📄 acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - csdnblog.htm
字号:
<BR>httpRequestAccessDecisionManager配置说明: <BR>allowIfAllAbstainDecisions
设定是否允许:“没人反对就通过”的投票策略 <BR>decisionVoters 投票者
<BR><BR>httpRequestAccessDecisionManager(投票通过策略管理器)用于管理投票通过策略。Acegi提供三种投票通过策略的实现:
<BR>AffirmativeBased(至少一个投票者同意方可通过),ConsensusBased(多数投票者同意方可通过),UnanimousBased(所有投
<BR>票者同意方可通过)。本程序采用AffirmativeBased策略,并且禁止“没人反对就通过”的投票策略。 <BR>roleVoter配置说明:
<BR>rolePrefix <BR>该投票者支持的权限前缀,默认是“ROLE_”,本程序所有的权限字符串均以“AUTH_”开头, <BR>故设为“AUTH_”
<BR>通过设定rolePrefix可以指定roleVoter所支持的权限范围。 <BR>3.3 applicationContext-basic.xml
<BR>applicationContext-basic.xml主要包括数据访问对象,业务方法,业务方法安全管理拦截器的配置信息。主要讲解业务方法安全管理拦截器(MethodSecurityInterceptor)的相关配置,其它的配置就不再赘述了,请参考相关文
<BR>档。 <BR>3.3.1 contactManager相关配置信息 <BR> <BEAN
class=org.springframework.aop.framework.ProxyFactoryBean
id=contactManager></BEAN> <BR><property
name="proxyInterfaces"><VALUE></VALUE>sample.service.IContactManager</property><property
name="interceptorNames"></property><BR>contactManager的实现类是ProxyFactoryBean(代理工厂),它使用Spring
AOP技术拦截代理接口里的方法,并依次执行拦截器 <BR>列表里的拦截器对应的操作。contactManager有事务拦截器和业务方法安全拦截器。
<BR>3.3.2 contactManagerSecurity相关配置信息 <BR>authenticationManager 认证管理器
<BR>accessDecisionManager
<BR>投票通过策略管理器,和filterInvocationInterceptor采用相同的策略管理器,在实际项目中,如果有
<BR>需要可以采用不同的策略管理器。 <BR>objectDefinitionSource 业务方法的权限配置信息。用于指定不同的业务方法资源对应的权限。
<BR>注意:contactManagerSecurity的实现类是MethodSecurityInterceptor,缺省情况下MethodSecurityInterceptor的
<BR>objectDefinitionSource属性是通过net.sf.acegisecurity.intercept.method.MethodDefinitionSourceEditor来设置的。
<BR>MethodDefinitionSourceEditor只支持属性配置文件的格式(同filterInvocationInterceptor的objectDefinitionSource属性),而实际
<BR>情况中,由于业务方法比较多,显然配置信息存放在数据库中比较好。因此,我们通过注册一个CustomEditorConfigurer来修
<BR>改MethodDefinitionSource类型属 性的对应读取类。配置如下: <BR><BEAN
class=org.springframework.beans.factory.config.CustomEditorConfigurer
id=customEditorConfigurer></BEAN><property
name="customEditors"><MAP></MAP></property>DataSourceMethodDefinitionSourceEditor根据以下SQL读取业务方法安全配置信息:
<BR>select authority,PROTECTED_RES from authorities where AUTH_TYPE='FUNCTION'
and authority like <BR>'AUTH_FUNC_ContactManager%' <BR><BR>4.总结
<BR>在本文的示例程序中我们只对业务对象(ContactManager)进行安全保护,对业务领域对象(Contact)的访问并没有作限
<BR>制,这是由于在Acegi框架中采用ACL(访问控制列表)技术实现这个功能,这使得一旦我们的业务领域对象数量很多的话,
<BR>效率将变得很低,因此我们将对业务领域对象访问控制的代码放在业务对象的业务方法中。
<BR>将业务无关的代码从业务代码中剥离,使业务代码更干净,系统结构更合理是每个开发人员的梦想。随着AOP技术的日渐流
<BR>行和日益发展,这个梦想已经离我们不远了。本文中的例子通过结合使用SpringFramework和Acegi两种开源框架,实现了将安
<BR>全认证和授权代码和事务代码从业务代码中分离。 </FONT></SPAN></SPAN><BR><BR>
<P id=TBPingURL>Trackback:
http://tb.blog.csdn.net/TrackBack.aspx?PostId=1751617</P><BR></DIV>
<DIV class=postFoot>
<SCRIPT src=""></SCRIPT>
[<A title=功能强大的网络收藏夹,一秒钟操作就可以轻松实现保存带来的价值、分享带来的快乐
href="javascript:d=document;t=d.selection?(d.selection.type!='None'?d.selection.createRange().text:''):(d.getSelection?d.getSelection():'');void(saveit=window.open('http://wz.csdn.net/storeit.aspx?t='+escape(d.title)+'&u='+escape(d.location.href)+'&c='+escape(t),'keyit','scrollbars=no,width=590,height=300,left=75,top=20,status=no,resizable=yes'));saveit.focus();">收藏到我的网摘</A>]
