Spring security 安全框架配置文件和依赖

配置文件
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">

<!--不拦截静态资源-->
<security:http pattern="/css/**" security="none"></security:http>
<security:http pattern="/js/**" security="none"></security:http>
<security:http pattern="/img/**" security="none"></security:http>
<security:http pattern="/plugins/**" security="none"></security:http>
<!--不拦截登录 不拦截error -->
<security:http pattern="/pages/login.jsp" security="none"></security:http>
<security:http pattern="/error.jsp" security="none"></security:http>
<security:http pattern="/favicon.ico" security="none"></security:http>
<!--2拦截规则
auto-config="使用自带页面"
use-expressions 是否使用spel 表达式
-->
<security:http auto-config="true" use-expressions="false">
<security:intercept-url pattern="/**" access="ROLE_USER"></security:intercept-url>
<!--使用安全框架 使用的页面
login-page 指的是登录页面
login-processing-url 登录请求路径 -登录必须使用该路径
default-target-url 登录成功后 进入的页面
authentication-failure-url 登录失败后 进入的页面
-->
<security:form-login
login-page="/pages/login.jsp"
login-processing-url="/login"
default-target-url="/index.jsp"
authentication-failure-url="/pages/login.jsp"
/>

<!--关闭跨域请求-->
<security:csrf disabled="true"/>
<!--退出-->
<security:logout invalidate-session="true" logout-url="/logout" logout-success-url="/pages/login.jsp"/>


</security:http>
<!-- 配置认证登录信息 认证管理器自带账户密码-->
<security:authentication-manager>

<security:authentication-provider user-service-ref="sysUserService">
<security:password-encoder ref="passwordEncoder"></security:password-encoder>
<!-- <security:authentication-provider>-->
<!-- <security:user-service>-->
<!-- &lt;!&ndash;临时账户密码-->
<!-- authorities:指定用户的认证角色-->
<!-- {noop}不加密&ndash;&gt;-->
<!-- <security:user name="admin" password="{noop}admin" authorities="ROLE_USER"></security:user>-->
<!-- </security:user-service>-->
<!-- </security:authentication-provider>-->
</security:authentication-provider>
</security:authentication-manager>
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
</beans>
依赖
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring.security.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring.security.version}</version>
</dependency>
 

转载于:https://www.cnblogs.com/geng-geng1997/p/11358681.html

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值