置拦截器的内容(根据我自己的理解,如果有问题请不吝赐教)。
下面是我的具体的配置:
1、web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
id="WebApp_ID" version="3.0">
<display-name>SpringMVC</display-name>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<!-- Spring -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/applicationContext.xml,WEB-INF/spring-security.xml</param-value>
</context-param>
<!-- Spring MVC -->
<servlet>
<servlet-name>SpringMVC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<!-- 可以自定义servlet.xml配置文件的位置和名称,默认WEB-INF目录下,名称为[<servlet-name>]-servlet.xml -->
<!--
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/springMVC-servlet.xml</param-value>
</init-param>
-->
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>SpringMVC</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
2、SpringMVC-servlet.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/mvc"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- Spring MVC -->
<context:annotation-config />
<!-- Enables the Spring MVC @Controller programming model -->
<annotation-driven />
<context:component-scan base-package="net.csdn.blog.hybris" />
<!-- Handle HTTP GET requests for /resources/** by efficiently serving up
static resources in the ${WebContent}/resources directory -->
<resources location="/resources/**" mapping="/resources/" />
<!-- 完成请求和注解POJO的映射 -->
<beans:bean
class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter" />
<!-- Resolves views selected for rendering by @Controllers to .jsp resources
in the /WEB-INF/views directory -->
<beans:bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<beans:property name="prefix" value="/WEB-INF/views/" />
<beans:property name="suffix" value=".jsp" />
</beans:bean>
</beans:beans>
3、spring-security.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<http auto-config="true">
<intercept-url pattern="/admin" access="ROLE_USER" />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="yjmyzz" password="123456" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
4、applicationContext.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
</beans>
5、异常信息
No bean named 'springSecurityFilterChain' is defined
解决方案:
①有没有包冲突
②确保在spring-security.xml里面有<http></http>声明默认初始化
③确保能找到spring-security.xml的各种配置文件
④在web.xml中不要把‘springSecurityFilterChain’写成‘SpringSecurityFilterChain’,原因不明。(我就因为这一步而出了错误,纠结了很久)
参考:http://hi.baidu.com/angelstroll/item/4b05611e711e2dff65eabfa5
Configuration problem:Unable to locate Spring NamespaceHandler for XML schema namespace[http://www.springframework.org/schema/security]
解决方案:
①有没有导入spring-security-config-3.2.3.RELEASE.jar
②上面jar中,META-INF->spring.schemas中版本和你使用的jar是否对应
网上查找资料的时候,无意间发现了一个常见项目配置问题,分享一下
http://wiki.bsdn.org/pages/viewpage.action?pageId=13205507
如果对于spring-security的配置还有什么问题可以去spring-security文档中查找一下
http://docs.spring.io/spring-security/site/docs/3.2.0.RELEASE/reference/htmlsingle/#ns-config