⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 acegi 的配置(2)-applicationcontext-acegi-security_xml - 懒散狂徒的专栏 - csdnblog.htm

📁 acegi+spring最新的分析
💻 HTM
📖 第 1 页 / 共 4 页
字号:
🔍
1234 
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/category/301693.aspx">心情驿站</A></LI></UL>
<H3 class=listtitle>相册</H3><!--category title-->
<UL class=list>
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/Gallery/309180.aspx">大学舍友</A>
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/Gallery/339746.aspx">家</A>
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/Gallery/309558.aspx">青海-塔尔寺</A>
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/Gallery/308364.aspx">象象-相册</A>
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/Gallery/313985.aspx">重庆-铜梁</A>
  <LI class=listitem><A 
  href="http://blog.csdn.net/anyoneking/Gallery/289832.aspx">重庆-武隆</A></LI></UL>
<H3 class=listtitle>BLOG类</H3>
<UL class=list>
  <LI class=listitem><A href="http://www.blogjava.net/max/category/16130.html" 
  target=_blank>Max On Java(struts2.0)</A>
  <LI class=listitem><A href="http://blog.chinaunix.net/u/22374/" 
  target=_blank>伏羲狂徒</A>
  <LI class=listitem><A href="http://www.smatrix.org/bbs/" 
  target=_self>安全矩阵论坛</A>
  <LI class=listitem><A 
  href="http://blog.csdn.net/hongbo781202/category/24820.aspx" 
  target=_blank>工作流</A>
  <LI class=listitem><A href="http://blog.csdn.net/daryl715" 
  target=_blank>我的世界我的梦</A>
  <LI class=listitem><A href="http://hexun.com/lvaiping/default.html" 
  target=_blank>象象的小窝</A></LI></UL>
<H3 class=listtitle>Web技术类</H3>
<UL class=list>
  <LI class=listitem><A href="http://blog.csdn.net/HuDon" 
  target=_self>ACEGI学习</A>
  <LI class=listitem><A href="http://www.chinaitlab.com/www/techspecial/struts/" 
  target=_blank>Struts</A>
  <LI class=listitem><A href="http://www.blogjava.net/max" 
  target=_blank>STRUTS2</A>
  <LI class=listitem><A href="http://tag.csdn.net/tag/struts2.xml" 
  target=_blank>struts2文档</A>
  <LI class=listitem><A 
  href="http://www.blogjava.net/rickhunter/articles/103481.html" 
  target=_self>struts-spring-hibernate</A>
  <LI class=listitem><A href="http://www.w3pop.com/tech/" 
  target=_blank>网络技术系统知识库</A>
  <LI class=listitem><A href="http://www.blogjava.net/calvin" 
  target=_self>花钱的年华(Spring)</A></LI></UL>
<H3 class=listtitle>工具书下载</H3>
<UL class=list>
  <LI class=listitem><A href="http://man.lupaworld.com/" 
  target=_blank>手册中心(linux和Java)</A></LI></UL>
<H3 class=listtitle>存档</H3>
<UL class=list>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/11.aspx">2007年11月(4)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/10.aspx">2007年10月(17)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/09.aspx">2007年09月(14)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/08.aspx">2007年08月(22)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/07.aspx">2007年07月(34)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/06.aspx">2007年06月(10)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/05.aspx">2007年05月(17)</A>
  <LI><A 
  href="http://blog.csdn.net/anyoneking/archive/2007/04.aspx">2007年04月(55)</A></LI></UL><SPAN 
id=Anthem_RecentComments_ltlComments__><SPAN id=RecentComments_ltlComments>
<H3 class=listtitle>最近评论</H3>
<UL class=list>
  <LI class=listitem>erway:<A title=点击查看《回复:dwr配置文件dwr.xml详解》 
  href="http://blog.csdn.net/anyoneking/archive/2007/10/31/1859749.aspx#739597">尊敬的老师:您好!<BR><BR>很荣幸能在CSDN上认识您,也非常高兴您对Groony感兴趣。<BR><BR>我是人民邮电出版社图灵公司的编辑杨福川,图灵公司最近引进了《Groovy 
  in 
  Action》一书,希望您能帮忙翻译。如果您对翻译此书感兴趣,敬请您收到留言后与我联系,谢谢。<BR><BR>我的联系方式如下:<BR><BR>E-mail:yangfc……</A>
  <LI class=listitem>efan101:<A title=点击查看《回复:DB2常用命令大全》 
  href="http://blog.csdn.net/anyoneking/archive/2007/08/03/1723860.aspx#727031">初学者最爱!顶一下</A>
  <LI class=listitem>efan101:<A title=点击查看《回复:db2字符串的有关函数和具体用法》 
