您的位置:首页 > 编程语言 > Java开发

spring security2中对url进行拦截的配置

2009-07-23 17:15 323 查看
1、配置web.xml文件:

<!-- 指定spring security的配置文件-->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring-security.xml</param-value>
</context-param>

<!-- spring security 的 Filter Chain 代理 -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<!-- 取得Spring的Context -->
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>


2、配置spring-security.xml(该文件名字与web.xml中的<context-param />中的相对应) :

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"> 
<http auto-config="true">
<!-- 登录页面不拦截,任何人都可以访问到 -->
<intercept-url pattern="/login.jsp" filters="none" />
<!-- 需要拦截的路径,pattern表示要拦截的路径,access表示能够访问的角色 -->
<intercept-url pattern="/a/*"
access="ROLE_A,ROLE_ADMIN,ROLE_SUPER" />
<intercept-url pattern="/a/aa/*"
access="ROLE_AA,ROLE_ADMIN,ROLE_SUPER" />
<intercept-url pattern="/b/*"
access="ROLE_B,ROLE_ADMIN,ROLE_SUPER" />
<intercept-url pattern="/b/bb/*"
access="ROLE_BB,ROLE_ADMIN,ROLE_SUPER" />
<!-- 指定登录页面 -->
<form-login login-page="/login.jsp" />
<!-- 指定退出后要显示的页面 -->
<logout logout-success-url="/index.jsp"></logout>
<!-- 同步session控制 -->
<concurrent-session-control max-sessions="1" />
</http>
<!-- 认证提供器 -->
<authentication-provider>
<password-encoder hash="plaintext"></password-encoder>
<user-service>
<user password="super" name="super"
authorities="ROLE_SUPER" />
<user password="admin" name="admin"
authorities="ROLE_ADMIN" />
<user password="a" name="a" authorities="ROLE_A" />
<user password="b" name="b" authorities="ROLE_B" />
<user password="aa" name="aa" authorities="ROLE_AA" />
<user password="bb" name="bb" authorities="ROLE_BB" />
</user-service>
</authentication-provider>
</beans:beans>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航