[<A
href="http://tb.blog.csdn.net/TrackBack.aspx?PostId=1751617">发送Trackback]</A> 懒散狂徒发表于
2007年08月20日 15:41:00 </DIV></DIV><LINK
href="http://blog.csdn.net/anyoneking/Services/Pingback.aspx" rel=pingback><!--<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"xmlns:dc="http://purl.org/dc/elements/1.1/"xmlns:trackback="http://madskills.com/public/xml/rss/module/trackback/"><rdf:Descriptionrdf:about="http://blog.csdn.net/anyoneking/archive/2007/08/20/1751617.aspx"dc:identifier="http://blog.csdn.net/anyoneking/archive/2007/08/20/1751617.aspx"dc:title="Acegi例子配置信息讲解(转)"trackback:ping="http://tb.blog.csdn.net/TrackBack.aspx?PostId=1751617" /></rdf:RDF>-->
<SCRIPT>function hide(){showComment();}</SCRIPT>
<BR><BR><BR><BR>
<DIV class=post id=csdn_zhaig_ad_yahoo></DIV>
<SCRIPT type=text/javascript>document.write("<img src=http://counter.csdn.net/pv.aspx?id=24 border=0 width=0 height=0>");</SCRIPT>
<SPAN class=PreAndNext id=viewpost.ascx_PreviousAndNextEntriesDown>
<DIV align=center><A
href="http://blog.csdn.net/anyoneking/archive/2007/08/20/1751804.aspx">上一篇: Acegi框架介绍</A> | <A
href="http://blog.csdn.net/anyoneking/archive/2007/08/17/1748509.aspx">下一篇: acegi安全系统标准配置指南草案</A></DIV></SPAN><SPAN
id=Anthem_Comments.ascx_ltlComments__><SPAN id=Comments.ascx_ltlComments><BR>
<DIV id=comments>
<H3>评论</H3>没有评论。 </DIV></SPAN></SPAN>
<SCRIPT language=javascript>
ad_width=468;
ad_height=60;
adcss=2;
unionuser=19;
ad_type='j';
count=5;
</SCRIPT>
<DIV>
<SCRIPT language=javascript
src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/showads.js"
type=text/javascript></SCRIPT>
<SCRIPT language=javascript
src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/showgm.js"
type=text/javascript></SCRIPT>
</DIV>
<DIV class=CommentForm id=commentform>
<H3>发表评论 </H3>
<DIV id=Anthem_PostComment.ascx_CommentUpdatePanel__>
<DIV id=PostComment.ascx_CommentUpdatePanel>
<TABLE class=CommentForm>
<TBODY>
<TR>
<TD width=69 height=0></TD>
<TD></TD></TR>
<TR>
<TD width=70>大名:</TD>
<TD align=left><INPUT id=PostComment.ascx_tbName style="WIDTH: 300px"
disabled maxLength=32 size=40 value=shiwenliang
name=PostComment.ascx:tbName> <SPAN
id=PostComment.ascx_RequiredFieldValidator2
style="DISPLAY: none; COLOR: red" initialvalue=""
evaluationfunction="RequiredFieldValidatorEvaluateIsValid"
display="Dynamic" errormessage="<br>请输入尊姓大名"
controltovalidate="PostComment.ascx_tbName"><BR>请输入尊姓大名</SPAN> </TD></TR>
<TR>
<TD width=70>网址:</TD>
<TD align=left><INPUT id=PostComment.ascx_tbUrl style="WIDTH: 300px"
maxLength=256 size=40 name=PostComment.ascx:tbUrl> </TD></TR>
<DIV id=PostComment.ascx_AntiBotImageRegion></DIV>
<TR>
<TD width=70>校验码:</TD>
<TD align=left><INPUT id=PostComment.ascx_tbAntiBotImage
style="WIDTH: 75px" name=PostComment.ascx:tbAntiBotImage> <SPAN
id=PostComment.ascx_valAntiBotImage style="DISPLAY: none; COLOR: red"
evaluationfunction="CustomValidatorEvaluateIsValid"
display="Dynamic">检验码无效!</SPAN> <SPAN