  href="http://blog.csdn.net/anyoneking/archive/2007/08/02/1722934.aspx#727030">非常有用,顶!</A>
  <LI class=listitem>bibi:<A title=点击查看《回复:db2字符串的有关函数和具体用法》 
  href="http://blog.csdn.net/anyoneking/archive/2007/08/02/1722934.aspx#725189">CHARINDEX函数是DB2里的吗?</A>
  <LI class=listitem>figo:<A title=点击查看《回复:ACEGI标签及其扩展》 
  href="http://blog.csdn.net/anyoneking/archive/2007/08/21/1752951.aspx#722756">yue 
  lai yue fu zai</A></LI></UL></SPAN></SPAN><BR><BR></DIV>
<DIV id=main>
<DIV class=Tag>
<SCRIPT language=javascript 
src="Acegi 的配置(2)-applicationContext-acegi-security_xml - 懒散狂徒的专栏 - CSDNBlog.files/urltag.aspx"></SCRIPT>

<DIV style="CLEAR: both"></DIV></DIV><SPAN class=PreAndNext 
id=viewpost.ascx_PreviousAndNextEntriesUp>
<DIV align=center><A 
href="http://blog.csdn.net/anyoneking/archive/2007/08/17/1748509.aspx">上一篇:&nbsp;acegi安全系统标准配置指南草案</A>&nbsp;|&nbsp;<A 
href="http://blog.csdn.net/anyoneking/archive/2007/08/17/1748317.aspx">下一篇:&nbsp;Acegi 
的配置(1)-web.xml</A></DIV></SPAN><BR>
<SCRIPT>function StorePage(){d=document;t=d.selection?(d.selection.type!='None'?d.selection.createRange().text:''):(d.getSelection?d.getSelection():'');void(keyit=window.open('http://www.365key.com/storeit.aspx?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t),'keyit','scrollbars=no,width=475,height=575,left=75,top=20,status=no,resizable=yes'));keyit.focus();}</SCRIPT>

<DIV class=post>
<DIV class=postTitle>
<SCRIPT 
src="Acegi 的配置(2)-applicationContext-acegi-security_xml - 懒散狂徒的专栏 - CSDNBlog.files/vote.js"></SCRIPT>
<A href="http://blog.csdn.net/anyoneking/archive/2007/08/17/1748490.aspx"><IMG 
height=13 
src="Acegi 的配置(2)-applicationContext-acegi-security_xml - 懒散狂徒的专栏 - CSDNBlog.files/zhuan.gif" 
width=15 border=0>&nbsp;Acegi 
的配置(2)-applicationContext-acegi-security.xml</A>&nbsp;&nbsp;
<SCRIPT 
src="Acegi 的配置(2)-applicationContext-acegi-security_xml - 懒散狂徒的专栏 - CSDNBlog.files/count.htm"></SCRIPT>
 </DIV>
<DIV class=postText>
<H2>在applicationContext-acegi-security.xml中</H2>1.FILTER CHAIN
<P>  FilterChainProxy会按顺序来调用这些filter,使这些 filter能享用Spring ioc的功能, 
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON定义了url比较前先转为小写, 
PATTERN_TYPE_APACHE_ANT定义了使用Apache ant的匹配模式 </P><PRE>    &lt;bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="filterInvocationDefinitionSource"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;value&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; PATTERN_TYPE_APACHE_ANT<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,<BR>basicProcessingFilter,rememberMeProcessingFilter,anonymousProcessingFilter,<BR> exceptionTranslationFilter,filterInvocationInterceptor<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/value&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/bean&gt;</PRE>2.基础认证
<P>1) <STRONG>authenticationManager</STRONG><BR>  起到认 
证管理的作用,它将验证的功能委托给多个Provider,并通过遍历Providers, 
以保证获取不同来源的身份认证,若某个Provider能成功确认当前用户的身份,authenticate()方法会返回一个完整的包含用户授权信息的 
Authentication对象,否则会抛出一个AuthenticationException。<BR>Acegi提供了不同的AuthenticationProvider的实现,如:<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
DaoAuthenticationProvider 
从数据库中读取用户信息验证身份<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
AnonymousAuthenticationProvider 
匿名用户身份认证<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
RememberMeAuthenticationProvider 
已存cookie中的用户信息身份认证<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
AuthByAdapterProvider 使用容器的适配器验证身份<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
CasAuthenticationProvider 根据Yale中心认证服务验证身份, 
用于实现单点登陆<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
JaasAuthenticationProvider 
从JASS登陆配置中获取用户信息验证身份<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
RemoteAuthenticationProvider 
根据远程服务验证用户身份<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
RunAsImplAuthenticationProvider 
对身份已被管理器替换的用户进行验证<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
