spring security 2的配置
sprint securiy2 适合portal的配置:
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans" xmlns:sec="http://www.springframework.org/schema/security" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:context="http://www.springframework.org/schema/context" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsdhttp://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd"><bean id="springSecurityFilterChain" ref="portalUserDetailsService" /> <property name="key" value="ChemboSetThisKey" /> </bean> <bean id="rememberMeProcessingFilter" ref="rememberMeServices" /> <property name="authenticationManager" ref="authenticationManager" /> </bean> <bean id="rememberMeAuthenticationProvider" value="ChemboSetThisKey" /> </bean><!-- 清理上面个性化处理的cookie --><bean id="logoutFilter"value="/portal/signin/signin/logout.do" /><constructor-arg index="1"><list><ref bean="rememberMeServices"/><bean /></list></constructor-arg><property name="filterProcessesUrl" value="/mydoecurity_logout.do" /></bean><bean id="authenticationProcessingFilter" value="/portal/signin/signin/forward.do"></property> <property name="filterProcessesUrl" value="/mydo/security_login.do"></property> <property name="authenticationManager" ref="authenticationManager"></property> <property name="alwaysUseDefaultTargetUrl" value="true"></property> <property name="authenticationFailureUrl" value="/portal/signin/signin/signin.do?error=true"></property> <property name="rememberMeServices" ref="rememberMeServices" /> </bean><bean id="daoAuthenticationProvider"ref="portalUserDetailsService" /><property name="passwordEncoder" ref="passwordEncoder" /><property name="hideUserNotFoundExceptions" value="false" /></bean><bean id="exceptionTranslationFilter"value="/portal/signin/signin/signin.do" /><property name="forceHttps" value="false" /></bean></property><property name="accessDeniedHandler"><beanvalue="/portal/signin/signin/deny.do" /></bean></property></bean><bean id="passwordEncoder" /><bean id="authenticationManager" /> <ref local="rememberMeAuthenticationProvider" /> </list> </property> </bean> <bean id="accessDecisionManager" value="false"/> <property name="decisionVoters"> <list> <bean value="" /> </bean> <bean /> </list> </property> </bean><bean id="filterSecurityInterceptor" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="objectDefinitionSource"> <value> <![CDATA[ CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /mydo/accounetting/bvoaetting/*=ROLE_buyer /mydo/sourcievent/se/loadtail.do=ROLE_buyer /mydo//se/entsrceventlist.do=ROLE_buyer /mydo/accousetting/mvoasetting/*=ROLE_seller /mydo/product/**=ROLE_seller ]]> </value> </property> <property name="observeOncePerRequest" value="false" /> <sec:custom-filter after="LAST" /></bean><bean id="myFilte" /></bean></beans>