spring security之hello world-蒲公英云

spring security之hello world

た入场券 2022-05-29 03:28 239阅读 0赞

        spring security是一个专门用来做认证和验证的框架，大量的应用于J2EE的权限控制模块中,我自己做了一个简单的demo，仅供大家参考.
        第一步，maven依赖
<dependencies>  
    <dependency>  
        <groupId>org.springframework.security</groupId>  
        <artifactId>spring-security-web</artifactId>  
        <version>3.2.0.RELEASE</version>  
    </dependency>  
    <dependency>  
        <groupId>org.springframework.security</groupId>  
        <artifactId>spring-security-config</artifactId>  
        <version>3.2.0.RELEASE</version>  
    </dependency>  
</dependencies>
    第二步  web.xml中添加过滤器
<filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

第三步配置访问权限

<http>
        <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN"/>
        <intercept-url pattern="/**" access="ROLE_USER"/>
        <form-login />
        <logout />
    </http>
    <authentication-manager>
        <authentication-provider>
            <user-service>
                <user name="admin" password="admin" authorities="ROLE_USER,ROLE_ADMIN"/>
                <user name="user" password="user" authorities="ROLE_USER"/>
            </user-service>
        </authentication-provider>
    </authentication-manager>
</beans:beans>