1. 程式人生 > >Spring Security 安全認證簡單入門

Spring Security 安全認證簡單入門

廢話不說了,直接上程式碼   看註釋應該丟會吧  到時候改下使用者名稱  和密碼即可第一步:導包  pom.xml<!--安全認證  --><dependency><groupId>org.springframework.security</groupId><artifactId>spring-security-web</artifactId></dependency><dependency><groupId>org.springframework.security</groupId><artifactId>spring-security-config</artifactId>
</dependency>第二步:編寫安全認證的配置檔案  spring-security.xmlsecurity="none"  設定此資源不被攔截.  login-page:指定登入頁面。 authentication-failure-url:指定了身份驗證失敗時跳轉到的頁面。 default-target-url:指定了成功進行身份驗證和授權後預設呈現給使用者的頁面。csrf disabled="true"  關閉 csrf ,如果不加會出現錯誤<?xml version="1.0" encoding="UTF-8"?><!-- 在許可權認證之前訪問資源需要放行   這裡寫不需要攔截認證的頁面或者檔案 -->
<http pattern="/login.html" security="none"></http><http pattern="/error.html" security="none"></http><http pattern="/css/**" security="none"></http><http pattern="/js/**" security="none"></http><http pattern="/img/**" security="none"></http><http pattern
="/plugins/**" security="none"></http><!-- http安全控制規則 --><http><intercept-url pattern="/**" access="hasRole('ROLE_USER')"/><!-- 表單認證  login-page :登入介面  default-target-url :登入成功後跳轉的地方       authentication-failure-url :登入錯誤跳轉的地方  --><form-login login-page="/login.html" default-target-url="/admin/index.html"always-use-default-target="true" authentication-failure-url="/error.html"       <!-- 登入方法路徑 -->login-processing-url="/login"/><!-- 遮蔽跨域 --><csrf disabled="true"/><!-- 配置ifram訪問 --><headers><frame-options policy="SAMEORIGIN"/></headers><!-- 推出登入配置 --><!-- logout: spring security 安全框架自動生成退出地址:/logout --><logout logout-success-url="/login.html"/></http><!-- 配置認證管理器 --><authentication-manager><authentication-provider><user-service>                     <!-- name:使用者名稱   password:密碼     --><user name="admin" password="admin" authorities="ROLE_USER"/></user-service></authentication-provider></authentication-manager></bean:beans>第三步:載入配置檔案  web.xml<?xml version="1.0" encoding="UTF-8"?>version="2.5"><welcome-file-list><welcome-file>login.html</welcome-file></welcome-file-list><!-- 解決post亂碼 --><filter><filter-name>CharacterEncodingFilter</filter-name><filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class><init-param><param-name>encoding</param-name><param-value>utf-8</param-value></init-param><init-param><param-name>forceEncoding</param-name><param-value>true</param-value></init-param></filter><filter-mapping><filter-name>CharacterEncodingFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><servlet><servlet-name>springmvc</servlet-name><servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class><!-- 指定載入的配置檔案 ,通過引數contextConfigLocation載入 --><init-param><param-name>contextConfigLocation</param-name><param-value>classpath:spring/*.xml</param-value> //這裡寫需要載入的配置檔名   我這裡載入的時spring檔案下的所有配置檔案</init-param><load-on-startup>1</load-on-startup></servlet><servlet-mapping><servlet-name>springmvc</servlet-name><url-pattern>/</url-pattern></servlet-mapping><!-- spring security 安全控制過濾器 --><!-- 使用過濾器攔截請求,對這些請求進行安全驗證 --><filter><filter-name>springSecurityFilterChain</filter-name><filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class></filter><filter-mapping><filter-name>springSecurityFilterChain</filter-name><url-pattern>/*</url-pattern></filter-mapping></web-app>第四步:登入頁面<div id="profile" class="tab-pane  active">                        <form class="sui-form"  id="loginform" action="/login" method="post">  //action=配置檔案的登入方法路徑                            <div class="input-prepend"><span class="add-on loginname"></span>                                <input id="prependedInput" type="text" name="username"  placeholder="郵箱/使用者名稱/手機號" class="span2 input-xfat">                            </div>                            <div class="input-prepend"><span class="add-on loginpwd"></span>                                <input id="prependedInput" type="password" name="password" placeholder="請輸入密碼" class="span2 input-xfat">                            </div>                            <div class="setting">                                 <div id="slider">                                    <div id="slider_bg"></div>                                    <span id="label">>></span> <span id="labelTip">拖動滑塊驗證</span>                                    </div>                            </div>                            <div class="logined">                                <a class="sui-btn btn-block btn-xlarge btn-danger" href="javascript:void(0)" onclick="document:loginform.submit();" target="_blank">登&nbsp;&nbsp;錄</a>                            </div>                        </form>                    </div>