首页 > 代码库 > 初识Spring security-无Security的SpringMVC

初识Spring security-无Security的SpringMVC

百度百科定义: Spring Security是一个能够为基于Spring的企业应用系统提供声明式的安全访问控制解决方案的安全框架。它提供了一组可以在Spring应用上下文中配置的Bean,充分利用了Spring IoC,DI(控制反转Inversion of Control ,DI:Dependency Injection 依赖注入)和AOP(面向切面编程)功能,为应用系统提供声明式的安全访问控制功能,减少了为企业系统安全控制编写大量重复代码的工作。

开始第一个示例吧。
首先,新建一个基于Spring MVC的web项目
目录结构如图
技术分享
maven项目添加依赖包,主要包括Spring,SpringMVC和thymeleaf模板
<dependency>    <groupId>org.springframework</groupId>    <artifactId>spring-core</artifactId>    <version>4.2.1.RELEASE</version></dependency><dependency>     <groupId>org.springframework</groupId>     <artifactId>spring-web</artifactId>     <version>4.2.1.RELEASE</version></dependency><dependency>     <groupId>org.springframework</groupId>     <artifactId>spring-webmvc</artifactId>     <version>4.2.1.RELEASE</version></dependency><dependency>     <groupId>org.thymeleaf</groupId>     <artifactId>thymeleaf-spring4</artifactId>     <version>3.0.2.RELEASE</version> </dependency>
配置xml文件:
1、web.xml文件
<?xml version="1.0" encoding="UTF-8"?><web-app version="3.0"         xmlns="http://java.sun.com/xml/ns/javaee"         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee    http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">  <listener>    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>  </listener>  <!-- Spring MVC -->  <!-- springMVC的配置文件默认会去WEB-INF下寻找 servletName-servlet.xml 文件 -->  <servlet>    <servlet-name>mvc-dispatcher</servlet-name>    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>    <load-on-startup>1</load-on-startup>  </servlet>  <servlet-mapping>    <servlet-name>mvc-dispatcher</servlet-name>    <url-pattern>/</url-pattern>  </servlet-mapping>  <!-- Loads Spring Security config file -->  <context-param>    <param-name>contextConfigLocation</param-name>    <param-value>/WEB-INF/spring-security.xml</param-value>  </context-param></web-app>

采用spring的话,必须配置contextConfigLocation指定spring的配置文件

2、spring-security.xml文件

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd"></beans>

暂时为空配置

3、mvc-dispatcher-servlet.xml

 
<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xmlns:context="http://www.springframework.org/schema/context"       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">    <context:component-scan base-package="com.petter"/>    <!--<bean id="viewResolver" class="org.springframework.web.servlet.view.InternalResourceViewResolver">        <property name="prefix" value="http://www.mamicode.com/WEB-INF/pages/"/>        <property name="suffix" value="http://www.mamicode.com/.html"/>    </bean>-->    <bean id="templateResolver" class="org.thymeleaf.spring4.templateresolver.SpringResourceTemplateResolver">        <property name="prefix" value="/WEB-INF/pages/" />        <property name="suffix" value=".html"/>        <property name="templateMode" value="HTML"/>        <property name="cacheable" value="false"/>        <!-- 解决中文乱码 -->        <property name="characterEncoding" value="UTF-8"/>    </bean>    <bean id="templateEngine" class="org.thymeleaf.spring4.SpringTemplateEngine">        <property name="templateResolver" ref="templateResolver"/>    </bean>    <bean class="org.thymeleaf.spring4.view.ThymeleafViewResolver">        <property name="templateEngine" ref="templateEngine"/>        <!-- 解决中文乱码 -->        <property name="characterEncoding" value="UTF-8"/>    </bean></beans>

注意这里面的配置是SpringMVC和thymeleaf的整合配置

编写HelloController

package com.petter.web;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RequestMethod;import org.springframework.web.servlet.ModelAndView;/** * @author hongxf * @since 2017-03-03 13:48 */@Controllerpublic class HelloController {    @RequestMapping(value = "/welcome", method = RequestMethod.GET)    public ModelAndView welcomePage() {        ModelAndView model = new ModelAndView();        model.addObject("title", "Spring Security Hello World");        model.addObject("message", "This is welcome page !");        model.setViewName("hello");        return model;    }}

编写Hello.html

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml"      xmlns:th="http://www.thymeleaf.org"><head>    <meta charset="UTF-8" />    <title>hello</title></head><body>    <h1 th:text="|标题: ${title}|">Title : XXX</h1>    <h1 th:text="|信息: ${message}|">Message : XXX</h1></body></html>

运行应用:访问http://localhost:8080/welcome,结果如下

技术分享

 

初识Spring security-无Security的SpringMVC