xlofty
- 浏览: 28765 次
- 来自: ...
-
最新评论
-
wanglongqiang:
还别说,我同事儿就做过这样的事情,Tomcat下面跑的是一个项 ...
eclipse,自己没有设置断点,也会在debug时断点 -
wanglongqiang:
我记得我以前好像是通过改注册表文件做到的,学习了...
设置windows7自动登录默认帐号 -
wanglongqiang:
嗯,很早前我也遇到过这样的问题,用jsp生成pdf文件,用过好 ...
getOutputStream() has already been called for this response -
jiayp:
,支持了。有效。
jetty->请求的操作无法在使用用户映射区域打开的文件上执行
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">
<!-- 验证处理,使用表单-->
<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/login.jsp?login_error=1</value>
</property>
<property name="defaultTargetUrl">
<value>/protected/loginsuccess.jsp</value>
</property>
<property name="filterProcessesUrl">
<value>/j_acegi_security_check</value>
</property>
</bean>
<!--验证管理员,管理验证资讯提供者-->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider"/>
<ref local="rememberMeAuthenticationProvider"/><!--Cookie登入-->
</list>
</property>
</bean>
<!-- 验证提供者,指定使用存储来源中的验证信息-->
<bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<!--<property name="userDetailsService"><ref local="inMemoryDaoImpl"/></property>配制用户-->
<property name="userDetailsService" ref="jdbcDaoImpl"/>
<property name="userCache" ref="userCache"/> <!--将用用户缓存,在缓存中找不到,再去源中查-->
</bean>
<!--
<bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource"/>
<property name="usersByUsernameQuery">
<value>SELECT username as USERNAME,password as PASSWORD,state as ENABLED FROM devpro.users WHERE username=?</value>
</property>
<property name="authoritiesByUsernameQuery">
<value>
SELECT a.username as USERNAME,e.auth_type as AUTHORITY FROM devpro.users a,devpro.user_role b,devpro.role c,devpro.role_auth d,devpro.authorities e WHERE a.user_id=b.user_id and b.role_id = c.role_id and c.role_id=d.role_id and d.auth_id=e.auth_id and username=?
</value>
</property>
</bean>
-->
<bean id="jdbcDaoImpl" class="com.cenbow.util.JdbcDaoImpl">
<property name="dataSource" ref="dataSource"/>
<property name="usersByUsernameQuery">
<value>SELECT username as USERNAME,password as PASSWORD,state as ENABLED,user_id as id,name FROM devpro.users WHERE username=?</value>
</property>
<property name="authoritiesByUsernameQuery">
<value>
SELECT a.username as USERNAME,e.auth_type as AUTHORITY,a.user_id as id,name FROM devpro.users a,devpro.user_role b,devpro.role c,devpro.role_auth d,devpro.authorities e WHERE a.user_id=b.user_id and b.role_id = c.role_id and c.role_id=d.role_id and d.auth_id=e.auth_id and username=?
</value>
</property>
</bean>
<!--<bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
caterpillar=123456,ROLE_SUPERVISOR
user1=user1pwd,ROLE_USER
user2=user2pwd,disabled,ROLE_USER
</value>
</property>
</bean> -->
<bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property name="cache">
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
</property>
<property name="cacheName" value="userCache" />
</bean>
</property>
</bean>
<!-- 发生验证错误或权限错误时的处理 -->
<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.jsp"/>
<property name="forceHttps" value="false"/>
</bean>
</property>
<property name="accessDeniedHandler">
<bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
<property name="errorPage" value="/protected/accessDenied.jsp"/>
</bean>
</property>
</bean>
<!-- FilterSecurityInterceptor 对 URI 进行保护 -->
<bean id="filterSecurityInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<!-- 验证管理员 -->
<property name="authenticationManager" ref="authenticationManager" />
<!-- 授权管理员 -->
<property name="accessDecisionManager" ref="accessDecisionManager" />
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/protected/**=ROLE_USER
</value>
</property>
</bean>
<!-- 授权管理员 -->
<!--<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">-->
<bean id="accessDecisionManager" class="org.acegisecurity.vote.UnanimousBased">
<!-- 是否全部弃权时视为通过() -->
<property name="allowIfAllAbstainDecisions" value="false" />
<property name="decisionVoters">
<list>
<bean class="org.acegisecurity.vote.RoleVoter" />
