spring security 入门案例
2020-12-13 14:19
标签:pen code cep inter html version 管理 man role 1. 创建工程 2. 添加依赖 3. 编写配置文件 4. 配置tomcat 5. 测试 spring security 入门案例 标签:pen code cep inter html version 管理 man role 原文地址:https://www.cnblogs.com/pomelo-lemon/p/11558683.htmlSpring Security 是一个能够为基于 Spring 的企业应用系统提供声明式的安全
访问控制解决方案的安全框架。它提供了一组可以在 Spring 应用上下文中配置
的 Bean,充分利用了 Spring IoC,DI(控制反转 Inversion of Control ,DI:Dependency
Injection 依赖注入)和 AOP(面向切面编程)功能,为应用系统提供声明式的安
全访问控制功能,减少了为企业系统安全控制编写大量重复代码的工作。
dependencies>
dependency>
groupId>org.springframeworkgroupId>
artifactId>spring-webmvcartifactId>
version>5.0.2.RELEASEversion>
dependency>
dependency>
groupId>org.springframework.securitygroupId>
artifactId>spring-security-webartifactId>
version>5.0.0.RELEASEversion>
dependency>
dependency>
groupId>org.springframework.securitygroupId>
artifactId>spring-security-configartifactId>
version>5.0.0.RELEASEversion>
dependency>
dependencies>
build>
plugins>
plugin>
groupId>org.apache.tomcat.mavengroupId>
artifactId>tomcat7-maven-pluginartifactId>
configuration>
path>/path>
port>8080port>
configuration>
plugin>
plugins>
build>
xml version="1.0" encoding="UTF-8"?>
beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
http pattern="/login.html" security="none"/>
http pattern="/login_error.html" security="none"/>
http use-expressions="false">
intercept-url pattern="/**" access="ROLE_USER"/>
form-login login-page="/login.html" default-target-url="/index.html" authentication-failure-forward-url="/login_error.html"/>
logout/>
csrf disabled="true"/>
http>
beans:bean id="passwordEncoder" class="org.springframework.security.crypto.password.NoOpPasswordEncoder"/>
authentication-manager>
authentication-provider>
password-encoder ref="passwordEncoder"/>
user-service>
user name="orange" password="123456" authorities="ROLE_USER"/>
user-service>
authentication-provider>
authentication-manager>
beans:beans>
xml version="1.0" encoding="UTF-8"?>
web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
listener>
listener-class>org.springframework.web.context.ContextLoaderListenerlistener-class>
listener>
context-param>
param-name>contextConfigLocationparam-name>
param-value>classpath:spring/spring-security.xmlparam-value>
context-param>
filter>
filter-name>springSecurityFilterChainfilter-name>
filter-class>org.springframework.web.filter.DelegatingFilterProxyfilter-class>
filter>
filter-mapping>
filter-name>springSecurityFilterChainfilter-name>
url-pattern>/*url-pattern>
filter-mapping>
web-app>
DOCTYPE html>
html lang="en">
head>
meta charset="UTF-8">
title>登录页面title>
head>
body>
form action="/login" method="post">
用户名:input type="text" name="username">br>
密码:input type="password" name="password">br>
input type="submit" name="submit" value="登录">
form>
body>
html>
DOCTYPE html>
html lang="en">
head>
meta charset="UTF-8">
title>spring securitytitle>
head>
body>
欢迎使用 Spring Security
a href="/logout">退出a>
body>
html>
DOCTYPE html>
html lang="en">
head>
meta charset="UTF-8">
title>登录失败title>
head>
body>
密码或用户名错误
body>
html>