spring mvc 和spring security配置 spring-servlet.xml和spring-security.xml设置

spring-servlet.xml配置

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:mvc="http://www.springframework.org/schema/mvc"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <mvc:annotation-driven></mvc:annotation-driven>
    <mvc:resources mapping="/static/**" location="/statics/"></mvc:resources>
    <mvc:resources mapping="/resources/**" location="/resources/"></mvc:resources>
    <!-- 配置视图解析器 -->
    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="prefix" value="/resources/jsp/"></property>
        <property name="suffix" value=".jsp"></property>
    </bean>
    
    <!-- 从请求和响应 读取/编写字符串 -->
    <bean id="stringHttpMessageConverter" class="org.springframework.http.converter.StringHttpMessageConverter">
        <property name="supportedMediaTypes">
            <list>
                <value>text/plain;charset=UTF-8</value>
            </list>
        </property>
    </bean>
</beans>

spring-security.xml配置

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:security="http://www.springframework.org/schema/security"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

    <security:http pattern="/statics/**" security="none"/>
    <security:http  auto-config="true" use-expressions="true">
        <security:intercept-url pattern="/login.do" access="isAnonymous()"/>
        <security:intercept-url pattern="/register.do" access="isAnonymous()"/>
        <security:intercept-url pattern="/registerusers.do" access="isAnonymous()"/>
        <security:intercept-url pattern="/useradd.do" access="isAnonymous()"/>
        <security:intercept-url pattern="/admins/**" access="hasRole(‘ROLE_ADMIN‘)"/>
        <security:intercept-url pattern="/**" access="hasRole(‘ROLE_USER‘)"/>
        <security:csrf disabled="false" token-repository-ref="cookieCsrfTokenRepository" />
        <security:form-login login-page="/login.do" login-processing-url="/login"  username-parameter="username" password-parameter="password" authentication-failure-url="/login.do?error=true" />
        <security:logout invalidate-session="true" logout-url="/logout" logout-success-url="/login.do"/>
        <security:http-basic />
        <security:remember-me data-source-ref="dataSource" key="youkey" remember-me-parameter="remember-me"/>
        <security:session-management>
            <security:concurrency-control  />
        </security:session-management>
    </security:http>
    <security:authentication-manager>
        <!--静态添加的用户登录信息-->
        <!--<security:authentication-provider>
            <security:user-service>
                <security:user name="admin" password="admin123" authorities="ROLE_USER,ROLE_ADMIN"/>
                <security:user name="user" password="user123" authorities="ROLE_USER"/>
            </security:user-service>
        </security:authentication-provider>-->
        <security:authentication-provider>
            <security:password-encoder ref="bCryptPasswordEncoder"/>
            <security:jdbc-user-service id="userDetailsService" data-source-ref="dataSource"
                                        users-by-username-query="SELECT username,password,enabled FROM users WHERE username=?"
                                        authorities-by-username-query="SELECT u.username as username,r.rolename as authority FROM users u join userrole ur on u.userid=ur.userid join roles r on r.roleid=ur.roleid WHERE u.username=?"
            />
        </security:authentication-provider>
    </security:authentication-manager>

    <bean id="bCryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>
    <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
        <property name="hideUserNotFoundExceptions" value="false"/>
        <property name="userDetailsService" ref="userDetailsService"/>
        <property name="passwordEncoder" ref="bCryptPasswordEncoder"/>

    </bean>
    <bean id="cookieCsrfTokenRepository" class="org.springframework.security.web.csrf.CookieCsrfTokenRepository">
        <property name="cookieHttpOnly" value="false"/>
    </bean>

  
</beans>

时间： 2024-10-29 22:51:39

spring mvc 和spring security配置 spring-servlet.xml和spring-security.xml设置的相关文章

spring mvc+hibernate的基本配置

<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p&

[Spring MVC]学习笔记－－基础Servlet

Servlet是一个用Java编写的应用程序,在服务器上运行,处理请求的信息并将其发送到客户端. Servlet的客户端提出请求并获得该请求的响应. 对于所有的客户端请求,只需要创建Servlet的实例一次(这是和CGI(Common Gateway Interface)的重要区别,CGI是每个请求创建一个新实例),因此节省了大量的内存. Servlet在初始化后即驻留内存中,因此每次作出请求时无需加载. 下面通过一个例子来介绍如何编写一个简单的Servlet. 准备工作: 1. 下载并启动To

Spring MVC 使用tomcat中配置的数据源

Spring MVC 使用tomcat中配置的数据源配置tomcat数据源打开tomcat目录下的conf目录,编辑sever.xml目录.在<GlobalNamingResources>标签中添加数据源配置: <Resource name="jdbc/dbsourse" scope="Shareable" type="javax.sql.DataSource" factory="org.apache.tomcat

使用Spring Mvc 转发带着模板父页面之解决方法 decorators.xml

周末了,周一布置的任务还没完成,卡在了页面跳转上,接手了一个半截的项目要进行开发,之前没有人给培训,全靠自己爬代码,所以进度比较慢,而且加上之前没有用过 Spring Mvc 开发项目,所以有点吃力,不过接触了Spring Mvc近一个月的时间感觉开发速度确实比 SSH快不少,不用一个一个的Bean去配置,直接扫描就OK了,可就是这样还是有些地方容易搞上一天也没搞多少进度,这不,被我新写的一个 Controller 的转发搞晕了,我本来要实现一个列表的分页查询,哪里想到点下一页的时候,除了我要

Spring MVC环境搭建和配置

1. 创建Dynamic web project 2. 修改WEB-INF/web.xml,内容如下: <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-i

Spring MVC五大核心组件和配置

一,五大核心组件 1.DispatcherServlet 请求入口 2.HandlerMapping 请求派发,负责请求和控制器建立一一对应的关系 3.Controller 处理器 4.ModelAndView 封装模型信息和视图信息 5.ViewResolver 视图处理器,定位页面二,Spring MVC的编写步骤(访问WEB-INF下的.jsp) 1.建立项目,导入jar包(ioc mvc)并且拷贝Spring容器中对应的配置文件到src下,并且在WEB-INF下创建一个he

spring mvc 500错误Allocate exception for servlet AppService javax.naming.NamingException: Cannot create resource instance

头几天已经测试的完毕了,换了个目录出现这个问题严重: Allocate exception for servlet AppService javax.naming.NamingException: Cannot create resource instance at org.apache.naming.factory.FactoryBase.getObjectInstance(FactoryBase.java:96) at javax.naming.spi.NamingManager.getO

MAC OS X El CAPITAN 搭建SPRING MVC （1）- 目录、包名、创建web.xml

一. 下载STS(Spring Tool Suite) 官方地址:http://spring.io/tools/sts 下载spring tool suite for mac 最新版本.这个IDE是很不错的,其中spring插件已经配置好了.下载解压缩(一定要英文目录下),直接运行STS.app. 二.搭建spring mvc 结构目录 1.选择new - dynamic web project project name (键入项目名称同样必须英文) Dynamic web module ve

spring mvc 返回json的配置

转载自:http://my.oschina.net/haopeng/blog/324934 springMVC-servlet.xml 配置 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63

基于注解的Spring MVC整合Hibernate（所需jar包，spring和Hibernate整合配置，springMVC配置，重定向，批量删除）

1.导入jar watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvdG90b3R1enVvcXVhbg==/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/SouthEast"> 2.web.xml配置 <?xml version="1.0" encoding="UTF-8"?> <web-app version