Acegi是一个和Spring紧密耦合的框架,它的配置也和Spring直接关联。在配置时首先要引入Acegi和Spring的Jar包,然后把常用功能和Acegi核心功能分开配置。具体配置如下: 首先要配置web.xml,具体代码如下: <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/applicationContextProperties.xml</param-value> </context-param> <context-param> <param-name>log4jConfigLocation</param-name> <param-value>/WEB-INF/log4j.properties</param-value> </context-param> <context-param> <param-name>log4jRefreshInterval</param-name> <param-value>1800000</param-value> </context-param> <!-- Filters --> <filter> <filter-name>requestLoggingFilter</filter-name> <filter-class> org.springframework.web.filter.ServletContextRequestLoggingFilter </filter-class> </filter> <filter> <filter-name>encodingFilter</filter-name> <filter-class> org.springframework.web.filter.CharacterEncodingFilter </filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter> <filter-name>Acegi HTTP Request Security Filter</filter-name> <filter-class> org.acegisecurity.util.FilterToBeanProxy </filter-class> <init-param> <param-name>targetClass</param-name> <param-value>org.acegisecurity.util.FilterChainProxy</param-value> </init-param> </filter> <!-- Filter Mappings --> <filter-mapping> <filter-name>requestLoggingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>Acegi HTTP Request Security Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- Listeners --> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> <listener> <listener-class> org.acegisecurity.ui.session.HttpSessionEventPublisher </listener-class> </listener>
其次要配置Acegi,具体配置如下:
<beans> <!-- Main Filter --> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextFilter,logoutFilter,authenticationProcessingFilter,securityContextHolderFilter,anonynousProcessingFilter,rememberMeProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor ]]> </value> </property> </bean> <bean id="httpSessionContextFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/> <!-- Logout Filter --> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <constructor-arg> <value>/login.jsp</value> </constructor-arg> <constructor-arg> <list> <ref local="securityContextLogoutHolder"/> <ref local="rememberMeServices"/> </list> </constructor-arg> </bean> <bean id="securityContextLogoutHolder" class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" /> <!-- Login Filter --> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager"> <ref local="authenticationManager"/> </property> <property name="authenticationFailureUrl"> <value>/login.jsp?error=1</value> </property> <property name="defaultTargetUrl"> <value>/login.jsp</value> </property> <property name="filterProcessesUrl"> <value>/j_acegi_security_check</value> </property> <property name="rememberMeServices"> <ref local="rememberMeServices"/> </property> </bean> <bean id="securityContextHolderFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/> <!-- Other Filter --> <bean id="anonynousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> <property name="key"> <value>login</value> </property> <property name="userAttribute"> <value>anonymousUser,ROLE_ANONYMOUS</value> </property> </bean> <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> <property name="authenticationManager"> <ref local="authenticationManager"/> </property> <property name="rememberMeServices"> <ref local="rememberMeServices"/> </property> </bean> <!-- Exception Filter --> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <property name="authenticationEntryPoint"> <ref local="authenticationEntryPoint"/> </property> <property name="accessDeniedHandler"> <ref local="accessDeniedHandler"/> </property> </bean> <bean id="authenticationEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl"> <value>/login.jsp</value> </property> <property name="forceHttps"> <value>false</value> </property> </bean> <bean id="accessDeniedHandler" class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <property name="errorPage"> <value>/denied.jsp</value> </property> </bean> <!-- Security Interceptor --> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager"> <ref local="authenticationManager"/> </property> <property name="accessDecisionManager"> <ref local="accessDecisionManager"/> </property> <property name="objectDefinitionSource"> <value> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /admin/**=ROLE_SUPERVISOR /user/**=ROLE_USER,IS_AUTHENTICATED_REMEMBERED /**=ROLE_ANONYMOUS,IS_AUTHENTICATED_ANONYMOUSLY ]]> </value> </property> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions"> <value>false</value> </property> <property name="decisionVoters"> <list> <ref local="roleVoter"/> <ref local="authenticatedVoter"/> </list> </property> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"/> <bean id="authenticatedVoter" class="org.acegisecurity.vote.AuthenticatedVoter"/> <!-- Authentication Provider --> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <ref local="daoAuthenticationProvider"/> <ref local="anonymousAuthenticationProvider"/> <ref local="rememberMeAuthenticationProvider"/> </list> </property> </bean> <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key"> <value>login</value> </property> </bean> <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key"> <value>login</value> </property> </bean> <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> <property name="userDetailsService"> <ref local="userDetailsService"/> </property> <property name="key"> <value>login</value> </property> </bean> <!-- User Provider --> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService"> <ref local="userDetailsService"/> </property> </bean> <bean id="userDetailsService" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> <property name="userProperties"> <ref local="userProperties"/> </property> </bean> <bean id="userProperties" class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <property name="location"> <value>classpath:loginUsers.properties</value> </property> </bean> <!-- Logging Listener --> <bean id="loggerListener" class="org.acegisecurity.event.authorization.LoggerListener" /></beans>