id=Anthem_PostComment.ascx_imgAntiBotImage__><IMG
id=PostComment.ascx_imgAntiBotImage alt=""
src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/AntiBotImage.jpg"
align=absMiddle border=0></SPAN> <SPAN
id=Anthem_PostComment.ascx_lbCreateAntiBotImage__><A
id=PostComment.ascx_lbCreateAntiBotImage
onclick="javascript:Anthem_FireCallBackEvent(this,event,'PostComment.ascx:lbCreateAntiBotImage','',false,'','','',true,null,null,null,true,true);return false;"
href="javascript:__doPostBack('PostComment.ascx$lbCreateAntiBotImage','')">看不清,换一张</A></SPAN>
</TD></TR>
<DIV></DIV>
<TR>
<TD colSpan=3>评论 <SPAN id=PostComment.ascx_RequiredFieldValidator3
style="DISPLAY: none; COLOR: red" initialvalue=""
evaluationfunction="RequiredFieldValidatorEvaluateIsValid"
display="Dynamic" errormessage="<br>请输入评论"
controltovalidate="PostComment.ascx_tbComment"><BR>请输入评论</SPAN> <BR><TEXTAREA id=PostComment.ascx_tbComment style="WIDTH: 381px; HEIGHT: 193px" name=PostComment.ascx:tbComment rows=10 cols=50></TEXTAREA>
</TD></TR>
<TR>
<TD colSpan=3><SPAN id=Anthem_PostComment.ascx_btnSubmit__><INPUT language=javascript class=Button id=PostComment.ascx_btnSubmit onclick="javascript:Anthem_FireCallBackEvent(this,event,'PostComment.ascx:btnSubmit','',true,'','','正在处理...',false,null,null,null,true,true);return false;WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions("PostComment.ascx:btnSubmit", "", true, "", "", false, false))" type=submit value=提交 name=PostComment.ascx:btnSubmit></SPAN>
</TD></TR>
<TR>
<TD colSpan=3><SPAN id=PostComment.ascx_Message
style="COLOR: red"></SPAN></TD></TR></TBODY></TABLE></DIV></DIV></DIV></DIV>
<P id=footer>Powered by: <BR><A id=Footer1_Hyperlink2
href="http://scottwater.com/blog" name=Hyperlink1><IMG
src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/100x30_Logo.gif" border=0></A>
<A id=Footer1_Hyperlink3 href="http://asp.net/" name=Hyperlink1><IMG
src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/PoweredByAsp.Net.gif"
border=0></A> <BR>Copyright © 懒散狂徒 </P>
<SCRIPT src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/counter.js"></SCRIPT>
<SCRIPT type=text/javascript>
<!--
var Page_Validators = new Array(document.getElementById("PostComment.ascx_RequiredFieldValidator2"), document.getElementById("PostComment.ascx_valAntiBotImage"), document.getElementById("PostComment.ascx_RequiredFieldValidator3"));
// -->
</SCRIPT>
<SCRIPT type=text/javascript>
<!--
var Page_ValidationActive = false;
if (typeof(ValidatorOnLoad) == "function") {
ValidatorOnLoad();
}
function ValidatorOnSubmit() {
if (Page_ValidationActive) {
return ValidatorCommonOnSubmit();
}
else {
return true;
}
}
// -->
</SCRIPT>
</FORM>
<SCRIPT language=javascript type=text/javascript>
<!--
try
{
hide();
}
catch(e){}
//-->
</SCRIPT>
<SCRIPT src="Acegi例子配置信息讲解(转) - 懒散狂徒的专栏 - CSDNBlog.files/urchin.js"
type=text/javascript>
</SCRIPT>
<SCRIPT type=text/javascript>
_uacct = "UA-1148926-2";
urchinTracker();
</SCRIPT>
</BODY></HTML>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -