学习Acegi-认证(authentication)

ChinaItLab

佚名

2007-2-11

保存本文

推荐给好友

收藏本页

欢迎进入Java社区论坛，与200万技术人员互动交流 >>进入

      最近两星期在学习acegi，过程中感谢JavaEye，SpringSide和在网上提供acegi学习心得的网友们。
为了加深自己的认识,准备写下一些DEMO,希望可以给准备学习acegi的同学一些帮助。
      作为安全服务离不开认证和授权这两个主要组成部分。而这篇文章就是针对acegi的认证服务。
                                                                              学习Acegi-认证(authentication)
代码环境基于:
JDK1.5
acegi1.0.3
spring2.0

IDE基于:
Eclipse3.2+MyEclipse5.0.1

面向人员：
熟悉Eclipse＋MyEclipse开发但刚开始了解acegi的人员。如果你是高手请指出文章不足之处。

1.建立一个MyEclipse的WebProject，把下列jar文件拷贝到项目的WEB-INF/lib目录:
acegi-security-1.0.3.jar
spring2.0.jar
commons-codec-1.3.jar
费话说一句(占些字数):这是因为代码运行需要这些包的支持。

2.修改WEB-INF下的web.xml文件,内容如下:

<? xml version = " 1.0 " encoding = " UTF-8 " ?>
< web - app version = " 2.4 " xmlns = " http://java.sun.com/xml/ns/j2ee "
    xmlns:xsi = " http://www.w3.org/2001/XMLSchema-instance "
    xsi:schemaLocation = " http://java.sun.com/xml/ns/j2ee
    http: // java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">

     < display - name > acegi Example of liuyxit </ display - name >

     
     < context - param >
         < param - name > contextConfigLocation </ param - name >
         < param - value >
            classpath:spring / applicationContext.xml
         </ param - value >
     </ context - param >

     
     < filter >
         < filter - name > Acegi Filter Chain Proxy </ filter - name >
         < filter - class >
            org.acegisecurity.util.FilterToBeanProxy
         </ filter - class >
         < init - param >
             < param - name > targetClass </ param - name >
             < param - value >
                org.acegisecurity.util.FilterChainProxy
             </ param - value >
         </ init - param >
     </ filter >

     < filter - mapping >
         < filter - name > Acegi Filter Chain Proxy </ filter - name >
         < url - pattern > /* </url-pattern>
    </filter-mapping>

    
    <listener>
        <listener-class>
            org.springframework.web.context.ContextLoaderListener
        </listener-class>
    </listener>

</web-app>

其中FilterChainProxy实现了filter接口,它主要是实例化FilterChainProxy，并把所有动作交由FilterChainProxy处理。这样简化了web.xml的配置，并且充分利用了Spring IOC管理Bean的优势。

3.在src目录右键新建一个resource folder，在下面再建立acegi和spring目录
在spring目录中创建applicationContext.xml文件,内容:

<? xml version = " 1.0 " encoding = " UTF-8 " ?>
< beans xmlns = " http://www.springframework.org/schema/beans "
       xmlns:xsi = " http://www.w3.org/2001/XMLSchema-instance "
       xmlns:aop = " http://www.springframework.org/schema/aop "
       xmlns:tx = " http://www.springframework.org/schema/tx "
       xsi:schemaLocation = " http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
           http: // www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd
           http: // www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.0.xsd "
        default - autowire = " byName " default - lazy - init = " true " >

     
     < bean id = " filterChainProxy " class = " org.acegisecurity.util.FilterChainProxy " >
       < property name = " filterInvocationDefinitionSource " >
          < value >
            CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
            PATTERN_TYPE_APACHE_ANT
             /** =authenticationProcessingFilter,exceptionTranslationFilter
         </value>
      </property>
    </bean>
    

    
    <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter">
        <property name="authenticationManager" ref="authenticationManager"/>
        <property name="authenticationFailureUrl" value="/acegilogin.jsp?login_error=1"/>
        <property name="defaultTargetUrl" value="/userinfo.jsp"/>
        <property name="filterProcessesUrl" value="/j_acegi_security_check"/>
    </bean>

   
   <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
      <property name="providers">
         <list>
            <ref local="daoAuthenticationProvider"/>
            <ref local="rememberMeAuthenticationProvider"/>
         </list>
      </property>
   </bean>
    <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
        <property name="userDetailsService" ref="inMemoryDaoImpl"/>
    </bean>
    
     <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
        <property name="userMap">
            <value>
                liuyxit=123,ROLE_SUPERVISOR
                user1=user1,ROLE_USER
                user2=user2,disabled,ROLE_USER
            </value>
        </property>
    </bean>
    
    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint">
                <property name="loginFormUrl" value="/acegilogin.jsp"/>
                <property name="forceHttps" value="false"/>
            </bean>
        </property>
        <property name="accessDeniedHandler">
            <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
                <property name="errorPage" value="/accessDenied.jsp"/>
            </bean>
        </property>
    </bean>
</beans>

[1] [2] [3] [4] 下一页

【责编:Peng】