QiaoDuanni
- 浏览: 136921 次
- 性别:
- 来自: 杭州
-
文章分类
最新评论
-
jacks808:
注意关闭相应的流......
Tomcat6下Log4j的log4j:ERROR Failed to rename错误解决办法 -
jacks808:
windows的默认磁盘扇区大小是4kb所以 建议把copy的 ...
Tomcat6下Log4j的log4j:ERROR Failed to rename错误解决办法 -
hnwangdan:
如何 保存treeview 的节点值呢?
build yui treeview by json -
lovepoem:
我刚好遇到需要在ubuntu10。04下面安装vss客户端的问 ...
Ubuntu下使用vss缺少'MFC42.dbg'解决办法 -
podormeijia:
配置不错,不过人不是很厚道,还要写个名字。不过不是很难找了,大 ...
自定义Eclipse颜色(黑板)
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
<bean id="springSecurityFilterChain" class="org.springframework.security.util.FilterChainProxy">
<security:filter-chain-map path-type="ant">
<security:filter-chain pattern="/css/**" filters="none" />
<security:filter-chain pattern="/images/**" filters="none" />
<security:filter-chain pattern="/script/**" filters="none" />
<security:filter-chain pattern="/admin/denied.action" filters="none" />
<security:filter-chain pattern="/denied.action" filters="none" />
<security:filter-chain pattern="/admin/**"
filters="httpSessionContextIntegrationFilter, logoutFilter, adminAuthenticationProcessingFilter, basicProcessingFilter, securityContextHolderAwareRequestFilter, rememberMeProcessingFilter, anonymousProcessingFilter, adminExceptionTranslationFilter, sessionFixationProtectionFilter, adminFilterSecurityInterceptor" />
<security:filter-chain pattern="/**"
filters="httpSessionContextIntegrationFilter, logoutFilter, accessLogFilter, userAuthenticationProcessingFilter, basicProcessingFilter, securityContextHolderAwareRequestFilter, rememberMeProcessingFilter, anonymousProcessingFilter, userExceptionTranslationFilter, sessionFixationProtectionFilter, userFilterSecurityInterceptor" />
</security:filter-chain-map>
</bean>
<!-- ======================== Security Filters ======================= -->
<bean id="httpSessionContextIntegrationFilter" class="org.springframework.security.context.HttpSessionContextIntegrationFilter">
<property name="allowSessionCreation" value="true" />
<property name="forceEagerSessionCreation" value="false" />
<property name="contextClass" value="org.springframework.security.context.SecurityContextImpl" />
</bean>
<!-- Multi authenticationProcessingFilter -->
<bean id="adminAuthenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<property name="rememberMeServices" ref="rememberMeServices" />
<property name="invalidateSessionOnSuccessfulAuthentication" value="true" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/admin/logon.action?login_error=1" />
<property name="defaultTargetUrl" value="/admin/account!list.action?account.accountType=COMMON" />
<property name="filterProcessesUrl" value="/admin/j_spring_security_check" />
</bean>
<bean id="userAuthenticationProcessingFilter" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilter">
<property name="rememberMeServices" ref="rememberMeServices" />
<property name="invalidateSessionOnSuccessfulAuthentication" value="true" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/account/logon.action?login_error=1" />
<property name="defaultTargetUrl" value="/index.action" />
<property name="filterProcessesUrl" value="/j_spring_security_check" />
</bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.wrapper.SecurityContextHolderAwareRequestFilter" />
<bean id="basicProcessingFilter" class="org.springframework.security.ui.basicauth.BasicProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint" />
<property name="rememberMeServices" ref="rememberMeServices" />
</bean>
<bean id="logoutFilter" class="org.springframework.security.ui.logout.LogoutFilter">
<constructor-arg value="/index.action" />
<constructor-arg>
<list>
<bean class="org.springframework.security.ui.logout.SecurityContextLogoutHandler" />
<ref local="rememberMeServices" />
</list>
</constructor-arg>
<property name="filterProcessesUrl" value="/j_spring_security_logout" />
</bean>
<bean id="rememberMeProcessingFilter" class="org.springframework.security.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices" />
</bean>
<bean id="anonymousProcessingFilter" class="org.springframework.security.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="doesNotMatter" />
<property name="userAttribute" value="roleAnonymous, ROLE_ANONYMOUS" />
</bean>
<!-- Multi exceptionTranslationFilter -->
<bean id="adminExceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/admin/logon.action" />
<property name="forceHttps" value="false" />
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="com.ef.delivery.handler.AccessDeniedHandlerImpl">
<property name="deniedUrl" value="/admin/denied.action" />
