Spring+SpringMVC+MyBatis+SpringSecurity+maven框架整合
来源:互联网 发布:软件用户手册 由谁来写 编辑:程序博客网 时间:2024/04/30 07:50
最近闲来无事把新学的spring-security安全框架和ssm整合了一下,ssm是目前开发特别热门的框架,开发流程简单易于搭建(可以使用逆向工程包自动生成实体类、dao、mapper),先看一下我的项目结构,如下图(文章末尾附有源码的下载路径)
----------------------------------------------------------------------------------------------------------------------------------------------
我先来贴一下我的pom.xml文件,这里请允许博主啰嗦一下下,通常新建的maven项目中pom.xml会报错,原因最有可能就是pom中的<build></build>在作怪。
来跟上
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>SSM_Template</groupId>
<artifactId>SSM_Template</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<name>SSM_Template</name>
<properties>
<!-- spring的版本 -->
<spring.version>4.2.6.RELEASE</spring.version>
<!-- spring权限管理组件security的版本 -->
<spring.security>4.1.3.RELEASE</spring.security>
<!-- mybatis版本号 -->
<mybatis.version>3.4.0</mybatis.version>
<!-- log4j日志文件管理包版本 -->
<logback.version>1.1.7</logback.version>
<slf4j.version>1.7.21</slf4j.version>
<!-- httpclient版本 -->
<httpclient.version>4.4</httpclient.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
<dependencies>
<!-- junit -->
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
<!-- 表示开发的时候引入,发布的时候不会加载此包 -->
<scope>test</scope>
</dependency>
<!-- logback日志 -->
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>${logback.version}</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>${logback.version}</version>
</dependency>
<!-- 数据库 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.38</version>
</dependency>
<!-- c3p0数据库连接池 -->
<dependency>
<groupId>com.mchange</groupId>
<artifactId>c3p0</artifactId>
<version>0.9.5-pre8</version>
</dependency>
<!-- spring核心包 -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-oxm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<!-- spring aop模块的jar -->
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.8.0</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.8.0</version>
</dependency>
<!-- 配置druid监控spring jdbc -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.0</version>
</dependency>
<!-- mybatis核心包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<!-- mybatis/spring包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>1.3.1</version>
</dependency>
<!-- JSON化对象 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.16</version>
</dependency>
<!-- 引入httpclient -->
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpcore</artifactId>
<version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpmime</artifactId>
<version>${httpclient.version}</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient-cache</artifactId>
<version>${httpclient.version}</version>
</dependency>
<!-- 推送jpush-server.jar -->
<dependency>
<groupId>cn.jpush.api</groupId>
<artifactId>jpush-client</artifactId>
<version>3.2.17</version>
</dependency>
<dependency>
<groupId>cn.jpush.api</groupId>
<artifactId>jiguang-common</artifactId>
<version>1.0.3</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-all</artifactId>
<version>4.1.6.Final</version>
<scope>compile</scope>
</dependency>
<!-- 支付宝所需jar -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>alipay-sdk-java</artifactId>
<version>20170421164501</version>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
<version>1.2</version>
</dependency>
<!-- xml格式解析 -->
<dependency>
<groupId>net.sf.kxml</groupId>
<artifactId>kxml2</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>xmlpull</groupId>
<artifactId>xmlpull</artifactId>
<version>1.1.3.1</version>
</dependency>
<!-- ocr识别图片文字 -->
<dependency>
<groupId>gogle.com</groupId>
<artifactId>ocr</artifactId>
<version>2.2</version>
</dependency>
<!-- Quartz定时任务 -->
<dependency>
<groupId>org.quartz-scheduler</groupId>
<artifactId>quartz</artifactId>
<version>2.2.1</version>
</dependency>
<!-- j2ee库 -->
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-api</artifactId>
