spring-servlet.xml配置
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> <mvc:annotation-driven></mvc:annotation-driven> <mvc:resources mapping="/static/**" location="/statics/"></mvc:resources> <mvc:resources mapping="/resources/**" location="/resources/"></mvc:resources> <!-- 配置视图解析器 --> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="prefix" value="/resources/jsp/"></property> <property name="suffix" value=".jsp"></property> </bean> <!-- 从请求和响应 读取/编写字符串 --> <bean id="stringHttpMessageConverter" class="org.springframework.http.converter.StringHttpMessageConverter"> <property name="supportedMediaTypes"> <list> <value>text/plain;charset=UTF-8</value> </list> </property> </bean> </beans>
spring-security.xml配置
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <security:http pattern="/statics/**" security="none"/> <security:http auto-config="true" use-expressions="true"> <security:intercept-url pattern="/login.do" access="isAnonymous()"/> <security:intercept-url pattern="/register.do" access="isAnonymous()"/> <security:intercept-url pattern="/registerusers.do" access="isAnonymous()"/> <security:intercept-url pattern="/useradd.do" access="isAnonymous()"/> <security:intercept-url pattern="/admins/**" access="hasRole(‘ROLE_ADMIN‘)"/> <security:intercept-url pattern="/**" access="hasRole(‘ROLE_USER‘)"/> <security:csrf disabled="false" token-repository-ref="cookieCsrfTokenRepository" /> <security:form-login login-page="/login.do" login-processing-url="/login" username-parameter="username" password-parameter="password" authentication-failure-url="/login.do?error=true" /> <security:logout invalidate-session="true" logout-url="/logout" logout-success-url="/login.do"/> <security:http-basic /> <security:remember-me data-source-ref="dataSource" key="youkey" remember-me-parameter="remember-me"/> <security:session-management> <security:concurrency-control /> </security:session-management> </security:http> <security:authentication-manager> <!--静态添加的用户登录信息--> <!--<security:authentication-provider> <security:user-service> <security:user name="admin" password="admin123" authorities="ROLE_USER,ROLE_ADMIN"/> <security:user name="user" password="user123" authorities="ROLE_USER"/> </security:user-service> </security:authentication-provider>--> <security:authentication-provider> <security:password-encoder ref="bCryptPasswordEncoder"/> <security:jdbc-user-service id="userDetailsService" data-source-ref="dataSource" users-by-username-query="SELECT username,password,enabled FROM users WHERE username=?" authorities-by-username-query="SELECT u.username as username,r.rolename as authority FROM users u join userrole ur on u.userid=ur.userid join roles r on r.roleid=ur.roleid WHERE u.username=?" /> </security:authentication-provider> </security:authentication-manager> <bean id="bCryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/> <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider"> <property name="hideUserNotFoundExceptions" value="false"/> <property name="userDetailsService" ref="userDetailsService"/> <property name="passwordEncoder" ref="bCryptPasswordEncoder"/> </bean> <bean id="cookieCsrfTokenRepository" class="org.springframework.security.web.csrf.CookieCsrfTokenRepository"> <property name="cookieHttpOnly" value="false"/> </bean> </beans>
时间: 2024-10-11 06:33:45