由于目前Spring官方只提供Meven的下载方式,为了能以最快的速度入门使用框架,这里提供百度网盘下载链接。
注:本入门教程默认已经配置成功SpringMVC框架。
1、web.xml配置
<!-- 加载Spring的配置文件 --> <context-param> <param-name>contextConfigLocation</param-name> <param-value> classpath:applicationContext.xml, classpath:spring-security.xml </param-value> </context-param> <!-- SpringSecurity 核心过滤器配置 --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
2、spring-security.xml命名空间配置
官方提供了两种配置方案
第一种、命名空间用beans开头,但是在配置中一直需要用<security:*>来配置,本教程将采用这种配置。
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> ... </beans>
第二种、命名空间用security开头,在配置中不需要security前缀,但是bean的配置需要用<beans:bean>配置。
<beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> ... </beans:beans>
3、spring-security.xml详细配置
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd"> <!-- 不过滤登录页面 --> <security:http pattern="/login.htm" security="none" /> <security:http pattern="/login.jsp" security="none" /> <!-- 配置SpringSecurity的http安全服务 --> <security:http auto-config="true"> <!-- 只有ROLE_ADMIN权限用户才能访问/admin/**页面 --> <security:intercept-url pattern="/admin/**" access="ROLE_ADMIN" /> <!-- 只有ROLE_ADMIN或ROLE_USER权限用户才能访问所有页面 --> <security:intercept-url pattern="/**" access="ROLE_ADMIN,ROLE_USER" /> </security:http> <!-- 认证管理器,配置SpringSecutiry的权限信息 --> <security:authentication-manager> <security:authentication-provider> <!-- 帐户信息,指定用户名、密码和权限 --> <security:user-service> <security:user name="admin" password="admin" authorities="ROLE_ADMIN,ROLE_USER" /> </security:user-service> </security:authentication-provider> </security:authentication-manager> </beans>
4、环境测试
发布项目,当出现如下界面,输入用户名admin和密码admin,若成功进入首页,则环境搭建成功。
时间: 2024-10-13 11:45:32