📄 第一個acegi 程式 - 表單網頁.htm
字号:
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<value></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON</SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
PATTERN_TYPE_APACHE_ANT</SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
/protected/**=ROLE_SUPERVISOR,ROLE_USER</SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</value></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</property></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</bean></SPAN><BR></DIV><BR>FilterSecurityInteceprot需要参考至验证管理员取得验证讯息,以对使用者进行验证,而是否授权则必须以投票的方式来决定,Acegi的解决方案有几种:<BR>
<OL>
<LI>如果有一个同意就通过
<LI>如果都同意就通过
<LI>如果都不反对就通过
</LI></OL><BR>例如若希望/protected/下可以被使用者(USER)或管理者(SUPERVISOR)存取,采第一个方案的话则使用AffirmativeBased实作,只要有一票通过,就允许存取:<BR>
<DIV style="MARGIN-LEFT: 40px"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<!-- 授权管理员 --></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<bean id="accessDecisionManager"
class="org.acegisecurity.vote.AffirmativeBased"></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<!-- 是否全部弃权时视为通过 --></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<property name="allowIfAllAbstainDecisions" value="false" /></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<property name="decisionVoters"></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<list></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<bean class="org.acegisecurity.vote.RoleVoter" /></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</list></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</property></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</bean>
</SPAN><BR></DIV><BR>RoleVoter对使用者群组中,有ROLE_作为前置文件的进投票,您也可以在设定RoleVoter实例时,使用其rolePrefix来改变前置文字;DecisionManager收集票数,然后决定结果。<BR><BR>在所有的Filter被呼叫之前,通常会有个HttpSessionContextIntegrationFilter,它会建立Security
Context物件,后续的Filter会将安全相关讯息储存于其中,也可以取得当中的安全相关讯息:<BR>
<DIV style="MARGIN-LEFT: 40px"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><bean
id="httpSessionContextIntegrationFilter"</SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"
/></SPAN><BR></DIV><BR>Acegi是基于Filter
Chain来完成请求的检查、验证、授权等动作,所以要将以上的Filter串在一起了:<BR>
<DIV style="MARGIN-LEFT: 40px"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<!-- Filter Chain --></SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<bean id="filterChainProxy"
class="org.acegisecurity.util.FilterChainProxy"> </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<property name="filterInvocationDefinitionSource"> </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
<value> </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
PATTERN_TYPE_APACHE_ANT </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
/**=</SPAN><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">httpSessionContextIntegrationFilter,</SPAN><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">authenticationProcessingFilter,<BR>
exceptionTranslationFilter,filterSecurityInterceptor</SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</value> </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</property> </SPAN><BR
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace"><SPAN
style="FONT-WEIGHT: bold; FONT-FAMILY: Courier New,Courier,monospace">
</bean></SPAN><BR></DIV><BR><SPAN
style="COLOR: rgb(255,0,0)">由于排版的关系,将Filter的串连作了换行,实际上</SPAN><SPAN
style="FONT-WEIGHT: bold; COLOR: rgb(255,0,0); FONT-FAMILY: Courier New,Courier,monospace">authenticationProcessingFilter,exceptionTranslationFilter</SPAN><SPAN
style="COLOR: rgb(255,0,0); FONT-FAMILY: Courier New,Courier,monospace">是连在一起不能换行的,请在设定时特别注意。</SPAN><BR><BR>所完成的acegi-config.xml完整档案如下所示:<BR>
<UL>
<LI>acegi-config.xml </LI></UL><PRE><?xml version="1.0" encoding="UTF-8"?><BR><!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"><BR><beans><BR> <!-- 验证处理,使用表单 --><BR> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <BR> <!-- 验证管理员,处理验证资讯提供者 --><BR> <property name="authenticationManager" ref="authenticationManager"/> <BR> <!-- 验证失败URL --><BR> <property name="authenticationFailureUrl" value="/acegilogin.jsp"/> <BR> <!-- 验证成功预设URL --><BR> <property name="defaultTargetUrl" value="/protected/loginsuccess.jsp"/> <BR> <!-- 验证处理的提交位址 --><BR> <property name="filterProcessesUrl" value="/j_acegi_security_check"/> <BR> </bean><BR><BR> <!-- 验证管理员,管理验证资讯提供者 --><BR> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <BR> <property name="providers"><!-- 可有多个提供者,其中一个验证通过即可以了 --> <BR> <list> <BR> <ref local="daoAuthenticationProvider"/> <BR> </list> <BR> </property> <BR> </bean><BR><BR> <!-- 验证提供者,指定使用记忆体来源中的验证资讯 --><BR> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <BR> <property name="userDetailsService" ref="inMemoryDaoImpl"/><BR> </bean> <BR> <BR> <bean id="inMemoryDaoImpl" class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"><BR> <property name="userMap"> <BR> <value> <BR> caterpillar=123456,ROLE_SUPERVISOR<BR> user1=user1pwd,ROLE_USER<BR> user2=user2pwd,disabled,ROLE_USER <BR> </value> <BR> </property> <BR> </bean> <BR> <BR> <!-- 发生验证错误或权限错误时的处理 --><BR> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <BR> <property name="authenticationEntryPoint"> <BR> <bean class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <BR> <property name="loginFormUrl" value="/acegilogin.jsp"/> <BR> <property name="forceHttps" value="false"/> <BR> </bean> <BR> </property> <BR> <property name="accessDeniedHandler"> <BR> <bean class="org.acegisecurity.ui.AccessDeniedHandlerImpl"> <BR> <property name="errorPage" value="/protected/accessDenied.jsp"/> <BR> </bean> <BR> </property> <BR> </bean> <BR><BR> <!-- FilterSecurityInterceptor 对 URI 进行保护 --><BR> <bean id="filterSecurityInterceptor"<BR> class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"><BR> <!-- 验证管理员 --><BR> <property name="authenticationManager" ref="authenticationManager" /><BR> <!-- 授权管理员 --><BR> <property name="accessDecisionManager" ref="accessDecisionManager" /><BR> <property name="objectDefinitionSource"><BR> <value><BR> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON<BR> PATTERN_TYPE_APACHE_ANT<BR> /protected/**=ROLE_SUPERVISOR,ROLE_USER<BR> </value><BR> </property><BR> </bean><BR> <BR> <!-- 授权管理员 --><BR> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"><BR> <!-- 是否全部弃权时视为通过 --><BR> <property name="allowIfAllAbstainDecisions" value="false" /><BR> <property name="decisionVoters"><BR> <list><BR> <bean class="org.acegisecurity.vote.RoleVoter" /><BR> </list><BR> </property><BR> </bean> <BR><BR> <bean id="httpSessionContextIntegrationFilter"<BR> class="org.acegisecurity.context.HttpSessionContextIntegrationFilter" /><BR> <BR> <!-- Filter Chain --><BR> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <BR> <property name="filterInvocationDefinitionSource"> <BR> <value> <BR> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON <BR> PATTERN_TYPE_APACHE_ANT <BR> /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,<BR> exceptionTranslationFilter,filterSecurityInterceptor<BR> </value> <BR> </property> <BR> </bean> <BR></beans> </PRE><BR><BR><BR></BODY></HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -