https://github.com/newjava1/SpringSecurity.git
SpringSecurity
1. Application Description
SpringSecurity is an application managed by maven, using mvc mode, including several sub-projects.
SpringSecurity-Common encapsulates the configuration of spring-security and provides the service layer for authority management. The control layer adopts springmvc or struts2, and the persistence layer adopts hibernate or ibatis;
SpringSecurity-Action encapsulates the control layer code of struts;
SpringSecurity-Controller encapsulates springmvc The control layer code;
SpringSecurity-Dao-Hibernate persistence layer adopts hibernate;
SpringSecurity-Dao-Ibatis persistence layer adopts ibatis;
SpringSecurity-Web is used for integration testing;
SpringSecurity-Web/pom.xml, SpringSecurity-Action and SpringSecurity-Controller choose one SpringSecurity-Web/pom.xml, SpringSecurity-Dao-Hibernate and SpringSecurity-Dao-Ibatis choose a
SpringSecurity-Common to encapsulate the configuration of integrated spring-security and implement some basic logic for managing UAL.
Readers can expand or modify the jar according to the actual situation Bag
sql initialization statement:
SpringSecurity-Common/sql.mysql.init
SpringSecurity-Common/sql.oracle.init
1.1 The choice of Action and Controller depends on whether the user's main framework uses struts or springmvc as the control layer
SpringSecurity-Web/web.xml choice The corresponding filter
SpringSecurity-Web/pom.xml
configures
the
corresponding
dependencies For the jar package of the main project, select springmvc or struts, ibatis or hibernate. Modify pom.xml to generate different dependent jar packages and
web.xml modification:
<!-- <filter>
<filter-name>struts2-cleanup</filter-name>
<filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
</filter>
<filter>
<filter-name>struts2Filter</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2-cleanup</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>struts2Filter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>struts2Filter</filter-name>
<url-pattern>*.jsp</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>struts2Filter</filter-name>
<url-pattern>*.action</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping> -->
<!-- springmvc configuration-integrated SpringSecurity-Controller -->
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:spring/applicationContext-servlet.xml</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
3.1 The login method of Spring Security-Common needs to be integrated for login.
For the fields of the user table, etc., modify them as needed. You can modify the landing page style, set the home page, etc.
3.2 Integrate permissions configuration
on the page On the actual business page, add tags to control permissions:
<%@ taglib uri="/ss" prefix="ss"%> ... < ss:permission permission="/url.do"> ... </ss:permission>
If the login user does not have the permission of /url.do, the content inside cannot be seen (that is, the permission is not used)