Spring security2 安全配置
在Spring配置过程中,我遇到了创建Bean出错的问题,错误如下:
<b:authentication-provider> <b:password-encoder hash="md5"/> <b:jdbc-user-service data-source-ref="dataSource"/> </b:authentication-provider>
去掉后,一切正常。现将正确的配置贴出来,以备后用。
<?xml version="1.0" encoding="UTF-8"?><!-- - Application context containing authentication, channel - security and web URI beans. - - Only used by "filter" artifact. - - $Id: applicationContext-acegi-security.xml 1425 2006-04-28 06:43:50Z benalex $ --><beans xmlns="http://www.springframework.org/schema/beans" xmlns:b="http://www.springframework.org/schema/security" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd" default-autowire="byName"> <b:http auto-config="true" realm="Contacts Realm" access-denied-page="/accessDenied.jsp"> <b:intercept-url pattern="/" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <b:intercept-url pattern="/index.html" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <b:intercept-url pattern="/Login.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/> <b:intercept-url pattern="/image/**" filters="none"/> <b:intercept-url pattern="/common/**" filters="none"/> <b:intercept-url pattern="/scripts/**" filters="none"/> <b:intercept-url pattern="/welcome.jsp" filters="none"/> <b:intercept-url pattern="/js/**" filters="none"/> <b:intercept-url pattern="/j_spring_security_switch_user" access="ROLE_SUPERVISOR"/> <b:intercept-url pattern="/**" access="ROLE_USER"/> <b:form-login login-page="/Login.jsp"/> <b:logout logout-success-url="/Login.jsp"/> </b:http> <!-- b:authentication-provider> <b:password-encoder hash="md5"/> <b:jdbc-user-service data-source-ref="dataSource"/> </b:authentication-provider --> <bean id="authenticationProcessingFilter" ref="authenticationManager"></property> <property name="authenticationFailureUrl" value="/spring_security_login"/> <property name="defaultTargetUrl" value="/main.action" /> </bean> <bean id="authenticationManager" ref="userService"/> <property name="userCache" ref="userCache"/> </bean> <bean id="userCache" ref="userCacheBacked"/> </bean> <bean id="userCacheBacked" ref="cacheManager"/> <property name="cacheName" value="userCache"/> </bean> <bean id="cacheManager" value="classpath:ehcache-security.xml"/> </bean> <bean id="filterSecurityInterceptor" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="objectDefinitionSource" ref="databaseFilterInvocationDefinitionSource"/> </bean> <bean id="accessDecisionManager" value=""/></bean></list> </property> </bean> <bean id="databaseFilterInvocationDefinitionSource" ref="antUrlPathMatcher"/> <constructor-arg type="java.util.LinkedHashMap" ref="requestMap"/> </bean> <bean id="antUrlPathMatcher" init-method="init"> <property name="roleDB" ref="roleDAO"/> </bean> <!-- bean id="methodSeurityInterceptor" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="objectDefinitionSource" ref=""/> </bean--> <!-- Automatically receives AuthenticationEvent messages --> <bean id="loggerListener" autowire="byType"> <b:custom-filter position="SWITCH_USER_FILTER"/> <property name="targetUrl" value="/secure/index.htm"/> </bean></beans>