</bean>
</property>
</bean>
<bean id="userExceptionTranslationFilter" class="org.springframework.security.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/account/logon.action" />
<property name="forceHttps" value="false" />
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="org.springframework.security.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/denied.jsp" />
</bean>
</property>
</bean>
<bean id="sessionFixationProtectionFilter" class="org.springframework.security.ui.SessionFixationProtectionFilter" />
<bean id="accessLogFilter" class="com.ef.delivery.filters.AccessLogFilter"></bean>
<!-- ======================== Interceptor ======================= -->
<bean id="adminFilterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="objectDefinitionSource">
<security:filter-invocation-definition-source>
<security:intercept-url pattern="/admin/logon.action" access="ROLE_ANONYMOUS" />
<security:intercept-url pattern="/admin/*" access="ROLE_SUPERVISOR" />
</security:filter-invocation-definition-source>
</property>
</bean>
<bean id="userFilterSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
<property name="accessDecisionManager" ref="httpRequestAccessDecisionManager" />
<property name="authenticationManager" ref="authenticationManager" />
<property name="objectDefinitionSource">
<security:filter-invocation-definition-source>
<security:intercept-url pattern="/account/shopRegister*" access="ROLE_SHOP, ROLE_SUPERVISOR" />
<security:intercept-url pattern="/myzone/*.action" access="ROLE_USER" />
<security:intercept-url pattern="/community/*!create.action" access="ROLE_USER" />
<security:intercept-url pattern="/shop/*!create.action" access="ROLE_USER" />
<security:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
</security:filter-invocation-definition-source>
</property>
</bean>
<!-- ======================== Dao Service ======================= -->
<bean id="securityDataSource" class="com.ef.delivery.persistence.ibatis.SecurityDaoSqlMap" />
<!-- ======================== Manager ======================= -->
<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions" value="false" />
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.vote.RoleVoter" />
<bean class="org.springframework.security.vote.AuthenticatedVoter" />
</list>
</property>
</bean>
<bean id="authenticationManager" class="org.springframework.security.config.NamespaceAuthenticationManager">
<property name="providerBeanNames">
<list>
<value>anonymousAuthenticationProvider</value>
<value>rememberMeAuthenticationProvider</value>
<value>authenticationProvider</value>
</list>
</property>
</bean>
<!-- ======================== Entry Point ======================= -->
<bean id="basicProcessingFilterEntryPoint" class="org.springframework.security.ui.basicauth.BasicProcessingFilterEntryPoint">
<property name="realmName" value="Spring Security Application" />
</bean>
<!-- ======================== Service ======================= -->
<bean id="rememberMeServices" class="org.springframework.security.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="securityDataSource" />
<property name="tokenValiditySeconds" value="1800"></property>
<property name="key" value="SpringSecured" />
</bean>
<!-- ======================== Provider ================================== -->
<bean id="anonymousAuthenticationProvider" class="org.springframework.security.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="doesNotMatter" />
</bean>
<bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="SpringSecured" />
</bean>
<bean id="authenticationProvider" class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
<property name="hideUserNotFoundExceptions" value="false" />
<property name="userDetailsService" ref="securityDataSource" />
<property name="passwordEncoder">
<bean class="org.springframework.security.providers.encoding.PlaintextPasswordEncoder" />
</property>
</bean>
<!-- ======================== Message Source ================================== -->
<bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basenames">
<list>
<value>org.springframework.security.messages</value>
</list>
</property>
</bean>
</beans>
http://protory.tistory.com/entry/Spring-Security-Multi-login-page-setting
分享到:
发表评论
-
浅淡HBase的ACID
2013-04-23 17:20 2920http://archfan.sinaapp.com/2012 ... -
activemq 性能优化
2011-05-03 10:03 2528activemq How to configure Acti ... -
svn config
2010-11-11 15:09 2344引用 ### This file configures var ... -
eclipse java 视图的好处
2010-07-12 12:04 1637Hide jars from Project Explorer ... -
Trustno1回贴:晒晒自己这学期课程..有更强大的也晒晒吧..
