spring security 3 简单例子(自定义权限)
来源:互联网 发布:淘宝汽车装饰安装联盟 编辑:程序博客网 时间:2024/05/01 11:29
web.xml
<?xml version="1.0" encoding="UTF-8"?><web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns="http://java.sun.com/xml/ns/javaee"xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"id="WebApp_ID" version="3.0"><display-name>spring3</display-name><context-param><param-name>contextConfigLocation</param-name><param-value>classpath:applicationContext-*.xml</param-value></context-param><listener><listener-class>org.springframework.web.context.ContextLoaderListener</listener-class></listener><filter><filter-name>springSecurityFilterChain</filter-name><filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class></filter><filter-mapping><filter-name>springSecurityFilterChain</filter-name><url-pattern>/jd/*</url-pattern></filter-mapping> <servlet><servlet-name>market</servlet-name><servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class><load-on-startup>1</load-on-startup></servlet><servlet-mapping><servlet-name>market</servlet-name><url-pattern>/jd/*</url-pattern></servlet-mapping></web-app>
market-servlet.xml
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"xmlns:context="http://www.springframework.org/schema/context"xmlns:mvc="http://www.springframework.org/schema/mvc"xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd"> <context:annotation-config /> <mvc:annotation-driven /> <context:component-scan base-package="cn.cloud.controller"></context:component-scan><bean id="viewResolver"class="org.springframework.web.servlet.view.InternalResourceViewResolver"><property name="viewClass"value="org.springframework.web.servlet.view.JstlView" /><property name="prefix" value="/page" /><property name="suffix" value="" /></bean></beans>
applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?><b:beans xmlns="http://www.springframework.org/schema/security"xmlns:b="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd"><http pattern="/jd/auth/*" security="none"></http><http access-denied-page="/jd/auth/denied" use-expressions="true"><form-login login-page="/jd/auth/login" default-target-url="/jd/bbs/show"login-processing-url="/jd/j_spring_security_check"authentication-failure-url="/jd/auth/login?msg=error" /><custom-filter before="FILTER_SECURITY_INTERCEPTOR" ref="filterInvocationInterceptor" /></http><b:bean id="cloudAccessDecisionManager" class="cn.cloud.service.auth.CloudAccessDecisionManager"></b:bean><b:bean id="securityMetadataSource" class="cn.cloud.service.auth.CloudSecurityMetadataSource" /><b:bean id="filterInvocationInterceptor" class="cn.cloud.service.auth.CloudSecurityFilter"><b:property name="authenticationManager" ref="authenticationManager" /><b:property name="accessDecisionManager" ref="cloudAccessDecisionManager" /><b:property name="securityMetadataSource" ref="securityMetadataSource" /></b:bean><b:bean id="cloudUserDetailsService" class="cn.cloud.service.auth.CloudUserDetailsService"></b:bean><authentication-manager alias="authenticationManager"><authentication-provider user-service-ref="cloudUserDetailsService"></authentication-provider></authentication-manager></b:beans>
DemoController.java
package cn.cloud.controller;import javax.servlet.http.HttpServletRequest;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.ResponseBody;@Controllerpublic class DemoController {@RequestMapping(value="/auth/login")public String login(HttpServletRequest request){return "/auth/login.jsp";}@RequestMapping(value="/auth/logout", produces="text/html;charset=UTF-8")@ResponseBody()public String logout(){return "<h1>this is auth.logout</h1>";}@RequestMapping(value="/auth/denied", produces="text/html;charset=UTF-8")@ResponseBody()public String denied(){return "<h1 style='color:red;'>no right</h1>";}@RequestMapping("/admin/list")@ResponseBody()public String index(HttpServletRequest request){request.getSession().setAttribute("user", "admin");return "<h1>this is admin.list</h1>";}@RequestMapping("/admin/access")@ResponseBody()public String access(HttpServletRequest request){String user = (String)request.getSession().getAttribute("user");return "<h1>this is admin.acccess<br />login user is "+user+"</h1>";}@RequestMapping("/hr/job")@ResponseBody()public String job(){return "<h1>this is hr.job</h1>";}@RequestMapping("/hr/employ")@ResponseBody()public String employ(){return "<h1>this is hr.employ</h1>";}@RequestMapping(value="/bbs/show", produces="text/html;charset=UTF-8")@ResponseBody()public String bbs(HttpServletRequest request){return "<h1>this is bbs.show</h1>";}@RequestMapping(value="/blog/show", produces="text/html;charset=UTF-8")@ResponseBody()public String blog(){return "<h1>this is list.blog</h1>";}}
CloudUserDetails.java
