Spring Security Acegi ѧϰ֮·ËÄ (ת)
°²È«¶ÔÏó·ÃÎÊ¿ØÖÆ
?
?
ÄäÃûÓû§È¨ÏÞÐÅÏ¢
?
?
<bean id="filterChainProxy" value="anonymousUser"/> <!--ÄäÃûÓû§Óû§ÊôÐÔ --> <property name="userAttribute" value="ANONYMOUSUSER,PRIV_ANONYMOUS"/></bean><!--ÄäÃûÓû§ÈÏÖ¤ÌṩÕß --><bean id="anonymousAuthenticationProvider"value="anonymousUser"/></bean><bean id="authenticationManager"anonymousAuthenticationProvider" /> </list> </property></bean>??URL×ÊÔ´·ÃÎÊ¿ØÖÆ
<bean id="filterChainProxy" ref="authenticationManager"/><property name="asscessDecisionManager" ref=" asscessDecisionManager"/><property name="objectDefinitionSource"><value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /login.jsp=PRIV_ANONYMOUS,PRIV_COMMON /hello_1.jsp=PRIV_1 /updateForum.jsp=PRIV_1</value></property></bean><!--HTTPÇëÇó·ÃÎʾö²ß¹ÜÀíÆ÷--><bean id="asscessDecisionManager" value="true"/><!--ͶƱÕßÁбí-->< property name="decisionVoters"><list> <ref bean="roleVoter"/></list></property></bean><bean id="roleVoter" value="PRIV_"/></bean>?
?
1£®ÅжÏÓû§ÊÇ·ñÒѾͨ¹ýÉí·ÝÈÏÖ¤£¬Èç¹ûδͨ¹ýÉí·ÝÈÏÖ¤£¬µ÷ÓÃÉí·ÝÈÏÖ¤¹ÜÀíÆ÷½øÐд¦Àí£¬ÕâÒâζ×ÅÇëÇó½«Öض¨Ïòµ½µÇ¼ҳÃæ¡£
2£®Èç¹ûͨ¹ýÉí·ÝÈÏÖ¤£¬µ÷Ó÷ÃÎʾö²ß¹ÜÀíÆ÷ÅжÏÓû§ÊÇ·ñÓÐȨ·ÃÎÊÄ¿±êµÄURL×ÊÔ´¡£
3£®·ÃÎʾö²ß¹ÜÀíÆ÷½«×é֯ͶƱÕß½øÐÐͶƱ²¢¸ù¾ÝͶƱ½á¹û¸ø³öÊÇ·ñÓÐȨ·ÃÎʵĽá¹û¡£
4.Èç¹ûÎÞȨ·ÃÎÊ£¬½«ÕÐƸÒì³£·ñÔò¿ª·ÅÄ¿±êURL×ÊÔ´µÄ·ÃÎÊ¡£
?
?? ?ÎÒÃǶ¨ÒåµÄAccessDecisionManager Bean£¬Ëüͨ¹ý×é֯ͶƱÕ߶ÔÊÇ·ñÔÊÐí·ÃÎʽøÐÐͶƱ²¢µÃµ½×îÖյĽá¹û¡£ËùÓÐͶƱÕ߶¼ÊµÏÖAccessDecisionVoter½Ó¿Ú£¬¾ö²ß¹ÜÀíÆ÷ͶƱÕßµÄint vote(Authenticationauthentication, Object object, ConfigAttributeDefinition config)·½·¨»ñµÃͶƱ½á¹û¡£ÓÐÈý¸ö²»Í¬µÄͶƱ½á¹û£º
ACCESS_ABSTAIN:ÆúȨ
ACCESS_DENIED£º¾Ü¾ø
ACCESS_GRANTED£ºÔÊÐí
?
