SpringSecurity框架使用

                                           web.xml进行拦截配置

<context-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:spring-security.xml</param-value> </context-param> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> 拦截 <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name> springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

springecurity配置文件

security="none" 设置此资源不被拦截 .

登录提交地址 /login 该地址由 SpringSecurity 生成，提交方法必须是 POST

 

intercept-url 表示拦截页面

/* 表示的是该目录下的资源，只包括本级目录不包括下级目录

/** 表示的是该目录以及该目录下所有级别子目录的资源

form-login 为开启表单登陆

use-expressions 为是否使用使用 Spring 表达式语言（ SpEL ），默认为 true  

<? xml version = "1.0" encoding = "UTF-8" ?> < beans:beans xmlns = "http://www.springframework.org/schema/security" xmlns:beans = "http://www.springframework.org/schema/beans" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation = "http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd" > <!-- 配置 favicon.ico 不进行安全拦截 --> < http pattern = "/favicon.ico" security = "none" /> <!-- 以下页面不被拦截 --> < http pattern = "/login.html" security = "none" ></ http > < http pattern = "/css/**" security = "none" ></ http > < http pattern = "/img/**" security = "none" ></ http > < http pattern = "/js/**" security = "none" ></ http > < http pattern = "/plugins/**" security = "none" ></ http > <!-- 页面拦截规则 --> < http use-expressions = "false" > < intercept-url pattern = "/**" access = "ROLE_ADMIN" /> < form-login login-page = "/login.html" default-target-url = "/admin/index.html " authentication-failure-url = " /login.html" always-use-default-target = "true" /> < csrf disabled = "true" /> < headers > < frame-options policy = "SAMEORIGIN" /> </ headers > </ http > <!-- 认证管理器 --> < authentication-manager > < authentication-provider > < user-service > //直接配置   <user name="admin" password="123456" authorities="ROLE_ADMIN"/> <user name="sunny" password="offcn123" authorities="ROLE_ADMIN"/> </ user-service > </ authentication-provider > </ authentication-manager > </ beans:beans >

                                                                                           获取名字

String  name =SecurityContextHolder. getContext ().getAuthentication().getName();

 自定义认证类，实现 SpringSecurity 的 UserDetailsService 接口，重写 loadUserByUsername 方法

public class UserDetailsServiceImpl implements UserDetailsService { @Override public UserDetails loadUserByUsername(String username ) throws UsernameNotFoundException { List<GrantedAuthority> grantedAuths = new ArrayList<GrantedAuthority>(); grantedAuths .add( new SimpleGrantedAuthority( "ROLE_SELLER" )); //返回   //return new User( username , "123456" , grantedAuths );   //或者道数据库查询 // 得到对象 TbSeller seller = sellerService .findOne( username ); if ( seller != null ){ if ( seller .getStatus().equals( "1" )){ return new User( username , seller .getPassword(), grantAuths ); } else { return null ; } }

自定义认证springsecurity配置更改

<!-- 认证管理器 --> < authentication-manager > < authentication-provider user-service-ref = "userDetailService" > </ authentication-provider > </ authentication-manager > <!-- 定义自定义认证类 --> < beans:bean id = "userDetailService" class = "com.offcn.service.UserDetailsServiceImpl" ></ beans:bean >

<? xml version = "1.0" encoding = "UTF-8" ?>

< beans:beans xmlns = "http://www.springframework.org/schema/security"

xmlns:beans = "http://www.springframework.org/schema/beans"

xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation = "http://www.springframework.org/schema/beans

http://www.springframework.org/schema/beans/spring-beans.xsd

http://www.springframework.org/schema/security

http://www.springframework.org/schema/security/spring-security.xsd" >

<!-- 配置 favicon.ico 不进行安全拦截 -->

< http pattern = "/favicon.ico" security = "none" />

<!-- 页面拦截规则 -->

< http use-expressions = "false" >

< intercept-url pattern = "/**" access = "ROLE_USER" />

< form-login />

</ http >

<!-- 认证管理器 -->

< authentication-manager >

< authentication-provider >

< user-service >

< user name = "admin" password = "123456"

authorities = "ROLE_USER" />

</ user-service >

</ authentication-provider >

</ authentication-manager >