flex与spring security集成

最新推荐文章于 2022-05-23 19:12:09 发布

superxielei

最新推荐文章于 2022-05-23 19:12:09 发布

阅读量114

点赞数

分类专栏： Flex 文章标签： Security Flex Spring XML Tomcat

Flex 专栏收录该内容

7 篇文章 0 订阅

订阅专栏

service-config.xml

<security>
    	<security-constraint id="basic-read-access" >
            <auth-method>Custom</auth-method>
            <roles>
                <role>ROLE_USER</role>
                <role>ROLE_ADMIN</role>
            </roles>
        </security-constraint>
        <login-command class="flex.messaging.security.TomcatLoginCommand" server="Tomcat"/>
    </security>

flex-servlet.xml

<flex:message-broker >
		<flex:remoting-service default-channels="my-amf" />
		<flex:secured per-client-authentication="true" >
			<flex:secured-channel access="ROLE_USER" channel="my-amf"/>
		</flex:secured>
	</flex:message-broker>

srping-security.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
                        
	<http entry-point-ref="entryPoint">
        <anonymous enabled="false"/>
    </http>
    
    <beans:bean id="entryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint"/>
    
    <authentication-manager alias="authenticationManager">
    	<authentication-provider>
           <user-service>
            <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />  
    		<user name="user" password="user" authorities="ROLE_USER" />  
           </user-service>
       </authentication-provider>
    </authentication-manager>

</beans:beans>

flex登录

var myChannelSet:ChannelSet = ServerConfig.getChannelSet(messageServiceRO.destination);
				var token:AsyncToken = myChannelSet.login(userName,password);
				token.addResponder(
					new AsyncResponder(
						function(event:ResultEvent, token:Object = null):void {
							if (event.result.authorities.indexOf("ROLE_ADMIN") >= 0) {
								Alert.show("Admin登录成功！");
							} else {
								Alert.show("User登录成功！");
							}
							PopUpManager.removePopUp(_this);
						},
						function(event:FaultEvent, token:Object = null):void {
							Alert.show("Login Failed: "+event.fault.faultString);
						}
					)
				);