spring security framework xml

Others 2020-03-27 20:40:22 views: null
<?xml version="1.0" encoding="UTF-8"?>

<beans:beans
xmlns=“http://www.springframework.org/schema/security”
xmlns:beans=“http://www.springframework.org/schema/beans”
xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”
xmlns:dubbo=“http://code.alibabatech.com/schema/dubbo”

xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
					http://code.alibabatech.com/schema/dubbo http://code.alibabatech.com/schema/dubbo/dubbo.xsd
					http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
//这是对静态资源放行的规则
<http pattern="/*.html" security="none"/>
<http pattern="/css/**" security="none"/>
<http pattern="/img/**" security="none"/>
<http pattern="/js/**" security="none"/>
<http pattern="/plugins/**" security="none"/>
<http pattern="/seller/add.do" security="none"/>

<!-- use-expressions:设置是否启动SpEL表达式,默认值是true。 -->
<http use-expressions="false">
	<!-- 
		配置SpringSecurity的拦截路径(拦截规则) 
		* pattern:配置拦截规则。   /* 代表的是根路径下的所有资源(不包含子路径) /**代表的是根路径下所有的资源(包含子路径)
		* access:设置角色  角色命名 ROLE_角色名称  如:  ROLE_USER  
	-->
	<intercept-url pattern="/**" access="ROLE_SELLER"/>
	
	<!-- 
	开启表单验证 
		username-parameter="username" 
		password-parameter="password" 
		login-page			:登录页面名称  以  / 开始
		default-target-url	:登录成功后跳转的页面
		login-processing-url:提交的路径的设置 默认值"/login" 可以修改
	-->
	<form-login login-page="/shoplogin.html" default-target-url="/admin/index.html" always-use-default-target="true" authentication-failure-url="/shoplogin.html"/>
	
	<!-- 不使用csrf的校验 -->
	<csrf disabled="true"/>
	
	<!-- 配置框架页面不拦截 -->
	<headers>
		<frame-options policy="SAMEORIGIN"/>
	</headers>
	
	<!-- 注销的配置 -->
	<logout logout-url="/logout" logout-success-url="/shoplogin.html" />
</http>

<!-- 配置认证管理器 -->
<authentication-manager>
	<!-- 认证的提供者 -->
	<authentication-provider user-service-ref="userDetailService">
   
           这里是对密码实现加密
		<!--<password-encoder ref="passwordEncoder"></password-encoder>	-->
	</authentication-provider>
</authentication-manager>
	

<!-- 引用dubbo 服务 -->	
<dubbo:application name="pinyougou-shop-web" />
<dubbo:registry address="zookeeper://192.168.200.128:2181"/>
<dubbo:reference id="sellerService"  interface="com.offcn.core.brand.SellerService" >
</dubbo:reference>

<!-- 配置自定义的认证类 -->
<beans:bean id="userDetailService" class="com.offcn.core.service.UserDetailServiceImpl">
***//这里要用set方法注入sellerService 的对象***
	<beans:property name="sellerService" ref="sellerService"></beans:property>
</beans:bean>


<beans:bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>

</beans:beans>

ninth_spring
Published 33 original articles · won praise 0 · Views 877
Private letter concerns

Guess you like

Origin blog.csdn.net/ninth_spring/article/details/103616449
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com