开发工具是STS(Spring Tool Suite),以后不说就都是这个了。
在pom.xml里添加资源
<properties>
<java-version>1.7</java-version>
<org.springframework-version>4.0.0.RELEASE</org.springframework-version>
<org.springsecurity-version>3.2.0.RELEASE</org.springsecurity-version>
<org.aspectj-version>1.6.10</org.aspectj-version>
<org.slf4j-version>1.6.6</org.slf4j-version>
</properties>
<dependencies>
<!-- Spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<!-- Spring Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${org.springsecurity-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${org.springsecurity-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${org.springsecurity-version}</version>
</dependency>
添加controller,
@Controller
public class IndexController {
@RequestMapping(value = "/admin-manage/index", method = RequestMethod.GET)
public String showIndex() {
return null;
}
@RequestMapping(value = "/admin-login", method = RequestMethod.GET)
public String showAdminLogin() {
return null;
}
@RequestMapping(value = "/", method = RequestMethod.GET)
public String home(Locale locale, Model model) {
Date date = new Date();
DateFormat dateFormat = DateFormat.getDateTimeInstance(DateFormat.LONG,
DateFormat.LONG, locale);
String formattedDate = dateFormat.format(date);
model.addAttribute("serverTime", formattedDate);
return "home";
}
}
关键的登录页面。spring security提供的登录页面实在没法用
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<div id="formsContent">
<h2>admin login</h2>
<form action="<c:url value="/j_spring_security_check" />"
class="admin-login-form" method="post">
<fieldset>
<legend>admin login</legend>
User ID<input type="text" name="j_username" /> Password<input
type="password" name="j_password" /> Remember Me<input
type="checkbox" name="_spring_security_remember_me" />
<button type="submit">Submit</button>
<button type="reset">reset</button>
</fieldset>
</form>
</div>
</body>
</html>
修改web.xml
<!-- The definition of the Root Spring Container shared by all Servlets
and Filters -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml
/WEB-INF/spring/spring-security.xml</param-value>
</context-param>
......
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
添加spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<http>
<intercept-url pattern="/admin-manage/**" access="ROLE_USER" />
<form-login login-page="/admin-login" default-target-url="/admin-manage/index"
authentication-failure-url="/admin-login?error=true" />
<logout logout-success-url="/" />
<remember-me />
</http>
<authentication-manager>
<authentication-provider>
<user-service>
<user name="user" password="aaa" authorities="ROLE_USER, ROLE_ADMIN" />
<user name="admin" password="bbb" authorities="ROLE_USER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
这样就ok了。这个简单的登录系统只能做临时项目啊,或者内部的微型项目用用。
完整代码下载:基本的spring mvc + spring security实现的登录(无数据库)