ACEGI配置总结(1)
Acegi配置总结
1、 在web.xml中配置contextConfigLocation,并且配置acegi filter chain即过滤器链
例如:
<!—配置过滤器链--> <filter> <filter-name>Acegi Filter Chain Proxy</filter-name> <filter-class>org.acegisecurity.util.FilterToBeanProxy</filter-class> <init-param> <param-name>targetClass</param-name> <param-value>org.acegisecurity.util.FilterChainProxy</param-value> </init-param></filter> <!—配置过滤器链过滤范围--><filter-mapping> <filter-name>Acegi Filter Chain Proxy</filter-name> <url-pattern>/*</url-pattern></filter-mapping><!--将事物提交给web applicationContext--> <listener><listener-class>org.acegisecurity.ui.session.HttpSessionEventPublisher</listener-class> </listener>2、在applicationContext-acegi.xml中配置
1-配置过滤器链
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <!--配置过滤器链的内容及其执行顺序--> <property name="filterInvocationDefinitionSource"> <value><![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,logoutFilter,authenticationProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,switchUserProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor ]]></value> </property> </bean>另外,从某论坛上看到,如果配置文件中出现<>""等字符时除了可以用html符号外还可以用<![CDATA[ ]]> 来包含配置信息
2-
<!--最先要配置的过滤器,用于提供安全上下文实例--> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" />
3-
<!-- 登出过滤器 --> <bean id="logoutFilter" class="org.acegisecurity.ui.logout.LogoutFilter"> <constructor-arg value="/logoutSuccess.jsp" /> <constructor-arg> <list> <bean class="org.acegisecurity.ui.logout.SecurityContextLogoutHandler" /> </list> </constructor-arg> </bean>4-
<!-- 登陆验证过滤器 --> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <!-- 验证管理器 --> <property name="authenticationManager" ref="authenticationManager" /> <!-- 验证失败后跳转到的页面 --> <property name="authenticationFailureUrl" value="/login.jsp?login_error=1" /> <!--登陆成功时跳转到的页面--> <property name="defaultTargetUrl" value="/index.jsp"/> <property name="filterProcessesUrl" value="/j_acegi_security_check" /> </bean>
5-
<!--配置验证管理器--> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"><!--提供者属性--> <list><!--配置其依赖的DAO--> <ref local="daoAuthenticationProvider"/><!--基于数据库提供验证--> <ref local="PasswordDaoAuthenticationProvider"/><!--基于数据库提供验证,但让底层的数据源完成实际的身份验证。--> <ref local="anonymousAuthenticationProvider"/><!--匿名验证--> <ref local="rememberMeAuthenticationProvider"/><!--再次登陆时从缓存中验证--> </list> </property> </bean>
6-
<!--数据提供者--> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService"><ref local="jdbcDaoImpl"/></property> <property name="userCache"><ref local="userCache"/></property><!-- 用户缓存,可选 --> <property name="passwordEncoder"><ref local="passwordEncoder"/></property><!--密码加密,可选--> </bean>7
<!--配置用户缓存,可选--> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <ref local="cacheManager"/> </property> <property name="cacheName"> <value>userCache</value> </property> </bean> <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"><ref local="userCacheBackend"/></property> </bean>8-
<--密码加密,可选,共3种方式--> <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.PlaintextPasswordEncoder"/><!--不加密,默认--> <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/><!--MD5加密--> <bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.SHAPasswordEncoder"/><--SHA加密-->
9-
<!--配置jdbcDaoImpl--> <bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource"><ref bean="dataSource"/></property> </bean>10-配置DateSource
DateSource自己会配置吧~~那啥,我就不说了
本贴个人原创,如有不正确之处,请指正......
