<form-login authentication-success-handler-ref="afterLoginSuccessHandler" login-page="/loginPage.action?error=false" authentication-failure-url="/loginPage.action?error=true" default-target-url="/"/> //配置自定义filter <custom-filter before="FORM_LOGIN_FILTER" ref="authenticationProcessingFilter"/> <custom-filter before="LOGOUT_FILTER" ref="logoutFilter"/> //配置权限Provider <authentication-manager alias="authenticationManager"> <authentication-provider ref="securityAuthenticationProvider" /> </authentication-manager> //自定义Provider <beans:bean id="securityAuthenticationProvider" class="com.xxx.security.SecurityAuthenticationProvider"> <beans:property name="userDetailsService" ref="securityUserService"/> <beans:property name="passwordEncoder" ref="passwordEncoder"/> </beans:bean> //配置AuthenticationFilter <beans:bean id="authenticationProcessingFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> <beans:property name="authenticationManager" ref="authenticationManager"/> <beans:property name="authenticationSuccessHandler" ref="afterLoginSuccessHandler"/> <beans:property name="authenticationFailureHandler" ref="afterLoginFailHandler"/> <beans:property name="authenticationDetailsSource" ref="authenticationDetailsSourceImpl"/> </beans:bean> //自定义LoginFailHandler <beans:bean id="afterLoginFailHandler" class="com.xxx.security.AfterLoginFailHandler"> <beans:property name="defaultFailureUrl"> <beans:value>/loginPage.action?error=true</beans:value> </beans:property> </beans:bean> //自定义LoginSuccessHandler <beans:bean id="afterLoginSuccessHandler" class="com.xxx.security.AfterLoginSuccessHandler"> <beans:property name="defaultTargetUrl"> <beans:value>/</beans:value> </beans:property> </beans:bean> //Md5加密 <beans:bean id="passwordEncoder" class="org.springframework.security.authentication.encoding.Md5PasswordEncoder"/> <beans:bean id="authenticationDetailsSourceImpl" class="org.springframework.security.authentication.AuthenticationDetailsSourceImpl"> <beans:property name="clazz" value="com.xxx.security.SecurityWebAuthenticationDetails"/> </beans:bean> //自定义LogoutFilter <beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter"> <beans:constructor-arg value="/" /> <beans:constructor-arg> <beans:list> <beans:bean class="com.xxx.security.LogoutHandler"/> </beans:list> </beans:constructor-arg> </beans:bean>
Spring Security 常用的几个自定义filter
猜你喜欢
转载自never-forget.iteye.com/blog/1025959
今日推荐
周排行