spring blazeds 安全配置

web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
	version="2.4">

	<display-name>amusement server</display-name>

	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
			/WEB-INF/spring/*-config.xml,classpath:spring-*.xml
		</param-value>
	</context-param>

	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>

	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
	<listener>
		<listener-class>flex.messaging.HttpFlexSession</listener-class>
	</listener>

	<servlet>
		<servlet-name>flex</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<load-on-startup>1</load-on-startup>
	</servlet>


	<servlet-mapping>
		<servlet-name>flex</servlet-name>
		<url-pattern>/messagebroker/*</url-pattern>
	</servlet-mapping>
</web-app>

spring flex 配置文件结构:

flex message broker配置:

<?xml version="1.0" encoding="UTF-8"?>
	<!-- app global setting -->
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
	xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
	xmlns:flex="http://www.springframework.org/schema/flex"
	xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
           http://www.springframework.org/schema/context
           http://www.springframework.org/schema/context/spring-context-2.5.xsd
           http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.5.xsd
           http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd 
           http://www.springframework.org/schema/flex http://www.springframework.org/schema/flex/spring-flex-1.0.xsd"
	default-dependency-check="none">

	<!-- flex message broker -->
	<flex:message-broker id="messageBroker" services-config-path="/WEB-INF/flex/services-config.xml">
		<flex:message-service
			default-channels="my-streaming-amf,my-longpolling-amf,my-polling-amf" />
		<flex:secured>
			<flex:secured-endpoint-path pattern="**/messagebroker/**" access="ROLE_USER" />
		</flex:secured>
	</flex:message-broker>
	
	<bean id="test" class="com.the4thcity.Test"></bean>

</beans>

flex-servlet.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:flex="http://www.springframework.org/schema/flex" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="
		http://www.springframework.org/schema/beans
		http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
		http://www.springframework.org/schema/flex
		http://www.springframework.org/schema/flex/spring-flex-1.0.xsd">
		<flex:remoting-destination ref="test" message-broker="messageBroker"/>
</beans>

security-config.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
	xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
	<http>
	    <anonymous enabled="false"/>
		<form-login default-target-url="/secured/secured.html" login-page="/login.jsp" />
	</http>

	<authentication-manager>
	   <authentication-provider>
	       <user-service>
	        <user name="john" password="john" authorities="ROLE_USER" />
            <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
            <user name="guest" password="guest" authorities="ROLE_GUEST" />
	       </user-service>
	   </authentication-provider>
	</authentication-manager>

</beans:beans>

测试：

<?xml version="1.0" encoding="utf-8"?>
<s:Application xmlns:fx="http://ns.adobe.com/mxml/2009" 
			   xmlns:s="library://ns.adobe.com/flex/spark" 
			   xmlns:mx="library://ns.adobe.com/flex/mx" minWidth="955" minHeight="600" creationComplete="application1_creationCompleteHandler(event)">
	<fx:Declarations>
		<!-- Place non-visual elements (e.g., services, value objects) here -->
	</fx:Declarations>
	<fx:Script>
		<![CDATA[
			import mx.events.FlexEvent;
			import mx.messaging.ChannelSet;
			import mx.messaging.channels.AMFChannel;
			import mx.rpc.AsyncToken;
			import mx.rpc.events.FaultEvent;
			import mx.rpc.remoting.RemoteObject;
			
			
			private var ro :RemoteObject;
			
			private var channelSet :ChannelSet = new ChannelSet();
			
			protected function application1_creationCompleteHandler(event:FlexEvent):void
			{
				ro　= new RemoteObject();
				var amfChannel :AMFChannel = new AMFChannel();
				amfChannel.uri = "http://127.0.0.1:8080/ManagementSys/messagebroker/amf";
				channelSet.addChannel(amfChannel);
				ro.channelSet =channelSet;
				ro.destination = "test";
				ro.addEventListener(FaultEvent.FAULT,function(e:FaultEvent):void{
					trace(e.message,"\n",e.fault.faultCode);
				});
				//asyncToken.addResponder(
			}
			
			protected function button1_clickHandler(event:MouseEvent):void
			{
				var  asyncToken  :AsyncToken=  ro.channelSet.login("john","john");
				ro.test();
				
			}
			
		]]>
	</fx:Script>
	
	<s:Button label="test" click="button1_clickHandler(event)"/>
</s:Application>