2010-04-29 15:39 1334WindowXP 写道 有誰能說說綫數 怎麽學? 高 ... -
华硕(asus)笔记本m50vn在ubuntu下配置fn+a快捷键
2009-12-29 09:47 2674华硕笔记本装了ubuntu以后屏幕亮度会偏暗,即使fn+f6调 ... -
ubuntu下eclipse ctrl+k快捷键冲突
2009-10-10 17:37 1939eclipse的快捷键ctrl+k(向下搜索鼠标选中的文字)不 ... -
css hack 下划线 星号
2009-09-07 11:11 2594IE6识别*和_, 不识别 !important IE7识别* ... -
回复: 大数据量导出Excel的方案
2009-07-17 15:24 2055http://www.iteye.com/post/10857 ... -
spring security 登录请求获取附加参数
2009-05-26 15:16 1934http://forum.springsource.org/s ... -
spring security中自定义authenticationProcessingFilter
2009-05-26 15:06 4598http://hszdz.iteye.com/blog/337 ... -
spring security添加验证码处理
2009-05-26 15:00 5032public class CustomAuthenticati ... -
回复: 女生学计算机 路在何方
2009-04-22 21:03 865daquan198163 写道引用培养兴趣 优于 勤奋刻苦 ... -
华硕(ASUS)M50S81VN-SL外接 Dell 2209wa出现水波纹
2009-04-12 13:58 1888原因: http://we.pcinlife.com/thre ... -
对和服的愤怒很愚蠢
2009-03-30 12:30 885ozzzzzz 写道和服不管怎 ... -
华硕笔记本 M50VN XP 驱动
2009-03-22 15:26 2539转自 : http://www.gscwl.cn/ ... -
解决Intel HD Audio Controller声卡问题
2009-03-06 22:15 2603解决Intel HD Audio Controller ... -
struts2 covention plugin startup log
2009-03-02 15:29 1526[main] DEBUG org.apache.struts2 ... -
struts2.X与spring集成
2008-12-30 15:51 1162转自:struts2.与spring集成 1.将struts ... -
Spring Framework开发参考手册 html格式zip包
2008-09-03 13:33 2558Spring Framework开发参考手册(Spring 2 ...
相关推荐
Spring Security 实践指南 Spring Security 是一个基于 Java 的安全框架,旨在提供身份验证、授权和访问控制等功能。下面是 Spring Security 的主要知识点: 一、身份验证(Authentication) 身份验证是指对用户...
Spring Security 是一个强大的安全框架,主要用于Java应用的安全管理,它为Web应用和企业级应用提供了全面的安全服务。这个框架能够处理认证、授权以及各种安全相关的功能,帮助开发者构建安全、可扩展的应用。以下...
Spring Security是一个功能强大、高度定制的安全框架,它专门用于为基于Spring的应用程序提供安全性解决方案。Spring Security架构的设计初衷是为了解决认证和授权的需求,确保应用程序的安全性。它提供了全面的安全...
SpringSecurity是Java开发中用于构建安全Web应用的框架,它提供了强大的身份验证、授权和访问控制功能。在本文中,我们将深入探讨SpringSecurity的核心概念、关键组件以及如何配置和使用这个框架。 首先,Spring...