<version>7.0</version>
<scope>provided</scope>
</dependency>
<!-- jstl标签库 -->
<dependency>
<groupId>org.glassfish.web</groupId>
<artifactId>javax.servlet.jsp.jstl</artifactId>
<version>1.2.2</version>
</dependency>
<!-- spring权限管理组件security -->
<!-- spring-security-web-4.1.0.RC2.jar -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>${spring.security}</version>
</dependency>
<!-- spring-security-taglibs-4.1.0.RC2.jar -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-taglibs</artifactId>
<version>${spring.security}</version>
</dependency>
<!-- spring-security-config-4.1.0.RC2.jar -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>${spring.security}</version>
</dependency>
<!-- spring-security-core-4.1.0.RC2.jar -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>${spring.security}</version>
</dependency>
<!--spring-ehcache 缓存相关包 -->
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
<version>2.8.5</version>
</dependency>
<dependency>
<groupId>com.googlecode.ehcache-spring-annotations</groupId>
<artifactId>ehcache-spring-annotations</artifactId>
<version>1.2.0</version>
</dependency>
<!-- 导入status2的标签库 -->
<dependency>
<groupId>org.apache.struts</groupId>
<artifactId>struts2-spring-plugin</artifactId>
<version>2.5.13</version>
</dependency>
</dependencies>
<build>
<plugins>
<!-- 项目和jre的一致性 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
<configuration>
<source>1.7</source>
<target>1.7</target>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
</plugins>
</build>
</project>
补充说明一下,支付宝jar需要导入maven的本地仓库才能配置,其他不需要的可以删掉
----------------------------------------------------------------------------------------------------------------------------------------------
接下来解释一下src/main/resource里的配置文件,jdbc.properties数据库链接配置文件,着玩样不多说,继续跟上
jdbc.driver=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/test_security?useUnicode=true&characterEncoding=utf8
jdbc.password=rootroot
jdbc.username=root
----------------------------------------------------------------------------------------------------------------------------------------------
logback.xml 日志管理配置文件,以前大家都在用log4j.xml,我个人感觉还是我这里的配置好一些。
需要学习更多可以到这里http://www.cnblogs.com/warking/p/5710303.html
----------------------------------------------------------------------------------------------------------------------------------------------
----------------------------------------------------------------------------------------------------------------------------------------------
mybatis-config.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<!-- 配置全局属性 -->
<settings>
<!-- 使用jdbc的getGeneratedKeys获取数据库自增主键值 -->
<setting name="useGeneratedKeys" value="true"/>
<!-- 使用列别名替换列名 默认:true -->
<setting name="useColumnLabel" value="true"/>
<!-- 开启驼峰命名转换:Table{create_time} -> Entity{createTime} -->
<setting name="mapUnderscoreToCamelCase" value="true"/>
</settings>
</configuration>
----------------------------------------------------------------------------------------------------------------------------------------------
重点在这里点在这里在这里这里里,先看个图片
这里其他的我就不多说了,主要说一下spring-security.xml吧,这就是ssm框架新加的成员(spring的安全框架),解释一下安全框架的概念,spring-security框架主要是拦截请求URL,并且根据当前用户的登录账号来判断该用户是否拥有访问某些链接或者说某些资源的权限,如果没有就会被拒绝访问,security在第一时间保护了您的资源安全,总之security扮演的角色就是为用户划分职责(就像一个剧组有导演,副导演,编剧,演员,策划,他们都有自己的事要做,不能乱来)
security的引入需要web.xml配置相应的过滤器
<!-- spring-security权限管理 -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
然后就是security的配置文件了
再跟上
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- 不需要权限的资源 -->
<http pattern="/login.jsp" security="none"></http>
<http pattern="/register.jsp" security="none"></http>
<http pattern="/register" security="none"></http>
<http pattern="/css/**" security="none"></http>
<http pattern="/js/**" security="none"></http>
<http auto-config="true" use-expressions="true" >
<!--
form-login属性详解