</list>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />
<!-- 利用cookie自动登入 -->
<bean id="rememberMeProcessingFilter"
class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="rememberMeServices"
class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
<!--<property name="userDetailsService" ref="inMemoryDaoImpl"/> -->
<property name="userDetailsService" ref="jdbcDaoImpl"/>
<property name="key" value="javauser"/>
</bean>
<bean id="rememberMeAuthenticationProvider"
class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="javauser"/>
</bean>
<!--登出后显示-->
<bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter">
<constructor-arg value="/login.jsp"/> <!-- 登出后显示的页面 -->
<constructor-arg>
<list>
<bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler"/>
</list>
</constructor-arg>
</bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<!-- Filter Chain -->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,exceptionTranslationFilter,filterSecurityInterceptor,logoutFilter,rememberMeProcessingFilter
</value>
</property>
</bean>
</beans>
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package com.cenbow.util;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
//import org.acegisecurity.userdetails.User;
import com.cenbow.util.User;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.springframework.context.ApplicationContextException;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.SqlParameter;
import org.springframework.jdbc.core.support.JdbcDaoSupport;
import org.springframework.jdbc.object.MappingSqlQuery;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Types;
import java.util.List;
import javax.sql.DataSource;
/**
* <p>Retrieves user details (username, password, enabled flag, and authorities) from a JDBC location.</p>
* <p>A default database structure is assumed, (see {@link #DEF_USERS_BY_USERNAME_QUERY} and {@link
* #DEF_AUTHORITIES_BY_USERNAME_QUERY}, which most users of this class will need to override, if using an existing
* scheme. This may be done by setting the default query strings used. If this does not provide enough flexibility,
* another strategy would be to subclass this class and override the {@link MappingSqlQuery} instances used, via the
* {@link #initMappingSqlQueries()} extension point.</p>
* <p>In order to minimise backward compatibility issues, this DAO does not recognise the expiration of user
* accounts or the expiration of user credentials. However, it does recognise and honour the user enabled/disabled
* column.</p>
*
* @author Ben Alex
* @author colin sampaleanu
* @version $Id: JdbcDaoImpl.java 1784 2007-02-24 21:00:24Z luke_t $
*/
public class JdbcDaoImpl extends JdbcDaoSupport implements UserDetailsService {
//~ Static fields/initializers =====================================================================================
public static final String DEF_USERS_BY_USERNAME_QUERY =
"SELECT username,password,enabled FROM users WHERE username = ?";
public static final String DEF_AUTHORITIES_BY_USERNAME_QUERY =
"SELECT username,authority FROM authorities WHERE username = ?";
//~ Instance fields ================================================================================================
protected MappingSqlQuery authoritiesByUsernameMapping;
protected MappingSqlQuery usersByUsernameMapping;
private String authoritiesByUsernameQuery;
private String rolePrefix = "";
private String usersByUsernameQuery;
private boolean usernameBasedPrimaryKey = true;
//~ Constructors ===================================================================================================
public JdbcDaoImpl() {
usersByUsernameQuery = DEF_USERS_BY_USERNAME_QUERY;
authoritiesByUsernameQuery = DEF_AUTHORITIES_BY_USERNAME_QUERY;
}
//~ Methods ========================================================================================================
/**
* Allows subclasses to add their own granted authorities to the list to be returned in the
* <code>User</code>.