SpringSecurity是Java领域中一款强大的安全框架,主要用于Web应用程序的安全管理。它提供了全面的身份验证、授权、会话管理以及安全相关的功能,可以帮助开发者构建安全的Web应用。在本笔记中,我们将深入探讨Spring...
Spring Security 是一个强大的Java安全框架,用于保护基于Spring的应用程序。它提供了全面的安全服务,包括认证、授权、CSRF防护、会话管理等。在深入理解Spring Security之前,我们需要了解几个核心概念: 1. **...
首先,`spring security login 样例`是一个用于演示和学习的项目,它展示了如何在Spring Security中集成注解来处理用户认证和授权。`securelogin`可能是该项目的核心模块或主目录,包含了所有与安全相关的配置和代码...
Spring Security 是一个强大的安全框架,用于为Java应用提供身份验证和授权服务。在这个完整的项目实例中,我们将深入探讨Spring Security的核心概念以及如何将其应用于实际的Web应用程序开发。 首先,我们从用户、...
在压缩包文件`spring_gateway_security_webflux`中,可能包含了示例代码或配置文件,用于演示如何在Spring Cloud Gateway中集成Spring Security,实现统一登录认证鉴权。这些资源可以帮助开发者更快地理解和实践上述...
Spring Security是一个功能强大且高度可定制的身份验证和授权框架,专门用于保护Java应用程序的安全性。它构建在Spring Framework基础之上,提供了全面的安全解决方案,包括身份验证、授权、攻击防护等功能。 Spring...
### Spring Security 3.0.1 中文版知识点解析 #### 一、Spring Security 3.0.1 概览 ##### 1.1 Spring Security 是什么? Spring Security 是一个强大的、高度可定制的身份验证和访问控制框架。它提供了许多功能...
SpringBoot+SpringSecurity处理Ajax登录请求问题 SpringBoot+SpringSecurity处理Ajax登录请求问题是SpringBoot开发中的一個常见问题,本文将详细介绍如何使用SpringBoot+SpringSecurity处理Ajax登录请求问题。 ...
Spring Security 是一个强大的安全框架,用于为Java应用提供全面的安全管理解决方案。它是Spring生态系统的组成部分,专注于身份验证、授权和访问控制。Spring Security的核心特性包括: 1. **身份验证...
Spring Security 是一个强大的和高度可定制的身份验证和访问控制框架,广泛用于Java应用程序的安全性管理。这个压缩包包含了Spring Security 4.0.0版本所需的jar包,这是一组核心组件,为构建安全的Web应用提供了...
Spring Security是Spring生态体系中的一个核心组件,主要负责应用程序的安全性,包括认证和授权。它为Web应用提供了全面的保护,防止未经授权的访问和操作。在版本2.5时,Spring Security已经是一个成熟且功能丰富的...
在IT行业中,SpringBoot、SpringSecurity和WebSocket是三个非常重要的技术组件,它们分别在应用程序开发、安全管理和实时通信方面发挥着关键作用。本项目结合这三个技术,构建了一个整合的示例,旨在展示如何在...
### Spring Security 官方文档中文版重要知识点解析 #### 一、Spring Security 概述 **1.1 Spring Security 是什么?** Spring Security 是一款基于 Spring 框架的安全插件,提供了完整的安全性解决方案,包括...
### Spring Security 概述与应用实践 #### 一、引言 在当今互联网时代,网络安全问题日益凸显,尤其是Web应用程序的安全性受到了前所未有的关注。为了应对这些挑战,Spring Security 应运而生,成为了一个非常重要...
Spring Security 是一个强大的安全框架,主要用于Java Web应用的安全管理,包括认证、授权和访问控制等。在Spring Boot中,Spring Security 提供了简洁的API和自动化配置,使得开发者能够快速集成安全功能。在这个名...
Spring Security 是一个强大的和高度可定制的身份验证和访问控制框架,用于Java应用程序。在这个场景中,我们关注的是如何使用Spring Security实现登录验证以及在登录过程中传递参数,特别是记录并返回用户登录前的...