web.xml进行拦截配置
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring-security.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
拦截
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>
springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
|
springecurity配置文件
security="none"
设置此资源不被拦截
.
登录提交地址
/login
该地址由
SpringSecurity
生成,提交方法必须是
POST
intercept-url
表示拦截页面
/*
表示的是该目录下的资源,只包括本级目录不包括下级目录
/**
表示的是该目录以及该目录下所有级别子目录的资源
form-login
为开启表单登陆
use-expressions
为是否使用使用
Spring
表达式语言(
SpEL
),默认为
true
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
beans:beans
xmlns
=
"http://www.springframework.org/schema/security"
xmlns:beans
=
"http://www.springframework.org/schema/beans"
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation
=
"http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd"
>
<!--
配置
favicon.ico
不进行安全拦截
-->
<
http
pattern
=
"/favicon.ico"
security
=
"none"
/>
<!--
以下页面不被拦截
-->
<
http
pattern
=
"/login.html"
security
=
"none"
></
http
>
<
http
pattern
=
"/css/**"
security
=
"none"
></
http
>
<
http
pattern
=
"/img/**"
security
=
"none"
></
http
>
<
http
pattern
=
"/js/**"
security
=
"none"
></
http
>
<
http
pattern
=
"/plugins/**"
security
=
"none"
></
http
>
<!--
页面拦截规则
-->
<
http
use-expressions
=
"false"
>
<
intercept-url
pattern
=
"/**"
access
=
"ROLE_ADMIN"
/>
<
form-login
login-page
=
"/login.html"
default-target-url
=
"/admin/index.html
"
authentication-failure-url
=
"
/login.html"
always-use-default-target
=
"true"
/>
<
csrf
disabled
=
"true"
/>
<
headers
>
<
frame-options
policy
=
"SAMEORIGIN"
/>
</
headers
>
</
http
>
<!--
认证管理器
-->
<
authentication-manager
>
<
authentication-provider
>
<
user-service
>
//直接配置
<user name="admin" password="123456"
authorities="ROLE_ADMIN"/>
<user name="sunny" password="offcn123"
authorities="ROLE_ADMIN"/>
</
user-service
>
</
authentication-provider
>
</
authentication-manager
>
</
beans:beans
>
|
获取名字
String
name
=SecurityContextHolder.
getContext
().getAuthentication().getName();
|
自定义认证类,实现
SpringSecurity
的
UserDetailsService
接口,重写
loadUserByUsername
方法
public class
UserDetailsServiceImpl
implements
UserDetailsService {
@Override
public
UserDetails loadUserByUsername(String
username
)
throws
UsernameNotFoundException {
List<GrantedAuthority>
grantedAuths
=
new
ArrayList<GrantedAuthority>();
grantedAuths
.add(
new
SimpleGrantedAuthority(
"ROLE_SELLER"
));
//返回
//return new
User(
username
,
"123456"
,
grantedAuths
);
//或者道数据库查询
//
得到对象
TbSeller
seller
=
sellerService
.findOne(
username
);
if
(
seller
!=
null
){
if
(
seller
.getStatus().equals(
"1"
)){
return new
User(
username
,
seller
.getPassword(),
grantAuths
);
}
else
{
return null
;
}
}
|
自定义认证springsecurity配置更改
<!--
认证管理器
-->
<
authentication-manager
>
<
authentication-provider
user-service-ref
=
"userDetailService"
>
</
authentication-provider
>
</
authentication-manager
>
<!--
定义自定义认证类
-->
<
beans:bean
id
=
"userDetailService"
class
=
"com.offcn.service.UserDetailsServiceImpl"
></
beans:bean
>
|
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
beans:beans
xmlns
=
"http://www.springframework.org/schema/security"
xmlns:beans
=
"http://www.springframework.org/schema/beans"
xmlns:xsi
=
"http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation
=
"http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd"
>
<!--
配置
favicon.ico
不进行安全拦截
-->
<
http
pattern
=
"/favicon.ico"
security
=
"none"
/>
<!--
页面拦截规则
-->
<
http
use-expressions
=
"false"
>
<
intercept-url
pattern
=
"/**"
access
=
"ROLE_USER"
/>
<
form-login
/>
</
http
>
<!--
认证管理器
-->
<
authentication-manager
>
<
authentication-provider
>
<
user-service
>
<
user
name
=
"admin"
password
=
"123456"
authorities
=
"ROLE_USER"
/>
</
user-service
>
</
authentication-provider
>
</
authentication-manager
>