日期:2014-05-16 浏览次数:20499 次
<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"> <!-- 配置数据库 --> <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <beans:property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" /> <beans:property name="url" value="jdbc:oracle:thin:@localhost:1521:aqms" /> <beans:property name="username" value="airgis" /> <beans:property name="password" value="airgisynp" /> </beans:bean> <http auto-config='true' > <!-- 自定义的登录页面 --> <form-login login-page="/login.jsp"/> <intercept-url pattern="/login.jsp" filters="none"/> <!-- 以下两个<intercept-url 的顺序是不可随便条换的,否则user用户也能登陆/admin.jsp页面 --> <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN"/> <intercept-url pattern="/**" access="ROLE_USER" /> <session-management> <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" /> </session-management> </http> <authentication-manager> <authentication-provider > <!-- 配置实现 <user-service> <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" /> <user name="user" password="user" authorities="ROLE_USER" /> </user-service> --> <!-- 数据库实现 --> <jdbc-user-service data-source-ref="dataSource"/> </authentication-provider> </authentication-manager> <!-- 国际化 --> <beans:bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource"> <beans:property name="basename" value="classpath:messages_zh_CN"/> </beans:bean> </beans:beans>