?? ?¸ù¾Ý²»Í¬¾ö²ß·½°¸£¬AcegiÔÚorg.acegisecurity.vote°üÖÐÌṩÁËÈý¸öAccessDecisionManagerµÄʵÏÖÀࣺ
AffirmativeBased:ÓÐͬÒâƱ²ßÂÔ
ConsensusBased:ÉÙÊý·þ´Ó¶àÊý²ßÂÔ
UnanimousBased£ºÎÞ·´¶ÔƱ²ßÂÔ
?
?
Ò쳣ת»»¹ýÂËÆ÷
?
?
?? ?Ò쳣ת»»¹ýÂËÆ÷£¨ExceptionTranslationFilter£©Äܹ»²¶×½AcegiÕÐƸµÄÅ׳öµÄȨÏÞ·ÃÎÊÒì³££¬²¢µ¼ÏòÊʺÏÏìÓ¦Ò³Ã棬´ó´óÌá¸ßÁËϵͳ½»»¥µÄÓѺÃÐÔ¡£
×¢Ò⣬exceptionTranslationFilter±ØÐëλÓÚfilterSecurityIntercetor֮ǰ¡£
?
<bean id="filterChainProxy" value="/error.jsp"/></bean></property></bean><bean id="authenticationEntryPoint" value="/index.jsp"/></bean>?
?
ÒµÎñÀà·½·¨·ÃÎÊ¿ØÖÆ
?? ?AcegiΪҵÎñÀలȫ¶ÔÏóÌí¼Ó»·ÈÆÔöÇ¿µÄÇÐÃ棬ÔÚÒµÎñÀà·½·¨±»·ÃÎÊÇ°ºó¾Í¿ÉÒÔ½øÐÐÀ¹½Ø²¢ÊµÊ©·ÃÎÊ¿ØÖÆ£¬AcegiÌṩÁËÁ½ÖÖʵʩ»·ÈÆÔöÇ¿ÇÐÃæµÄ·½°¸,Spring AOPºÍAspectJ,ÕâÀïÎÒÃÇ¿´Ò»ÏÂSpring AOP ·½°¸:
<bean id="methodSecurityInterceptor" ref="authenticationManager"/><property name="asscessDecisionManager" ref=" asscessDecisionManager"/><property name="objectDefinitionSource"><value>com.ccd.service.BbtForum.updateForum=PRIV_2</value></property></bean><bean id="bbtForum" value="true"/><property name="target" ref="bbtForumTarget"/></bean><bean id="bbtForumTarget"style="line-height: 15.75pt;">?? AcegiÖ§³Öͨ¹ý×¢½âÌṩ¶ÔÏó¶¨ÒåÔ´µÄÎÞÊý¾ÝÐÅÏ¢
?
?? ?Acegiͨ¹ýMethodDefinitionAttributes ×Ô¶¯É¨ÃèSpringÈÝÆ÷ÖеÄBean£¬»ñȡע½â±íʾ¶ÔÏó¶¨ÒåÔªÊý¾ÝÐÅÏ¢
applicationContext-acegi-plugin.xml:»ùÓÚ×¢½âµÄ¶ÔÏó¶¨ÒåÔ´
?
<bean id="methodSecurityInterceptor" ref="authenticationManager"/><property name="asscessDecisionManager" ref=" asscessDecisionManager"/><property name="objectDefinitionSource" ref="objectDefinitionSource"/></bean><!--¸ù¾ÝBeanµÄ×¢½âÔªÊý¾Ý¶¨ÒåµÄ¶ÔÏó¶¨ÒåÔ´--><bean id="objectDefinitionSource" name="code"><bean name="code"><bean style="line-height: 15.75pt;">?
?
?
applicationContext-acegi-plugin.xml: ͨ¹ýÖ¸¶¨BeanÃû×Ö½øÐÐÅúÁ¿´úÀí
?
<bean style="line-height: 15.75pt;">PS£º±¾ÎÄÖ÷ÒªÕª×Ô¡¶¾«Í¨Spring 2.x ——ÆóÒµÓ¦Óÿª·¢Ïê½â¡·