在原有的springMVC基础上集成spring security
2023-09-11 14:19:38 时间
spring mvc的spring security配置步骤
1.引入相关的jar包 pom.xml
<!-- Spring Security --> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-core</artifactId> <version>5.4.2</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <version>5.4.2</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> <version>5.4.2</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-taglibs</artifactId> <version>5.4.2</version> </dependency>
2.在web.xml配置 spring security的过滤器链
<!-- Spring security filter start --> <!-- Spring Security过滤器链,注意过滤器名称必须是springSecurityFilterChain --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- Spring security filter end -->
3.在applicationContext.xml里面进行相关的配置
<!-- 10. Spring security认证权限配置--> <!-- ======== Spring security start ======== --> <import resource="classpath:applicationContext-security.xml"/> <!-- ====== Spring security end ======== -->
4.新建的文件为 applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context" xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:jms="http://www.springframework.org/schema/jms" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:mybatis-spring="http://mybatis.org/schema/mybatis-spring" xmlns:p="http://www.springframework.org/schema/p" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:util="http://www.springframework.org/schema/util" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/context https://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc.xsd http://www.springframework.org/schema/jms https://www.springframework.org/schema/jms/spring-jms.xsd http://www.springframework.org/schema/mvc https://www.springframework.org/schema/mvc/spring-mvc.xsd http://mybatis.org/schema/mybatis-spring http://mybatis.org/schema/mybatis-spring.xsd http://www.springframework.org/schema/tx https://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <!-- 10. Spring security认证权限配置--> <!-- ================ Spring security start ================ --> <!-- 1).配置springSecurity --> <!-- auto-config="true" 表示自动加载springsecurity的配置文件 use-expressions="true" 表示使用spring的el表达式来配置springsecurity --> <security:http auto-config="true" use-expressions="true"> <!-- 2).拦截资源 --> <!-- pattern="/**" 表示拦截所有资源 access="hasAnyRole('ROLE_USER')" 表示只有ROLE_USER角色才能访问资源 --> <security:intercept-url pattern="/**" access="hasAnyRole('ROLE_USER')" /> </security:http> <!-- 3).模拟用户(测试,不用连接数据库),设置spring security认证用户信息的来源 --> <!-- springsecurity默认的认证必须加密,加上{noop}表示不加密认证 --> <security:authentication-manager> <security:authentication-provider> <security:user-service> <security:user name="user" password="{noop}user" authorities="ROLE_USER"/> <security:user name="admin" password="{noop}admin" authorities="ROLE_ADMIN"/> </security:user-service> </security:authentication-provider> </security:authentication-manager> <!-- ================ Spring security end ================ --> </beans>
相关文章
- spring + springMVC + spring Data + jpa + maven 项目框架搭建
- JavaWeb_(SpringMVC框架)测试SpringMVC&Spring&MyBatis三大整合
- SpringMVC基础-14-SpringMVC与Spring整合
- SpringMVC基础-04
- spring + springmvc + jdbc + quartz + maven整合
- springmvc: 普通list数据输出json
- Spring中使用RedisTemplate操作Redis(spring-data-redis)
- Spring Boot启动时数据库初始化spring.datasource(转)
- Spring Boot 2.x :通过 spring-boot-starter-hbase 集成 HBase
- servlet模拟SpringMVC
- Spring异常解决 java.lang.NullPointerException,配置spring管理hibernate时出错
- SpringMVC源码总结(五)Tomcat的URIEncoding、useBodyEncodingForURI和CharacterEncodingFilter
- Spring、SpringMVC和Springboot的区别(网摘)
- [Spring学习笔记 3 ] spring 注解详解,完全注解,常用注解
- springMVC返回json数据时date类型数据被转成long类型
- 为什么Spring Boot推荐使用logback-spring.xml来替代logback.xml来配置logback日志的问题分析
- 【SpringMVC笔记05】SpringMVC中的视图解析器
- Spring+SpringMVC+Mybatis(开发必备技能)04、mybatis自动生成mapper_dao_model(包含工具与视频讲解) 纯绿色版本、配套使用视频,100%运行成功
- 常用网络js链接大全(jQuery(3.4.1)、bootstrap、vue、ECharts、easyUI、React、maven、Mybatis、Spring、SpringMVC、Redis)
- 对比springmvc与struts2
- springmvc 之 SpringMVC视图解析器
- 学习SpringMVC——如何获取请求参数
- Spring+SpringMVC+Mybatis(开发必备技能)01、基础idea环境配置
- Spring+SpringMVC+Mybatis(开发必备技能)03、swagger(api接口开发必备,view视图略过)
- 【Spring源码学习】spring IOC容器管理
- Java面试——SpringMVC系列总结