[Introduction] For a typical web application, perfect authentication and authorization mechanisms are essential, in SpringFramework, the example jpetstore provided by Juergen Hoeller gave some introductions, but it is still not enough. Acegi is a special Providing a security mechanism for SpringFramework, a list of Acegi Security System for Spring, the current version is 0.5.1, and its current functionality should meet the needs of most applications. The main purpose of this article is to explain how to use Acegi in a Spring architecture, rather than detail each interface, each class. Note that even if the Spring application already exists, you can immediately enjoy the authentication and authorization provided by ACEGI immediately by the following steps.
[Basic Work] The most common way to achieve authentication and authorization in the Acegi download package in your web application LIB is to achieve authentication and authorization. This is also the case, usually the Acegi needs Web.xml Add the following 5 filter: acegi channel processing filter filter-name> net.sf.acegisecurity.util.FilTertobeAnProxy filter-class> targetclass param-name> net.sf.acegisecurity.secham.ChannelProcessingFilter param-value> init-param> Acegi Authentication Processing filter filter-name> net.sf.acegisecurity.util.FilTertobeAnProxy filter-class> targetclass param-name> < Param-value> net.sf.acegisecurity.ui.Webapp.AuthenticationProcessingFilter param-value> init-param> acegi http Basic Authorization filter filter-name> net.sf.acegagecurity.util.FilTrTobeAnProxy filter-class> targetclass param-name> net. sf.acegisecurity.ui.basicauth.BasicProcessingFilter param-value> init-param> filter> Acegi Security System for Spring Auto Integration Filter filter-name> net.sf.acegisecurity.ui.autointegrationFilter filter-class> filter> acegi http request security filter filter-name> net.sf.acegisecurity .util.FilTerTobeanProxy filter-class> <
PARAM-NAME> TargetClass param-name> Net.sf.acegisecurity.intercept.Web.SecurityEnforcementFilter param-value> init-param> filter> arrested Net .sf.acegisecurity.util.FilterToBeanProxy, Acegi explain on their documents are:. "What FilterToBeanProxy does is delegate the Filter's methods through to a bean which is obtained from the Spring application context This enables the bean to benefit from the Spring application context Lifecycle Support and Configuration Flexibility. ", if you want to go to see the source code should not understand.
Then add filter-mapping: acegi channel processing filter filter-name> / * url-pattern> filter-mapping> acegi authentication processing filter filter-name> / * url-pattern> filter-mapping> acegi http Basic Authorization filter filter-name> / * url-pattern> filter-maping> acegi security system for Spring Auto Integration Filter filter-name > / * url-pattern> filter-mapping> acegi http request security filter filter-name> / * URL-PATTERN> filter-maping> Here you need to pay attention to the following two points: 1) These Filter's order cannot be changed, the order is not working properly; 2) If your application does not require secure transmission, such as HTTPS, then release the "Acegi Channel Processing Filter" can be released. can.
[ApplicationContext.xml] The next thing to add ApplicationContext.xml, from the explanation of FilTerTobeanFactory, you can see that true Filter is managed in Spring ApplicationContext: 1) First, you must have saved users in your database. Name and password Table, Acegi requires Table's schema must be as follows: Create Table Users (Username Varchar (50) Not Null Primary Key, Password VARCHAR (50) Not Null; Create Table Authorities (Username Varchar (50) NOT NULL, authority VARCHAR (50) NOT NULL); CREATE UNIQUE INDEX ix_auth_username ON authorities (username, authority); ALTER TABLE authorities ADD CONSTRAINT fk_authorities_users foreign key (username) REFERENCES users (username); 2) add access datasource your database and the Acegi jdbcDao, as follows: $ {jdbc.driverClassName} value> < / Property> $ {jdbc.url} value> proty> $ {jdbc.username} value> < / proty> $ { JDBC.Password} value> proty> bean> < ref bean = "dataSource" /> property> bean> 3) Add daoAuthenticationProvider: property> proty> bean> 5 value> property> bean> If you need to encrypt your password, add: < Property Name = "PasswordEncoder"> profy>, Acegi provides several encryption methods, detailed information can be won net.sf.acegisecurity.providers.Encoding 4) Add AuthenticationManager: list> property> bean > 5) was added accessDecisionManager: false value> property> list> property> bean> 6) Add authenticationProcessingFilterEntryPoint: <
Property name = "loginformurl"> /Acegilogin.jsp value> proty> <% @ page import =" Net.sf.acegisecurity.authenticationException "%> login title> head> Login h1>