*
* @param username the username, for use by finder methods
* @param authorities the current granted authorities, as populated from the <code>authoritiesByUsername</code>
* mapping
*/
protected void addCustomAuthorities(String username, List authorities) {
}
public String getAuthoritiesByUsernameQuery() {
return authoritiesByUsernameQuery;
}
public String getRolePrefix() {
return rolePrefix;
}
public String getUsersByUsernameQuery() {
return usersByUsernameQuery;
}
protected void initDao() throws ApplicationContextException {
initMappingSqlQueries();
}
/**
* Extension point to allow other MappingSqlQuery objects to be substituted in a subclass
*/
protected void initMappingSqlQueries() {
this.usersByUsernameMapping = new UsersByUsernameMapping(getDataSource());
this.authoritiesByUsernameMapping = new AuthoritiesByUsernameMapping(getDataSource());
}
public boolean isUsernameBasedPrimaryKey() {
return usernameBasedPrimaryKey;
}
public UserDetails loadUserByUsername(String username)
throws UsernameNotFoundException, DataAccessException {
List users = usersByUsernameMapping.execute(username);
if (users.size() == 0) {
throw new UsernameNotFoundException("User not found");
}
User user = (User) users.get(0); // contains no GrantedAuthority[]
List dbAuths = authoritiesByUsernameMapping.execute(user.getUsername());
addCustomAuthorities(user.getUsername(), dbAuths);
if (dbAuths.size() == 0) {
throw new UsernameNotFoundException("User has no GrantedAuthority");
}
GrantedAuthority[] arrayAuths = (GrantedAuthority[]) dbAuths.toArray(new GrantedAuthority[dbAuths.size()]);
String returnUsername = user.getUsername();
if (!usernameBasedPrimaryKey) {
returnUsername = username;
}
return new User(returnUsername, user.getPassword(), user.isEnabled(), true, true, true, arrayAuths,user.getId(),user.getName());
}
/**
* Allows the default query string used to retrieve authorities based on username to be overriden, if
* default table or column names need to be changed. The default query is {@link
* #DEF_AUTHORITIES_BY_USERNAME_QUERY}; when modifying this query, ensure that all returned columns are mapped
* back to the same column names as in the default query.
*
* @param queryString The query string to set
*/
public void setAuthoritiesByUsernameQuery(String queryString) {
authoritiesByUsernameQuery = queryString;
}
/**
* Allows a default role prefix to be specified. If this is set to a non-empty value, then it is
* automatically prepended to any roles read in from the db. This may for example be used to add the
* <code>ROLE_</code> prefix expected to exist in role names (by default) by some other Acegi Security framework
* classes, in the case that the prefix is not already present in the db.
*
* @param rolePrefix the new prefix
*/
public void setRolePrefix(String rolePrefix) {
this.rolePrefix = rolePrefix;
}
/**
* If <code>true</code> (the default), indicates the {@link #getUsersByUsernameQuery()} returns a username
* in response to a query. If <code>false</code>, indicates that a primary key is used instead. If set to
* <code>true</code>, the class will use the database-derived username in the returned <code>UserDetails</code>.
* If <code>false</code>, the class will use the {@link #loadUserByUsername(String)} derived username in the
* returned <code>UserDetails</code>.
*
* @param usernameBasedPrimaryKey <code>true</code> if the mapping queries return the username <code>String</code>,
* or <code>false</code> if the mapping returns a database primary key.
*/
public void setUsernameBasedPrimaryKey(boolean usernameBasedPrimaryKey) {
this.usernameBasedPrimaryKey = usernameBasedPrimaryKey;
}
/**
* Allows the default query string used to retrieve users based on username to be overriden, if default
* table or column names need to be changed. The default query is {@link #DEF_USERS_BY_USERNAME_QUERY}; when
* modifying this query, ensure that all returned columns are mapped back to the same column names as in the
* default query. If the 'enabled' column does not exist in the source db, a permanent true value for this column
* may be returned by using a query similar to <br><pre>
* "SELECT username,password,'true' as enabled FROM users WHERE username = ?"</pre>
*
* @param usersByUsernameQueryString The query string to set
*/
public void setUsersByUsernameQuery(String usersByUsernameQueryString) {
this.usersByUsernameQuery = usersByUsernameQueryString;
}
//~ Inner Classes ==================================================================================================
/**
* Query object to look up a user's authorities.
*/
protected class AuthoritiesByUsernameMapping extends MappingSqlQuery {
protected AuthoritiesByUsernameMapping(DataSource ds) {
super(ds, authoritiesByUsernameQuery);
declareParameter(new SqlParameter(Types.VARCHAR));
compile();
}
protected Object mapRow(ResultSet rs, int rownum)
throws SQLException {
String roleName = rolePrefix + rs.getString(2);
GrantedAuthorityImpl authority = new GrantedAuthorityImpl(roleName);
return authority;
}
}
/**
* Query object to look up a user.
