第一个Acegi程式
2008年05月09日 星期五 11:56
--------------------------------------------------------------------------------------------------------------------
第一个Acegi程式
http://www.acegisecurity.org/downloads.html
下载
--------------------------------------------------------------------------------------------------------------------
两个配置文件
四个JSP
--------------------------------------------------------------------------------------------------------------------
web.xml
--------------------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Acegi 范例</display-name>
<!-- 指定Acegi资讯的设定档-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/acegi-config.xml</param-value>
</context-param>
<!-- Acegi 的 Filter Chain 代理 -->
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>
org.acegisecurity.util.FilterToBeanProxy
</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>
org.acegisecurity.util.FilterChainProxy
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 取得Spring的Context -->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
</web-app>
--------------------------------------------------------------------------------------------------------------------
acegi-config.xml
--------------------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- 验证处理,使用表单 -->
<bean
>
<!-- 验证管理员,处理验证资讯提供者 -->
<property
ref="authenticationManager" />
<!-- 验证失败URL -->
<property
value="/acegilogin.jsp" />
<!-- 验证成功预设URL -->
<property
value="/protected/loginsuccess.jsp" />
<!-- 验证处理的提交位址 -->
<property
value="/j_acegi_security_check" />
</bean>
<!-- 验证管理员,管理验证资讯提供者 -->
<bean
>
<property ><!-- 可有多个提供者,其中一个验证通过即可以了 -->
<list>
<ref local="daoAuthenticationProvider" />
</list>
</property>
</bean>
<!-- 验证提供者,指定使用记忆体来源中的验证资讯 -->
<bean
>
<property ref="inMemoryDaoImpl" />
</bean>
<bean
>
<property >
<value>
caterpillar=123456,ROLE_SUPERVISOR
user1=user1pwd,ROLE_USER
user2=user2pwd,disabled,ROLE_USER
</value>
</property>
</bean>
<!-- 发生验证错误或权限错误时的处理 -->
<bean
>
<property >
<bean
>
<property value="/acegilogin.jsp" />
<property value="false" />
</bean>
</property>
<property >
<bean
>
<!-- <property value="/protected/accessDenied.jsp"/> -->
<!-- HTTP Status 403 - Access is denied -->
</bean>
</property>
</bean>
<!-- FilterSecurityInterceptor 对 URI 进行保护 -->
<bean
>
<!-- 验证管理员 -->
<property
ref="authenticationManager" />
<!-- 授权管理员 -->
<property
ref="accessDecisionManager" />
<property >
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT /protected/**=ROLE_SUPERVISOR
<!-- /protected/**=ROLE_SUPERVISOR,ROLE_USER -->
</value>
</property>
</bean>
<!-- 授权管理员 -->
<bean
>
<!-- 是否全部弃权时视为通过 -->
<property value="false" />
<property >
<list>
<bean />
</list>
</property>
</bean>
<bean
/>
<!-- Filter Chain -->
<bean
>
<property >
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
</value>
</property>
</bean>
</beans>
--------------------------------------------------------------------------------------------------------------------
protected\accessDenied.jsp
--------------------------------------------------------------------------------------------------------------------
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>授权失败</title>
</head>
<body>
<h1>授权失败</h1>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
protected\loginsuccess.jsp
--------------------------------------------------------------------------------------------------------------------
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>登入成功</title>
</head>
<body>
<h1>欢迎 <%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>
</h1>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
acegilogin.jsp
--------------------------------------------------------------------------------------------------------------------
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<html>
<head>
<title>Acegi 范例网页 - 登入</title>
</head>
<body>
<h2>登入范例应用程式!</h2>
<br />
<form action="j_acegi_security_check" method="POST">
<table>
<tr>
<td>名称:</td>
<td><input type='text' value=''></td>
</tr>
<tr>
<td>密码:</td>
<td><input type='password' ></td>
</tr>
<tr>
<td><input type="reset"></td>
<td><input type="submit"></td>
</tr>
</table>
</form>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
index.jsp
--------------------------------------------------------------------------------------------------------------------
<%@ page language="java" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=acegilogin.jsp">
</head>
<body>
<p>载入中...</p>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
第一个Acegi程式
http://www.acegisecurity.org/downloads.html
下载
--------------------------------------------------------------------------------------------------------------------
