javascript
Spring+Spring Security+JSTL实现的表单登陆的例子
2019獨角獸企業重金招聘Python工程師標準>>>
Spring Security允許開發人員輕松地將安全功能集成到J2EE Web應用程序中,它通過Servlet過濾器實現“用戶自定義”安全檢查。
在本教程中,我們將向您展示如何在Spring MVC中集成Spring Security 3.0并安全訪問。在集成成功后,當我們查看頁面的內容時用戶需要先輸入正確的“用戶名”和“密碼”。
本教程的開發環境為:
1.Spring 3.0.5.RELEASE
2.Spring Security 3.0.5.RELEASE
3.Eclipse 3.6
4.JDK 1.6
5.Maven 3
注意:Spring Security 3.0 至少需要java 5.0或更高的運行環境。
1.目錄結構
本教程的最終目錄如下所示:
2.Spring Security依賴關系
為了正常運行?Spring security 3.0, 你需要加入 “spring-security-core.jar“, “spring-security-web.jar” and “spring-security-config.jar“. 在Maven庫中你需要加入Spring配置庫
pom.xml
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 | <properties> <spring.version>3.0.5.RELEASE</spring.version> </properties> <dependencies> <!--?Spring?3?--> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-core</artifactId> <version>${spring.version}</version> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-web</artifactId> <version>${spring.version}</version> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-webmvc</artifactId> <version>${spring.version}</version> </dependency> <!--?Spring?Security?--> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-core</artifactId> <version>${spring.version}</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <version>${spring.version}</version> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> <version>${spring.version}</version> </dependency> </dependencies> </project> |
3.Spring MVC Web應用程序
本教程是一個簡單的Spring MVC 應用程序,即訪問“/welcome”跳轉到“hello.jsp”頁面,稍后用Spring Security安全訪問這個鏈接。
HelloController.java
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | package?com.mkyong.common.controller; import?org.springframework.stereotype.Controller; import?org.springframework.ui.ModelMap; import?org.springframework.web.bind.annotation.RequestMapping; import?org.springframework.web.bind.annotation.RequestMethod; @Controller @RequestMapping("/welcome") public?class?HelloController?{ @RequestMapping(method?=?RequestMethod.GET) public?String?printWelcome(ModelMap?model)?{ model.addAttribute("message",?"Spring?Security?Hello?World"); return?"hello"; } } |
hello.jsp
| 1 2 3 4 5 | <html> <body> <h1>Message?:?${message}</h1> </body> </html> |
mvc-dispatcher-servlet.xml
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | <beans?xmlns=" http://www.springframework.org/schema/beans" xmlns:context=" http://www.springframework.org/schema/context" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans????? http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context? http://www.springframework.org/schema/context/spring-context-3.0.xsd"> <context:component-scan?base-package="com.mkyong.common.controller"?/> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property?name="prefix"> <value>/WEB-INF/pages/</value> </property> <property?name="suffix"> <value>.jsp</value> </property> </bean> </beans> |
4.Spring Secuity:用戶驗證
創建一個單獨的Spring配置文件去定義Spring Security相關的東西。它要實現的是:只有用戶輸入了正確的用戶名“mkyong”和密碼“123456”才可以訪問“/welcome” 。
下面的Spring配置文件你應該明白是什么意思。
spring-security.xml:
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | <beans:beans?xmlns=" http://www.springframework.org/schema/security" xmlns:beans=" http://www.springframework.org/schema/beans"? xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.3.xsd"> <http?auto-config="true"> <intercept-url?pattern="/welcome*"?access="ROLE_USER"?/> </http> <authentication-manager> <authentication-provider> <user-service> <user?name="mkyong"?password="123456"?authorities="ROLE_USER"?/> </user-service> </authentication-provider> </authentication-manager> </beans:beans> |
5.整合Spring Security
想要在Web應用程序中整合Spring Security,只需加入“DelegatingFilterProxy”作為Servlet過濾器攔截到來的請求即可。
web.xml
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | <web-app?id="WebApp_ID"?version="2.4" xmlns=" http://java.sun.com/xml/ns/j2ee"? xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation=" http://java.sun.com/xml/ns/j2ee? http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <display-name>Spring?MVC?Application</display-name> <!--?Spring?MVC?--> <servlet> <servlet-name>mvc-dispatcher</servlet-name> <servlet-class> org.springframework.web.servlet.DispatcherServlet </servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>mvc-dispatcher</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener> <context-param> <param-name>contextConfigLocation</param-name> <param-value> /WEB-INF/mvc-dispatcher-servlet.xml, /WEB-INF/spring-security.xml </param-value> </context-param> <!--?Spring?Security?--> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class> org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app> |
6.Demo
就是以上這些配置了,登陸頁面在哪兒呢?不要著急,如果你不知道怎么創建登陸頁面,我們將會創建一個簡單的登陸頁面去驗證。
(登陸驗證頁面請訪問:Spring Security實現的表單登陸的例子)
當我們訪問“http://localhost:8080/SpringMVC/welcome”時,Spring?Security?將會自動攔截到“http://localhost:8080/SpringMVC/spring_security_login”登陸頁面驗證身份。
http://localhost:8080/SpringMVC/spring_security_login頁面如下所示:
如果輸錯了用戶名和密碼則頁面會顯示錯誤的消息,如下所示:
http://localhost:8080/SpringMVC/spring_security_login?login_error
如果我們輸對了用戶名和密碼,Spring Security則會跳轉到歡迎頁面,如下所示:
http://localhost:8080/SpringMVC/welcome
本文為原創文章,轉載請注明鏈接地址,首發于http://www.it161.com/article/javaDetail?articleid=140107232125,
更多IT文章,請訪問http://www.it161.com/
轉載于:https://my.oschina.net/dianfusoft/blog/192186
總結
以上是生活随笔為你收集整理的Spring+Spring Security+JSTL实现的表单登陆的例子的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: python实现微信自动发信息软件_py
- 下一篇: 维控触摸屏编程手册_维控触摸屏AB PL