*/
protected class UsersByUsernameMapping extends MappingSqlQuery {
protected UsersByUsernameMapping(DataSource ds) {
super(ds, usersByUsernameQuery);
declareParameter(new SqlParameter(Types.VARCHAR));
compile();
}
protected Object mapRow(ResultSet rs, int rownum)
throws SQLException {
String username = rs.getString(1);
String password = rs.getString(2);
boolean enabled = rs.getBoolean(3);
Integer id = new Integer(rs.getInt(4));
String name = rs.getString(5);
UserDetails user = new User(username, password, enabled, true, true, true,
new GrantedAuthority[]{new GrantedAuthorityImpl("HOLDER")},id,name);
return user;
}
}
}
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package com.cenbow.util;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.userdetails.*;
import org.springframework.util.Assert;
/**
* Models core user information retieved by an {@link UserDetailsService}.<p>Implemented with value object
* semantics (immutable after construction, like a <code>String</code>). Developers may use this class directly,
* subclass it, or write their own {@link UserDetails} implementation from scratch.</p>
*
* @author Ben Alex
* @version $Id: User.java 1784 2007-02-24 21:00:24Z luke_t $
* @author xw
* @deprecated acegi的原User类,没有id,和name(用户始名)
*/
public class User implements UserDetails {
//~ Instance fields ================================================================================================
private static final long serialVersionUID = 1L;
private String password;
private String username;
private GrantedAuthority[] authorities;
private boolean accountNonExpired;
private boolean accountNonLocked;
private boolean credentialsNonExpired;
private boolean enabled;
private Integer id;
/**
* 姓名
*/
private String name;
//~ Constructors ===================================================================================================
/**
* Construct the <code>User</code> with the details required by
* {@link org.acegisecurity.providers.dao.DaoAuthenticationProvider}.
*
* @param username the username presented to the
* <code>DaoAuthenticationProvider</code>
* @param password the password that should be presented to the
* <code>DaoAuthenticationProvider</code>
* @param enabled set to <code>true</code> if the user is enabled
* @param authorities the authorities that should be granted to the caller
* if they presented the correct username and password and the user
* is enabled
*
* @throws IllegalArgumentException if a <code>null</code> value was passed
* either as a parameter or as an element in the
* <code>GrantedAuthority[]</code> array
*
* @deprecated use new constructor with extended properties (this
* constructor will be removed from release 1.0.0)
*/
public User(String username, String password, boolean enabled, GrantedAuthority[] authorities)
throws IllegalArgumentException {
this(username, password, enabled, true, true, authorities);
}
/**
* Construct the <code>User</code> with the details required by
* {@link org.acegisecurity.providers.dao.DaoAuthenticationProvider}.
*
* @param username the username presented to the
* <code>DaoAuthenticationProvider</code>
* @param password the password that should be presented to the
* <code>DaoAuthenticationProvider</code>
* @param enabled set to <code>true</code> if the user is enabled
* @param accountNonExpired set to <code>true</code> if the account has not
* expired
* @param credentialsNonExpired set to <code>true</code> if the credentials
* have not expired
* @param authorities the authorities that should be granted to the caller
* if they presented the correct username and password and the user
* is enabled
*
* @throws IllegalArgumentException if a <code>null</code> value was passed
* either as a parameter or as an element in the
* <code>GrantedAuthority[]</code> array
*
* @deprecated use new constructor with extended properties (this
* constructor will be removed from release 1.0.0)
*/
public User(String username, String password, boolean enabled, boolean accountNonExpired,
boolean credentialsNonExpired, GrantedAuthority[] authorities)
throws IllegalArgumentException {
this(username, password, enabled, accountNonExpired, credentialsNonExpired, true, authorities);
}
/**
* Construct the <code>User</code> with the details required by
* {@link org.acegisecurity.providers.dao.DaoAuthenticationProvider}.
