spring security小结

配置web.xml

<listener>
      <listener-class>
  org.springframework.web.context.ContextLoaderListener
      </listener-class>
   </listener>
 
   <filter>  
      <filter-name>springSecurityFilterChain</filter-name>  
        <filter-class>
        org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>  
   </filter>  
 
    <filter-mapping>  
        <filter-name>springSecurityFilterChain</filter-name>  
        <url-pattern>/*</url-pattern>  
    </filter-mapping> 

配置applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?>  
<beans:beans xmlns="http://www.springframework.org/schema/security"  
    xmlns:beans="http://www.springframework.org/schema/beans"  
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
    xsi:schemaLocation="http://www.springframework.org/schema/beans   
                        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd   
                        http://www.springframework.org/schema/security   
                        http://www.springframework.org/schema/security/spring-security-3.0.xsd"> 
 
 
   <!-- 数据源 --> 
    <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> 
    <beans:property name="driverClassName" value="com.mysql.jdbc.Driver"></beans:property> 
<beans:property name="url" value="jdbc:mysql://localhost:3306/test"></beans:property> 
<beans:property name="username" value="root"></beans:property> 
<beans:property name="password" value="123456"></beans:property> 
    </beans:bean> 

   <!-- 权限设置 --> 
<http auto-config="true" access-denied-page="/accessDenied.jsp">
 <form-login login-page="/login.jsp" />
 <logout logout-success-url="/login.jsp"></logout>
  <intercept-url pattern="/login.jsp*" filters="none" />
   <intercept-url pattern="/index.jsp" access="ROLE_USER,ROLE_ADMIN" />
   <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" />
   <intercept-url pattern="/user.jsp" access="ROLE_USER" />
   <intercept-url pattern="/test.jsp" filters="none" />
</http>
   

<!--用户 --> 
<authentication-manager>  
        <authentication-provider> 
    <password-encoder hash="md5"></password-encoder>
    <jdbc-user-service data-source-ref="dataSource"/> 

      </authentication-provider>  

 </authentication-manager>  

 </beans:beans>

<!--index.jsp --> 

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%@taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
    
    <title>My JSP 'index.jsp' starting page</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">    
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
  </head>
  
  <body>
    This is my index page. <br>
        欢迎<sec:authentication property="name"></sec:authentication>登录。</br>
    <a href="j_spring_security_logout">退出系统</a>
  </body>
</html>