acegi 安全框架基于数据库存储method的控制

  最近完成了一个框架基于acegi安全部分，现将相关method的控制部分代码贴出来

 

1、基于方法的拦截器
 <beans:bean id="methodSecurityInterceptor"
  class="org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor">
  <beans:property name="authenticationManager" ref="authenticationManager" />
  <beans:property name="accessDecisionManager" ref="accessDecisionManager" />
  <beans:property name="objectDefinitionSource" ref="methodObjectDefinitionSource" />
 </beans:bean>

2、认证管理

<bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
  <property name="allowIfAllAbstainDecisions" value="false" />
  <property name="decisionVoters">
   <list>
    <bean class="org.springframework.security.vote.RoleVoter" />
    <bean class="org.springframework.security.vote.AuthenticatedVoter" />
   </list>
  </property>
 </bean>

3、授权管理

 <bean id="authenticationManager"    class="org.springframework.security.providers.ProviderManager">
  <property name="providers">
   <list>
    <bean
     class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
     <property name="key" value="springsecurity" />
    </bean>
    <bean
     class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
     <property name="key" value="springsecurity" />
    </bean>
   </list>
  </property>
 </bean>

4、定义methodObjectDefinitionSource

<bean id="methodObjectDefinitionSource"
  class="com.security.intercept.method.DataBaseMethodInvocationDefinitionSource">
  <property name="securityCacheManager" ref="securityCacheManager" />
 </bean>

5、性能优化采用ehcache

 <bean id="securityCacheManager"
  class="com.security.cache.SecurityCacheManagerImpl">
  <property name="resourcCache" ref="resourceCache" />
 </bean>
6、ehcache的相关定义

<bean id="resourceCache"
  class="com.security.resource.EhCacheResourceCache">
  <property name="cache">
   <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
    <property name="cacheManager" ref="cacheManager" />
    <property name="cacheName" value="defaultCache" />
    <property name="eternal" value="true" />
   </bean>
  </property>
 </bean>

7、对于特定方法的拦截

 <bean id="autoProxyCreator" class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
     <property name="interceptorNames">
        <list>
        <value>methodSecurityInterceptor</value>
        </list>
     </property>
     <property name="beanNames">
        <list>
           <value>userManager</value>
       </list>
    </property>
  </bean>

 

8、实现代码略