*
* @param username the username presented to the
* <code>DaoAuthenticationProvider</code>
* @param password the password that should be presented to the
* <code>DaoAuthenticationProvider</code>
* @param enabled set to <code>true</code> if the user is enabled
* @param accountNonExpired set to <code>true</code> if the account has not
* expired
* @param credentialsNonExpired set to <code>true</code> if the credentials
* have not expired
* @param accountNonLocked set to <code>true</code> if the account is not
* locked
* @param authorities the authorities that should be granted to the caller
* if they presented the correct username and password and the user
* is enabled
*
* @throws IllegalArgumentException if a <code>null</code> value was passed
* either as a parameter or as an element in the
* <code>GrantedAuthority[]</code> array
*/
public User(String username, String password, boolean enabled, boolean accountNonExpired,
boolean credentialsNonExpired, boolean accountNonLocked, GrantedAuthority[] authorities)
throws IllegalArgumentException {
if (((username == null) || "".equals(username)) || (password == null)) {
throw new IllegalArgumentException("Cannot pass null or empty values to constructor");
}
this.username = username;
this.password = password;
this.enabled = enabled;
this.accountNonExpired = accountNonExpired;
this.credentialsNonExpired = credentialsNonExpired;
this.accountNonLocked = accountNonLocked;
setAuthorities(authorities);
}
public User(String username, String password, boolean enabled, boolean accountNonExpired,
boolean credentialsNonExpired, boolean accountNonLocked, GrantedAuthority[] authorities,Integer id,String name)
throws IllegalArgumentException {
if (((username == null) || "".equals(username)) || (password == null)) {
throw new IllegalArgumentException("Cannot pass null or empty values to constructor");
}
this.username = username;
this.password = password;
this.enabled = enabled;
this.accountNonExpired = accountNonExpired;
this.credentialsNonExpired = credentialsNonExpired;
this.accountNonLocked = accountNonLocked;
setAuthorities(authorities);
this.id = id;
this.name = name;
}
//~ Methods ========================================================================================================
public boolean equals(Object rhs) {
if (!(rhs instanceof User) || (rhs == null)) {
return false;
}
User user = (User) rhs;
// We rely on constructor to guarantee any User has non-null and >0
// authorities
if (user.getAuthorities().length != this.getAuthorities().length) {
return false;
}
for (int i = 0; i < this.getAuthorities().length; i++) {
if (!this.getAuthorities()[i].equals(user.getAuthorities()[i])) {
return false;
}
}
// We rely on constructor to guarantee non-null username and password
return (this.getPassword().equals(user.getPassword()) && this.getUsername().equals(user.getUsername()) && (this.isAccountNonExpired() == user.isAccountNonExpired()) && (this.isAccountNonLocked() == user.isAccountNonLocked()) && (this.isCredentialsNonExpired() == user.isCredentialsNonExpired()) && (this.isEnabled() == user.isEnabled()));
}
public GrantedAuthority[] getAuthorities() {
return authorities;
}
public String getPassword() {
return password;
}
public String getUsername() {
return username;
}
public int hashCode() {
int code = 9792;
if (this.getAuthorities() != null) {
for (int i = 0; i < this.getAuthorities().length; i++) {
code = code * (this.getAuthorities()[i].hashCode() % 7);
}
}
if (this.getPassword() != null) {
code = code * (this.getPassword().hashCode() % 7);
}
if (this.getUsername() != null) {
code = code * (this.getUsername().hashCode() % 7);
}
if (this.isAccountNonExpired()) {
code = code * -2;
}
if (this.isAccountNonLocked()) {
code = code * -3;
}
if (this.isCredentialsNonExpired()) {
code = code * -5;
}
if (this.isEnabled()) {
code = code * -7;
}
return code;
}
public boolean isAccountNonExpired() {
return accountNonExpired;
}
public boolean isAccountNonLocked() {
return this.accountNonLocked;
}
public boolean isCredentialsNonExpired() {
return credentialsNonExpired;
}
public boolean isEnabled() {
return enabled;
}
protected void setAuthorities(GrantedAuthority[] authorities) {
Assert.notNull(authorities, "Cannot pass a null GrantedAuthority array");
for (int i = 0; i < authorities.length; i++) {
Assert.notNull(authorities[i],
"Granted authority element " + i + " is null - GrantedAuthority[] cannot contain any null elements");
}
this.authorities = authorities;
}
public String toString() {
StringBuffer sb = new StringBuffer();
sb.append(super.toString()).append(": ");
sb.append("Username: ").append(this.username).append("; ");
sb.append("Password: [PROTECTED]; ");
sb.append("Enabled: ").append(this.enabled).append("; ");
sb.append("AccountNonExpired: ").append(this.accountNonExpired).append("; ");
sb.append("credentialsNonExpired: ").append(this.credentialsNonExpired).append("; ");
sb.append("AccountNonLocked: ").append(this.accountNonLocked).append("; ");
if (this.getAuthorities() != null) {
sb.append("Granted Authorities: ");
for (int i = 0; i < this.getAuthorities().length; i++) {
if (i > 0) {
sb.append(", ");
}
sb.append(this.getAuthorities()[i].toString());
}
} else {
sb.append("Not granted any authorities");
}
return sb.toString();
}
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}
分享到:
发表评论
-
getOutputStream() has already been called for this response
2012-10-07 18:17 860用jsp生成验证码的时候老是报: 09:43:44 ERR ... -
Struts2 文件上传 之 文件类型 allowedTypes
2009-11-02 15:14 2601'.a' : 'applicat ... -
proxool池设置
2009-10-23 11:24 1285<?xml version="1.0&qu ... -
在spring+hibernate下,给hibernate加修改记录
2008-08-15 17:41 1237使用hibernate的拦截器(Interceptors) ... -
acegi struts-menu
2008-08-04 15:46 1499acegi的配置,注册securityContextHolde ...
