spring mvc 和spring security配置 spring-servlet.xml和spring-security.xml设置

时间:2022-03-07 14:32:26

spring-servlet.xml配置

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

       xmlns:mvc="http://www.springframework.org/schema/mvc"

       xmlns:context="http://www.springframework.org/schema/context"

       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

    <mvc:annotation-driven></mvc:annotation-driven>

    <!--<mvc:annotation-driven conversion-service="formattingConversionService"></mvc:annotation-driven>-->

    <mvc:resources mapping="/static/**" location="/statics/"></mvc:resources>

    <mvc:resources mapping="/resources/**" location="/resources/"></mvc:resources>

    <context:component-scan base-package="com.lingdong.controller"></context:component-scan>

    <context:component-scan base-package="com.lingdong.thymeleaf"></context:component-scan>

    <!-- 配置视图解析器 -->

    <!--<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">

        <property name="prefix" value="/resources/jsp/"></property>

        <property name="suffix" value=".jsp"></property>

    </bean>-->

    <!--spring thymeleaf视图解析器-->

    <bean  id="springResourceTemplateResolver" class="org.thymeleaf.spring4.templateresolver.SpringResourceTemplateResolver">

        <property name="prefix" value="/resources/views/"/>

        <property name="suffix" value=".html"/>

        <property name="templateMode" value="HTML5" />

        <property name="cacheable" value="true" />

        <property name="characterEncoding" value="UTF-8"/>

    </bean>

    <!--<bean id="formattingConversionService" class="org.springframework.format.support.FormattingConversionServiceFactoryBean">

        <property name="formatters">

            <set>

                <bean class="com.lingdong.thymeleaf.DateFormatter"/>

            </set>

        </property>

    </bean>-->

    <bean id="springTemplateEngine" class="org.thymeleaf.spring4.SpringTemplateEngine">

        <property name="templateResolver" ref="springResourceTemplateResolver"/>

        <property name="enableSpringELCompiler" value="true"/>

    </bean>

    <!--<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">

        <property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>

        <property name="prefix" value="/resources/jsps/"/>

        <property name="suffix" value=".jsp"/>

        <property name="order" value="2"/>

        <property name="viewNames" value="*jsp"/>

    </bean>-->

    <bean class="org.thymeleaf.spring4.view.ThymeleafViewResolver">

        <property name="templateEngine" ref="springTemplateEngine"/>

        <property name="characterEncoding" value="UTF-8"/>

    </bean>

    <bean class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">

        <property name="defaultErrorView" value="exception"/>

        <property name="exceptionAttribute" value="ex"/>

        <property name="exceptionMappings">

            <props>

                <prop key="NumberFormatException">numberException</prop>

                <prop key="NullPointerException">runtimeException</prop>

                <prop key="RuntimeException">runtimeException</prop>

                <prop key="ClassCastException">runtimeException</prop>

            </props>

        </property>

    </bean>

    <!-- 从请求和响应 读取/编写字符串 -->

    <bean id="stringHttpMessageConverter" class="org.springframework.http.converter.StringHttpMessageConverter">

        <property name="supportedMediaTypes">

            <list>

                <value>text/plain;charset=UTF-8</value>

            </list>

        </property>

    </bean>

</beans>

spring-security.xml配置

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

       xmlns:security="http://www.springframework.org/schema/security"

       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

    <security:http pattern="/statics/**" security="none"/>

    <security:http  auto-config="true" use-expressions="true">

        <security:intercept-url pattern="/login.do" access="isAnonymous()"/>

        <security:intercept-url pattern="/register.do" access="isAnonymous()"/>

        <security:intercept-url pattern="/registerusers.do" access="isAnonymous()"/>

        <security:intercept-url pattern="/useradd.do" access="isAnonymous()"/>

        <security:intercept-url pattern="/admins/**" access="hasRole('ROLE_ADMIN')"/>

        <security:intercept-url pattern="/**" access="hasRole('ROLE_USER')"/>

        <security:csrf disabled="false" token-repository-ref="cookieCsrfTokenRepository" />

        <security:form-login login-page="/login.do" login-processing-url="/login"  username-parameter="username" password-parameter="password" authentication-failure-url="/login.do?error=true" />

        <security:logout invalidate-session="true" logout-url="/logout" logout-success-url="/login.do"/>

        <security:http-basic />

        <security:remember-me data-source-ref="dataSource" key="youkey" remember-me-parameter="remember-me"/>

        <security:session-management>

            <security:concurrency-control  />

        </security:session-management>

    </security:http>

    <security:authentication-manager>

        <!--静态添加的用户登录信息-->

        <!--<security:authentication-provider>

            <security:user-service>

                <security:user name="admin" password="admin123" authorities="ROLE_USER,ROLE_ADMIN"/>

                <security:user name="user" password="user123" authorities="ROLE_USER"/>

            </security:user-service>

        </security:authentication-provider>-->

        <security:authentication-provider>

            <security:password-encoder ref="bCryptPasswordEncoder"/>

            <security:jdbc-user-service id="userDetailsService" data-source-ref="dataSource"

                                        users-by-username-query="SELECT username,password,enabled FROM users WHERE username=?"

                                        authorities-by-username-query="SELECT u.username as username,r.rolename as authority FROM users u join userrole ur on u.userid=ur.userid join roles r on r.roleid=ur.roleid WHERE u.username=?"

            />

        </security:authentication-provider>

    </security:authentication-manager>

    <bean id="bCryptPasswordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"/>

    <bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">

        <property name="hideUserNotFoundExceptions" value="false"/>

        <property name="userDetailsService" ref="userDetailsService"/>

        <property name="passwordEncoder" ref="bCryptPasswordEncoder"/>

    </bean>

    <bean id="cookieCsrfTokenRepository" class="org.springframework.security.web.csrf.CookieCsrfTokenRepository">

        <property name="cookieHttpOnly" value="false"/>

    </bean>

</beans>

相关文章