form-login是spring security命名空间配置登录相关信息的标签,它包含如下属性:
1. login-page 自定义登录页url,默认为/login
2. login-processing-url 登录请求拦截的url,也就是form表单提交时指定的action
3. default-target-url 默认登录成功后跳转的url
4. always-use-default-target 是否总是使用默认的登录成功后跳转url
5. authentication-failure-url 登录失败后跳转的url
6. username-parameter 用户名的请求字段 默认为userName
7. password-parameter 密码的请求字段 默认为password
8. authentication-success-handler-ref 指向一个AuthenticationSuccessHandler用于处理认证成功的请求,不能和default-target-url还有always-use-default-target同时使用
9. authentication-success-forward-url 用于authentication-failure-handler-ref
10. authentication-failure-handler-ref 指向一个AuthenticationFailureHandler用于处理失败的认证请求
11. authentication-failure-forward-url 用于authentication-failure-handler-ref
12. authentication-details-source-ref 指向一个AuthenticationDetailsSource,在认证过滤器中使用
-->
<form-login login-page="/login.jsp"
login-processing-url="/login"
default-target-url="/welcome"
authentication-failure-url="/login?error=error"
/>
<!-- 认证成功用自定义类myAuthenticationSuccessHandler处理 -->
<!--
logout 属性详解
logout-url LogoutFilter要读取的url,也就是指定spring security拦截的注销url
logout-success-url 用户退出后要被重定向的url
invalidate-session 默认为true,用户在退出后Http session失效
success-handler-ref 对一个LogoutSuccessHandler的引用,用来自定义退出成功后的操作
这里需要注意的一点是,spring security 3.x默认的注销拦截url为/j_spring_security_logout,而4.x则默认使用/logout
-->
<logout logout-url="/logout"
logout-success-url="/login.jsp"
invalidate-session="true"
delete-cookies="JSESSIONID"/>
<intercept-url pattern="/jsp/admin/**" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/** " access="hasRole('ROLE_USER')"/>
<csrf disabled="true" />
<!-- <remember-me token-validity-seconds="1"/> -->
</http>
<!-- 使用自定义类myUserDetailsService从数据库获取用户信息 -->
<authentication-manager>
<authentication-provider user-service-ref="myUserDetailsService">
<!-- 加密 -->
<password-encoder hash="md5">
<!-- 在md5的基础上使用盐值加密 -->
<salt-source user-property="username"/>
</password-encoder>
</authentication-provider>
</authentication-manager>
<context:component-scan base-package="org.ssm.springSecurity"></context:component-scan>
</beans:beans>
如果login-form中配置的是》8. authentication-success-handler-ref 指向一个AuthenticationSuccessHandler用于处理认证成功的请求,那么在myUserDetailsService验证用户成功后交由org.ssm.springSecurity.MyAuthenticationSuccessHandler.java的类处理登录成功后的操作。
文件里的注释已经足够说明一切
----------------------------------------------------------------------------------------------------------------------------------------------
实体类po,数据库底层接口类dao,mapper对应的da接口的sql语句,都由“逆向工程包工具”自动生成,
----------------------------------------------------------------------------------------------------------------------------------------------
项目演示
1.登录界面
2.点击注册到注册页面,注册一个账号
3.点击注册
4.输入密码******,点击登录
5.登录成功后这里可以看到有三个资源,和目前登录的账号,当点击admin.jsp时,显然啥也没有,这里并不是啥也没有只是看不到了,右边登录的账号是admin
6.访问user.jsp时如下
资源下载URL路径 http://download.csdn.net/download/qq_32148573/10033552
- Spring+SpringMVC+MyBatis+SpringSecurity+maven框架整合
- Spring+SpringMVC+MyBatis+Maven框架整合
- Spring+SpringMVC+MyBatis+Maven框架整合
- Spring+SpringMVC+MyBatis+Maven框架整合
- Spring+SpringMVC+MyBatis+Maven框架整合
- spring,springMVC,mybatis,maven框架整合
- SSM框架整合:SpringMVC + Spring + MyBatis+Maven
- SpringMvc+Spring+Mybatis+Maven整合
- spring springmvc mybatis maven整合
- Springmvc+spring+maven+Mybatis整合
- SpringMvc+Spring+Mybatis+Maven整合
- SpringMVC+Spring+Mybatis+Maven整合
- MAVEN整合Spring+SpringMVC+Mybatis
- SpringMvc+Spring+MyBatis+Maven整合
- spring+springmvc+mybatis+maven 整合
- Spring+SpringMVC+MyBatis+Maven整合
- maven SpringMVC,Spring,Mybatis整合
- maven+springmvc+spring+mybatis整合
- UVA 437 The Tower of Babylon
- [设计]抽象工厂模式
- 图片自动轮播+上拉加载下拉刷新+侧滑菜单+小圆点
- 大数据CDH之Oozie_10_03
- 基于ssm框架的java后台分页方法
- Spring+SpringMVC+MyBatis+SpringSecurity+maven框架整合
- request+response+session
- Unity简单的第一人称控制器编写
- SQL DISTINCT
- day74_oracle04_练习题(没答案待补全-闲的时候练练脑子)
- Java学习9 精通常用的Java类
- YTU.1724: 石子合并问题(W)
- 《Machine Learning》第五讲 神经网络
- Java语法基础知识