两个配置文件
四个JSP
--------------------------------------------------------------------------------------------------------------------
web.xml
--------------------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Acegi 范例</display-name>
<!-- 指定Acegi资讯的设定档-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/acegi-config.xml</param-value>
</context-param>
<!-- Acegi 的 Filter Chain 代理 -->
<filter>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<filter-class>
org.acegisecurity.util.FilterToBeanProxy
</filter-class>
<init-param>
<param-name>targetClass</param-name>
<param-value>
org.acegisecurity.util.FilterChainProxy
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Acegi Filter Chain Proxy</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 取得Spring的Context -->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
</web-app>
--------------------------------------------------------------------------------------------------------------------
acegi-config.xml
--------------------------------------------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!-- 验证处理,使用表单 -->
<bean
>
<!-- 验证管理员,处理验证资讯提供者 -->
<property
ref="authenticationManager" />
<!-- 验证失败URL -->
<property
value="/acegilogin.jsp" />
<!-- 验证成功预设URL -->
<property
value="/protected/loginsuccess.jsp" />
<!-- 验证处理的提交位址 -->
<property
value="/j_acegi_security_check" />
</bean>
<!-- 验证管理员,管理验证资讯提供者 -->
<bean
>
<property ><!-- 可有多个提供者,其中一个验证通过即可以了 -->
<list>
<ref local="daoAuthenticationProvider" />
</list>
</property>
</bean>
<!-- 验证提供者,指定使用记忆体来源中的验证资讯 -->
<bean
>
<property ref="inMemoryDaoImpl" />
</bean>
<bean
>
<property >
<value>
caterpillar=123456,ROLE_SUPERVISOR
user1=user1pwd,ROLE_USER
user2=user2pwd,disabled,ROLE_USER
</value>
</property>
</bean>
<!-- 发生验证错误或权限错误时的处理 -->
<bean
>
<property >
<bean
>
<property value="/acegilogin.jsp" />
<property value="false" />
</bean>
</property>
<property >
<bean
>
<!-- <property value="/protected/accessDenied.jsp"/> -->
<!-- HTTP Status 403 - Access is denied -->
</bean>
</property>
</bean>
<!-- FilterSecurityInterceptor 对 URI 进行保护 -->
<bean
>
<!-- 验证管理员 -->
<property
ref="authenticationManager" />
<!-- 授权管理员 -->
<property
ref="accessDecisionManager" />
<property >
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT /protected/**=ROLE_SUPERVISOR
<!-- /protected/**=ROLE_SUPERVISOR,ROLE_USER -->
</value>
</property>
</bean>
<!-- 授权管理员 -->
<bean
>
<!-- 是否全部弃权时视为通过 -->
<property value="false" />
<property >
<list>
<bean />
</list>
</property>
</bean>
<bean
/>
<!-- Filter Chain -->
<bean
>
<property >
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
</value>
</property>
</bean>
</beans>
--------------------------------------------------------------------------------------------------------------------
protected\accessDenied.jsp
--------------------------------------------------------------------------------------------------------------------
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>授权失败</title>
</head>
<body>
<h1>授权失败</h1>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
protected\loginsuccess.jsp
--------------------------------------------------------------------------------------------------------------------
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<%@ page import="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>登入成功</title>
</head>
<body>
<h1>欢迎 <%= session.getAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY) %>
</h1>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
acegilogin.jsp
--------------------------------------------------------------------------------------------------------------------
<%@page contentType="text/html"%>
<%@page pageEncoding="UTF-8"%>
<html>
<head>
<title>Acegi 范例网页 - 登入</title>
</head>
<body>
<h2>登入范例应用程式!</h2>
<br />
<form action="j_acegi_security_check" method="POST">
<table>
<tr>
<td>名称:</td>
<td><input type='text' value=''></td>
</tr>
<tr>
<td>密码:</td>
<td><input type='password' ></td>
</tr>
<tr>
<td><input type="reset"></td>
<td><input type="submit"></td>
</tr>
</table>
</form>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
index.jsp
--------------------------------------------------------------------------------------------------------------------
<%@ page language="java" pageEncoding="UTF-8"%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<META HTTP-EQUIV="Refresh" CONTENT="0;URL=acegilogin.jsp">
</head>
<body>
<p>载入中...</p>
</body>
</html>
--------------------------------------------------------------------------------------------------------------------
本篇日志被作者设置为禁止发表新评论
©2008 Baidu
引文来源 第一个Acegi程式_熊熊之家
扫一扫
3274
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