X509AuthenticationProvider 
从X509认证中获取用户信息验证身份<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
TestingAuthenticationProvider 单元测试时使用</P>
<P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 
每个认证者会对自己指定的证明信息进行认证,如DaoAuthenticationProvider仅对UsernamePasswordAuthenticationToken这个证明信息进行认证。</P><PRE>&lt;bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="providers"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;list&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;ref local="daoAuthenticationProvider"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;ref local="anonymousAuthenticationProvider"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;ref local="rememberMeAuthenticationProvider"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/list&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&lt;/bean&gt;</PRE>
<P><BR>2) <STRONG>daoAuthenticationProvider</STRONG><BR>  
 进行简单的基于数据库的身份验证。DaoAuthenticationProvider获取数据库中的账号密码并进行匹配,若成功则在通过用户身份的同 
时返回一个包含授权信息的Authentication对象,否则身份验证失败,抛出一个AuthenticatiionException。</P><PRE>&nbsp;&nbsp;&nbsp; &lt;bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="userDetailsService" ref="jdbcDaoImpl"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="userCache" ref="userCache"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="passwordEncoder" ref="passwordEncoder"/&gt;<BR>&nbsp;&nbsp; &lt;/bean&gt;</PRE>
<P><BR>3) <STRONG>passwordEncoder</STRONG> 
<BR>  使用加密器对用户输入的明文进行加密。Acegi提供了三种加密器:<BR>PlaintextPasswordEncoder—默认,不加密,返回明文.<BR>ShaPasswordEncoder—哈希算法(SHA)加密<BR>Md5PasswordEncoder—消息摘要(MD5)加密</P><PRE>&lt;bean id="passwordEncoder" class="org.acegisecurity.providers.encoding.Md5PasswordEncoder"/&gt;</PRE>
<P><BR>4) <STRONG>jdbcDaoImpl</STRONG> <BR>   用于在数据中获取用户信息。 
acegi提供了用户及授权的表结构,但是您也可以自己来实现。通过usersByUsernameQuery这个SQL得到你的(用户ID,密码,状态 
信息);通过authoritiesByUsernameQuery这个SQL得到你的(用户ID,授权信息)</P><PRE> &lt;bean id="jdbcDaoImpl" class="org.acegisecurity.userdetails.jdbc.JdbcDaoImpl"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="dataSource" ref="dataSource"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="usersByUsernameQuery"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;value&gt;select loginid,passwd,1 from users where loginid = ?&lt;/value&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="authoritiesByUsernameQuery"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;value&gt;select u.loginid,p.name from users u,roles r,permissions p,user_role ur,role_permis rp where u.id=ur.user_id and r.id=ur.role_id and p.id=rp.permis_id and<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; r.id=rp.role_id and p.status='1' and u.loginid=?&lt;/value&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&lt;/bean&gt;</PRE>
<P>5) <STRONG>userCache &amp;&nbsp; resourceCache</STRONG> 
<BR>  缓存用户和资源相对应的权限信息。每当请求一个受保护资源时,daoAuthenticationProvider就会被调用以获取用户授权信息。如果每次都从数据库获取的话,那代价很高,对于不常改变的用户和资源信息来说,最好是把相关授权信息缓存起来。(详见 
<A href="http://www.springside.org.cn/docs/reference/Acegi4.htm">2.6.3 
资源权限定义扩展</A> )<BR>userCache提供了两种实现: NullUserCache和EhCacheBasedUserCache, 
NullUserCache实际上就是不进行任何缓存,EhCacheBasedUserCache是使用Ehcache来实现缓功能。</P><PRE>&nbsp;&nbsp;&nbsp; &lt;bean id="userCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="cacheManager" ref="cacheManager"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="cacheName" value="userCache"/&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/bean&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache" autowire="byName"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="cache" ref="userCacheBackend"/&gt;<BR>  &nbsp;&nbsp;&nbsp; &lt;/bean&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;bean id="resourceCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="cacheManager" ref="cacheManager"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="cacheName" value="resourceCache"/&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/bean&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;bean id="resourceCache" class="org.springside.modules.security.service.acegi.cache.ResourceCache" autowire="byName"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="cache" ref="resourceCacheBackend"/&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/bean&gt;</PRE>