package cn.cloud.bean.auth;import java.util.ArrayList;import java.util.Collection;import java.util.HashMap;import java.util.Map;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.SimpleGrantedAuthority;import org.springframework.security.core.userdetails.UserDetails;public class CloudUserDetails implements UserDetails {private static final long serialVersionUID = 1L;private String username;public CloudUserDetails(String username){this.username = username;}public Collection<? extends GrantedAuthority> getAuthorities() {return UserRole.getRoles(username);}public String getPassword(){return username;}public String getUsername(){return username;}public boolean isAccountNonExpired() {return true;}public boolean isAccountNonLocked() {return true;}public boolean isCredentialsNonExpired() {return true;}public boolean isEnabled() {return true;}public boolean equals(Object obj){CloudUserDetails other = (CloudUserDetails)obj;return this.getUsername().equals(other.getUsername());}}class UserRole{private static Map<String, Collection<SimpleGrantedAuthority>> map = new HashMap<>();static{map.put("user", new ArrayList<SimpleGrantedAuthority>());map.put("hr", new ArrayList<SimpleGrantedAuthority>());map.put("boss", new ArrayList<SimpleGrantedAuthority>());map.get("user").add(new SimpleGrantedAuthority("ROLE_USER"));map.get("hr").add(new SimpleGrantedAuthority("ROLE_HR"));map.get("hr").add(new SimpleGrantedAuthority("ROLE_USER"));map.get("boss").add(new SimpleGrantedAuthority("ROLE_USER"));map.get("boss").add(new SimpleGrantedAuthority("ROLE_HR"));map.get("boss").add(new SimpleGrantedAuthority("ROLE_BOSS"));}private UserRole(){}public static Collection<SimpleGrantedAuthority> getRoles(String username){return map.get(username);}}
CloudUserDetails.java
package cn.cloud.bean.auth;import java.util.ArrayList;import java.util.Collection;import java.util.HashMap;import java.util.Map;import org.springframework.security.core.GrantedAuthority;import org.springframework.security.core.authority.SimpleGrantedAuthority;import org.springframework.security.core.userdetails.UserDetails;public class CloudUserDetails implements UserDetails {private static final long serialVersionUID = 1L;private String username;public CloudUserDetails(String username){this.username = username;}public Collection<? extends GrantedAuthority> getAuthorities() {return UserRole.getRoles(username);}public String getPassword(){return username;}public String getUsername(){return username;}public boolean isAccountNonExpired() {return true;}public boolean isAccountNonLocked() {return true;}public boolean isCredentialsNonExpired() {return true;}public boolean isEnabled() {return true;}public boolean equals(Object obj){CloudUserDetails other = (CloudUserDetails)obj;return this.getUsername().equals(other.getUsername());}}class UserRole{private static Map<String, Collection<SimpleGrantedAuthority>> map = new HashMap<>();static{map.put("user", new ArrayList<SimpleGrantedAuthority>());map.put("hr", new ArrayList<SimpleGrantedAuthority>());map.put("boss", new ArrayList<SimpleGrantedAuthority>());map.get("user").add(new SimpleGrantedAuthority("ROLE_USER"));map.get("hr").add(new SimpleGrantedAuthority("ROLE_HR"));map.get("hr").add(new SimpleGrantedAuthority("ROLE_USER"));map.get("boss").add(new SimpleGrantedAuthority("ROLE_USER"));map.get("boss").add(new SimpleGrantedAuthority("ROLE_HR"));map.get("boss").add(new SimpleGrantedAuthority("ROLE_BOSS"));}private UserRole(){}public static Collection<SimpleGrantedAuthority> getRoles(String username){return map.get(username);}}
CloudAccessDecisionManager.java
package cn.cloud.service.auth;import java.util.Collection;import org.springframework.security.access.AccessDecisionManager;import org.springframework.security.access.AccessDeniedException;import org.springframework.security.access.ConfigAttribute;import org.springframework.security.authentication.InsufficientAuthenticationException;import org.springframework.security.core.Authentication;import org.springframework.security.core.GrantedAuthority;public class CloudAccessDecisionManager implements AccessDecisionManager{public void decide(Authentication authentication, Object object,Collection<ConfigAttribute> configAttributes)throws AccessDeniedException, InsufficientAuthenticationException{Collection<? extends GrantedAuthority> auths = authentication.getAuthorities();for(ConfigAttribute role : configAttributes){for(GrantedAuthority sga : auths){if(role.getAttribute().equals(sga.getAuthority())){return;}}}throw new AccessDeniedException("Access Denied !");}public boolean supports(ConfigAttribute attribute){return true;}public boolean supports(Class<?> clazz) {return true;}}
CloudSecurityFilter.java
