spring-security环境搭建

spirng2.5

spring—security2.0

tomcat6.0

myeclispe6.5

开始安装一个文档用maven2.配置，老是下载jar包报错，估计pom.xml里面的东东我不会写，它写没有详细介绍。不得已还是用myeclispe吧，

1，建web工程

2.加入以下jar包

?spring.jar

?commons-loggin.jar

?spring-security-core-2.0.5.jar

?spring-security-taglibs-2.0.5.jar

3.web.xml内容：

<?xml version="1.0" encoding="UTF-8"?><web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"><context-param><param-name>contextConfigLocation</param-name>    <param-value>/WEB-INF/applicationContext*.xml,classpath:applicationContext*.xml </param-value> </context-param><listener><listener-class>org.springframework.web.context.ContextLoaderListener</listener-class></listener><filter><filter-name>springSecurityFilterChain</filter-name><filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class></filter><filter-mapping><filter-name>springSecurityFilterChain</filter-name>     <url-pattern>/*</url-pattern></filter-mapping>  <welcome-file-list>    <welcome-file>index.jsp</welcome-file>  </welcome-file-list>  <welcome-file-list>    <welcome-file>index.jsp</welcome-file>  </welcome-file-list></web-app>

这个

<filter-name>springSecurityFilterChain</filter-name>

不能随便起名奥，，只能叫这个名字，这个问题搞啦我一上午的时间，终于在茫茫的网页上搜到的。严重提醒大家。

applicationContext-security.xml

<?xml version="1.0" encoding="UTF-8"?><beans:beans xmlns="http://www.springframework.org/schema/security"xmlns:beans="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans-2.0.xsdhttp://www.springframework.org/schema/securityhttp://www.springframework.org/schema/security/spring-security-2.0.4.xsd"><http auto-config='true'><intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" /><intercept-url pattern="/**" access="ROLE_USER" /></http><authentication-provider><user-service><user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN"/><user name="user" password="user" authorities="ROLE_USER" /></user-service></authentication-provider></beans:beans>

?applicationContext.xml

<?xml version="1.0" encoding="UTF-8"?><beans:beans xmlns="http://www.springframework.org/schema/security"xmlns:beans="http://www.springframework.org/schema/beans"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://www.springframework.org/schema/beanshttp://www.springframework.org/schema/beans/spring-beans-2.0.xsdhttp://www.springframework.org/schema/securityhttp://www.springframework.org/schema/security/spring-security-2.0.4.xsd"></beans:beans>

?index.jsp

<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %><div>username : <sec:authentication property="name"/></div><hr><a href="admin.jsp">admin.jsp</a><a href="j_spring_security_logout">logout</a>

?

admin.jsp

helloword:admin.jsp

?部署后：

用user，admin，test（不存在的用户登录试试）

说明：登录页面是security自动生成的。