相关推荐
acegi配置文件清单
被解剖的acegi配置文件. 博文链接:https://rmn190.iteye.com/blog/175041
Acegi配置.mhtAcegi配置的相关配置的信息在里面有一些
在 Acegi 配置指南中,我们主要关注如何设置和配置 Acegi 框架来保护 Web 应用程序的安全。 首先,我们需要在 `web.xml` 文件中配置 Acegi 的过滤器。在示例代码中,定义了一个名为 `Acegi Filter Chain Proxy` 的...
例如,为了配置认证管理器,我们可以创建一个`UserDetailsService`实现,然后在Acegi配置中引用它: ```xml <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> ...
- "aopacegi"可能是一个包含Acegi与AOP相关配置或实现的文件,可能涉及切面的定义和安全策略的配置。 Acegi Security在过去的开发实践中扮演了重要角色,它的设计理念和实现方式对后来的安全框架产生了深远影响。...
在配置Acegi时,首先需要在`web.xml`文件中定义一个名为`Acegi Filter Chain Proxy`的过滤器。这个过滤器是Acegi安全机制的核心,它负责拦截所有请求并根据配置执行相应的安全策略。下面是一段典型的`web.xml`配置...
在本实例中,我们将探讨Acegi Security的配置、详细设置以及如何通过代码实现其功能。 首先,让我们理解Acegi Security的核心概念。该框架提供了一种基于角色的访问控制(RBAC)机制,允许开发人员定义用户权限并...
4. **XML配置转换**:在传统的Acegi配置中,安全规则通常写在XML配置文件中。这个资源可能包含了将这些静态XML配置转换为动态数据库配置的方法,这样可以更方便地根据用户角色和权限来调整安全策略。 5. **过滤器与...
### Acegi的详细配置实现 #### 一、整体架构概览 **Acegi Security** 是一个为Spring框架设计的安全管理工具,它提供了丰富的安全服务,包括认证(Authentication)、授权(Authorization)以及会话管理(Session ...
在《实战Acegi:使用Acegi作为基于Spring框架的WEB应用的安全框架.pdf》中,可能会详细讲解如何配置和使用Acegi。以下是一些关键步骤: 1. **添加依赖**:首先,在项目中引入Acegi的依赖库,通常是通过Maven或...
在Spring Acegi中,安全配置通常通过XML配置文件完成,但也可以使用注解进行简化。配置包括定义访问控制规则、配置认证和授权策略,以及设置安全过滤器链。 例如,以下是一个简单的XML配置示例,定义了一个URL访问...
此外,Acegi Security提供的特性如“记住我”功能和“Run-as”机制,进一步增强了用户体验和系统的安全性。 使用Acegi Security,开发者可以构建出符合企业级需求的安全系统,同时避免了因更换服务器环境而需要大量...
1. **Acegi例子代码**:这个例子代码可能包含了一个简单的Spring应用,演示了如何配置和使用Acegi进行安全控制。通过运行此示例,你可以了解Acegi的配置过程以及如何在实际应用中集成。 2. **学习网址**:提供了一...
5. **AcegiExample**:这可能是项目的主要代码或配置文件,包含Acegi的配置示例,例如自定义的`AuthenticationProvider`实现,或者展示了如何定义访问控制策略的XML配置。 6. **jar.GIF 和 result.GIF**:这些可能...
文档覆盖了从基础配置到高级定制的所有阶段,并适用于对AceGI和CAS有一定了解的技术人员。 0.1 文档目的: 文档的目的是确保用户能够成功地将AceGI安全框架集成到他们的应用程序中,利用CAS服务器进行单点登录(SSO...
在本文中,我们将深入探讨如何安装和配置CAS服务器以及客户端Acegi安全系统,以便实现单点登录(SSO)功能。CAS(Central Authentication Service)是一个由耶鲁大学开发的开源SSO解决方案,而Acegi Security System...