Acegi主要的功能包括认证(Authentication)和授权(Authorization)。认证顾名思义就是确定该用户是否有权限登陆系统。而授权则是根据用户的信息得到该用户在本系统中可以进行的操作。
Acegi has provided about 14 authentication rules. Form Based Authentication and DAO Authentication has been widly used in development. In the framework of acegi, you can config the rules used in the system vsi ProviderManager(org.acegisecurity.providers.ProviderManager).For example:
xml 代码
- <bean id="authenticationManager"
- class="org.acegisecurity.providers.ProviderManager">
- <property name="providers">
- <list>
- <ref local="daoAuthenticationProvider" />
- list> There are some problems in these editor system so i just paste the coder.
- property>
- bean>
- <bean id="daoAuthenticationProvider"
- class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
- <property name="userDetailsService" ref="inMemoryDaoImpl" />
- bean>
- <bean id="inMemoryDaoImpl"
- class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
- <property name="userMap">
- <value>
- wangwei=123,ROLE_SUPERVISOR
- user1user1=user1,ROLE_USER
- value>
- property>
- bean>
In xml you should define like this:
xml 代码
- <filter>
- <filter-name>AcegiFilterChain</filter-name>
- <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class>
- <init-param>
- <param-name>targetClass</param-name>
- <param-value>org.acegisecurity.util.FilterChainProxy</param-value>
- </init-param>
- </filter>
- <filter-mapping>
- <filter-name>AcegiFilterChain</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>