Spring Security Form Login

也许不会看见

2013-06-02

原文地址：http://www.javaarch.net/jiagoushi/695.htm

Spring Security Form Login

web.xml配置

	<?xml version="1.0" encoding="UTF-8"?>
	<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	   xmlns="http://java.sun.com/xml/ns/javaee"
	   xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
	   xsi:schemaLocation="
		  http://java.sun.com/xml/ns/javaee 
		  http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" 
	   id="WebApp_ID" version="3.0">
	 
	   <display-name>Spring Secured Application</display-name>
	 
	   <!-- Spring MVC -->
	   <servlet>
		  <servlet-name>mvc</servlet-name>
		  <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		  <load-on-startup>1</load-on-startup>
	   </servlet>
	   <servlet-mapping>
		  <servlet-name>mvc</servlet-name>
		  <url-pattern>/</url-pattern>
	   </servlet-mapping>
	 
	   <context-param>
		  <param-name>contextClass</param-name>
		  <param-value>
			 org.springframework.web.context.support.AnnotationConfigWebApplicationContext
		  </param-value>
	   </context-param>
	   <context-param>
		  <param-name>contextConfigLocation</param-name>
		  <param-value>org.baeldung.spring.web.config</param-value>
	   </context-param>
	   <listener>
		  <listener-class>
			 org.springframework.web.context.ContextLoaderListener
		  </listener-class>
	   </listener>
	 
	   <!-- Spring Security -->
	   <filter>
		  <filter-name>springSecurityFilterChain</filter-name>
		  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	   </filter>
	   <filter-mapping>
		  <filter-name>springSecurityFilterChain</filter-name>
		  <url-pattern>/*</url-pattern>
	   </filter-mapping>
	 
	</web-app>
	
Spring Security configuration

	@Configuration
	@ImportResource({ "classpath:webSecurityConfig.xml" })
	public class SecSecurityConfig {
	   public SecSecurityConfig() {
		  super();
	   }
	}

 webSecurityConfig.xml
	 
	<?xml version="1.0" encoding="UTF-8"?>
	<beans:beans xmlns="http://www.springframework.org/schema/security"
	  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	  xmlns:beans="http://www.springframework.org/schema/beans"
	  xsi:schemaLocation="
		  http://www.springframework.org/schema/security 
		  http://www.springframework.org/schema/security/spring-security-3.1.xsd
		  http://www.springframework.org/schema/beans 
		  http://www.springframework.org/schema/beans/spring-beans-3.2.xsd">
	 
	   <http use-expressions="true">
		  <intercept-url pattern="/login*" access="isAnonymous()" />
		  <intercept-url pattern="/**" access="isAuthenticated()"/>
	 
		  <form-login
			 login-page='/login.html'
			 default-target-url="/homepage.html"
			 authentication-failure-url="/login.html?error=true" />
	 
		  <logout logout-success-url="/login.html" />
	 
	   </http>
	   <authentication-manager>
		  <authentication-provider>
			 <user-service>
				<user name="user1" password="user1Pass" authorities="ROLE_USER" />
			 </user-service>
		  </authentication-provider>
	   </authentication-manager>
	</beans:beans>
	
登录表单Login Form，注册登录url，

	registry.addViewController("/login.html");
	
登录首页login.jsp

	<html>
	<head></head>
	<body>
	   <h1>Login</h1>
	   <form name='f' action="j_spring_security_check" method='POST'>
		  <table>
			 <tr>
				<td>User:</td>
				<td><input type='text' name='j_username' value=''></td>
			 </tr>
			 <tr>
				<td>Password:</td>
				<td><input type='password' name='j_password' /></td>
			 </tr>
			 <tr>
				<td><input name="submit" type="submit" value="submit" /></td>
			 </tr>
		  </table>
	  </form>
	</body>
	</html>
	
 <form-login>配置可以支持更多
 
	 <form-login
	   login-page='/login.html'
	   login-processing-url="/perform_login"
	   default-target-url="/homepage.html"
	   authentication-failure-url="/login.html?error=true"
	   always-use-default-target="true"/>
	   
示例工程在https://github.com/eugenp/tutorials/tree/master/spring-security-login#readme，可以访问http://localhost:8080/spring-security-login/login.html进入登录首页进行登录。

spring