package cn.cloud.service.auth;import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import org.springframework.security.access.SecurityMetadataSource;import org.springframework.security.access.intercept.AbstractSecurityInterceptor;import org.springframework.security.access.intercept.InterceptorStatusToken;import org.springframework.security.web.FilterInvocation;public class CloudSecurityFilter extends AbstractSecurityInterceptor implements Filter{private SecurityMetadataSource securityMetadataSource;public void destroy() {}public void doFilter(ServletRequest req, ServletResponse resp,FilterChain chain) throws IOException, ServletException {FilterInvocation fi = new FilterInvocation(req, resp, chain); InterceptorStatusToken token = super.beforeInvocation(fi);try{ fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); } finally{ super.afterInvocation(token, null); } }public void init(FilterConfig chain) throws ServletException {}public Class<?> getSecureObjectClass() {return FilterInvocation.class; }public SecurityMetadataSource obtainSecurityMetadataSource(){return securityMetadataSource;}public SecurityMetadataSource getSecurityMetadataSource(){return securityMetadataSource;}public void setSecurityMetadataSource(SecurityMetadataSource securityMetadataSource){this.securityMetadataSource = securityMetadataSource;}}
CloudSecurityMetadataSource.java
package cn.cloud.service.auth;import java.util.ArrayList;import java.util.Collection;import java.util.HashMap;import java.util.Map;import java.util.regex.Matcher;import java.util.regex.Pattern;import org.springframework.security.access.ConfigAttribute;import org.springframework.security.access.SecurityMetadataSource;import org.springframework.security.web.FilterInvocation;public class CloudSecurityMetadataSource implements SecurityMetadataSource{public Collection<ConfigAttribute> getAttributes(Object object) throws IllegalArgumentException {if(object != null){FilterInvocation fi = (FilterInvocation)object;String url = fi.getRequestUrl();return UrlRole.getAttributes(url);}return null;}public Collection<ConfigAttribute> getAllConfigAttributes() {return null;}public boolean supports(Class<?> clazz){return true;}}class UrlRole{private static Map<String, Collection<ConfigAttribute>> map = new HashMap<>();static{map.put("/bbs/", new ArrayList<ConfigAttribute>());map.put("/blog/", new ArrayList<ConfigAttribute>());map.put("/hr/", new ArrayList<ConfigAttribute>());map.put("/admin/", new ArrayList<ConfigAttribute>());map.get("/bbs/").add(new Role("ROLE_USER"));map.get("/bbs/").add(new Role("ROLE_HR"));map.get("/bbs/").add(new Role("ROLE_BOSS"));map.get("/blog/").add(new Role("ROLE_USER"));map.get("/blog/").add(new Role("ROLE_HR"));map.get("/blog/").add(new Role("ROLE_BOSS"));map.get("/hr/").add(new Role("ROLE_HR"));map.get("/hr/").add(new Role("ROLE_BOSS"));map.get("/admin/").add(new Role("ROLE_BOSS"));}private UrlRole(){}private static String getRealUrl(String url){String regex = "/\\w+\\/";url = url.replace("/jd", "");Pattern p = Pattern.compile(regex);Matcher ma = p.matcher(url);if(ma.find()){return ma.group();}return url;}public static Collection<ConfigAttribute> getAttributes(String url){return map.get(getRealUrl(url));}}class Role implements ConfigAttribute{private static final long serialVersionUID = 1L;private String role;public Role(String role){this.role = role;}public String getAttribute() {return role;}public String toString(){return "[role="+role+"]";}}
CloudUserDetailsService.java
package cn.cloud.service.auth;import org.springframework.security.core.userdetails.UserDetails;import org.springframework.security.core.userdetails.UserDetailsService;import org.springframework.security.core.userdetails.UsernameNotFoundException;import cn.cloud.bean.auth.CloudUserDetails;public class CloudUserDetailsService implements UserDetailsService{public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException{return new CloudUserDetails(username);}}
7 0
- spring security 3 简单例子(自定义权限)
- spring security 3 简单例子
- 权限控制:spring 3.0 security配置例子
- 权限控制:spring 3.0 security配置例子
- spring security 3 中使用自定义数据库来设置权限
- spring security 3 中使用自定义数据库来设置权限
- spring security 3 中使用自定义数据库来设置权限
- spring security 自定义登录 权限 数据库
- 使用Spring Security实现权限管理小例子
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security) .
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security)
- Spring安全权限管理(Spring Security)
- android EditText输入框获得焦点时,边框变为深色
- 2014 UESTC Training for Graph Theory K
- db2数据库性能参数优化笔记整理
- 安卓学习之路之如何显示一个listview列表视图
- 2014 UESTC Training for Graph Theory L
- spring security 3 简单例子(自定义权限)
- ubuntu9.10网络配置
- poj3411Paid Roads
- 钩子DLL注入
- linux下svn命令大全
- Source Insight配置WinAVR的具体步骤
- win7安装.net framework 4.0失败
- atitit.无线网卡 不能搜索到WiFi 无线路由信号的解决不能上网
- 南阳 1058 部分和问题