<P><BR>6) <STRONG>basicProcessingFilter</STRONG> <BR>  
 用于处理HTTP头的认证信息,如从Spring远程协议(如Hessian和Burlap)或普通的浏览器如IE,Navigator的HTTP头中 
获取用户信息,将他们转交给通过authenticationManager属性装配的认证管理器。如果认证成功,会将一个Authentication 
对象放到会话中,否则,如果认证失败,会将控制转交给认证入口点(通过authenticationEntryPoint属性装配)</P><PRE>&nbsp;&nbsp;&nbsp; &lt;bean id="basicProcessingFilter" class="org.acegisecurity.ui.basicauth.BasicProcessingFilter"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="authenticationManager" ref="authenticationManager"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="authenticationEntryPoint" ref="basicProcessingFilterEntryPoint"/&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/bean&gt;</PRE>
<P>7) <STRONG>basicProcessingFilterEntryPoint</STRONG> 
<BR>  通过向浏览器发送一个HTTP401(未授权)消息,提示用户登录。<BR>处理基于HTTP的授权过程, 
在当验证过程出现异常后的"去向",通常实现转向、在response里加入error信息等功能。</P><PRE> &lt;bean id="basicProcessingFilterEntryPoint" class="org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="realmName" value="SpringSide Realm"/&gt;<BR>&lt;/bean&gt;</PRE>
<P>8) <STRONG>authenticationProcessingFilterEntryPoint</STRONG> <BR>  
 当抛出AccessDeniedException时,将用户重定向到登录界面。属性loginFormUrl配置了一个登录表单的URL,当需要用户 
登录时,authenticationProcessingFilterEntryPoint会将用户重定向到该URL</P><PRE> &lt;bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="loginFormUrl"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;value&gt;/security/login.jsp&lt;/value&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="forceHttps" value="false"/&gt;<BR>&lt;/bean&gt;</PRE>
<H2>2.2.3 HTTP安全请求</H2>
<P>1) <STRONG>httpSessionContextIntegrationFilter</STRONG><BR>   每次request前 
HttpSessionContextIntegrationFilter从Session中获取Authentication对象,在request完 后, 
又把Authentication对象保存到Session中供下次request使用,此filter必须其他Acegi 
filter前使用,使之能跨越多个请求。</P><PRE>&lt;bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"&gt;&lt;/bean&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="allowIfAllAbstainDecisions" value="false"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="decisionVoters"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;list&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;ref bean="roleVoter"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/list&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&lt;/bean&gt;</PRE>
<P><BR>2) <STRONG>httpRequestAccessDecisionManager</STRONG><BR>  
 经过投票机制来决定是否可以访问某一资源(URL或方法)。allowIfAllAbstainDecisions为false时如果有一个或以上的 
decisionVoters投票通过,则授权通过。可选的决策机制有ConsensusBased和UnanimousBased</P><PRE>&nbsp;&nbsp;&nbsp; &lt;bean id="httpRequestAccessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="allowIfAllAbstainDecisions" value="false"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="decisionVoters"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;list&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;ref bean="roleVoter"/&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/list&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;/property&gt;<BR>&nbsp;&nbsp;&nbsp; &lt;/bean&gt;</PRE>
<P><BR>3) 
<STRONG>roleVoter</STRONG><BR>&nbsp;  必须是以rolePrefix设定的value开头的权限才能进行投票,如AUTH_ , 
ROLE_</P><PRE>&nbsp;&nbsp;&nbsp; &lt;bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"&gt;<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;property name="rolePrefix" value="AUTH_"/&gt;<BR>&nbsp;&nbsp; &lt;/bean&gt;</PRE>
1234

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -