日期:2014-05-16  浏览次数:20499 次

spring security与数据库交互实现简单例子
spring security与数据库交互实现简单例子

最近几天一直在研究spring security,也一直苦于找不到个合适的例子,好多例子都跑不起来。经过查找和研究终于搞定了个例子。

用xml配置写好的简单,现在跑的是与数据库交互的例子

----------> 配置文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

	<!-- 配置数据库 -->
	<beans:bean id="dataSource"
		class="org.springframework.jdbc.datasource.DriverManagerDataSource">
		<beans:property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />
		<beans:property name="url" value="jdbc:oracle:thin:@localhost:1521:aqms" />
		<beans:property name="username" value="airgis" />
		<beans:property name="password" value="airgisynp" />
	</beans:bean>	
	
    <http auto-config='true' >
    	<!-- 自定义的登录页面 -->
      	<form-login login-page="/login.jsp"/>
      	
        <intercept-url pattern="/login.jsp" filters="none"/>
        <!-- 以下两个<intercept-url 的顺序是不可随便条换的,否则user用户也能登陆/admin.jsp页面 -->
        <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN"/>
        <intercept-url pattern="/**" access="ROLE_USER" />
        
        <session-management>
        	<concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
        </session-management>
    </http>
    
	<authentication-manager>
	    <authentication-provider >
	    <!-- 配置实现
	        <user-service>
	            <user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
	            <user name="user" password="user" authorities="ROLE_USER" />
	        </user-service>
	      -->   
	      <!-- 数据库实现 -->
	    	<jdbc-user-service data-source-ref="dataSource"/>
	    </authentication-provider>
	</authentication-manager>
	
	<!-- 国际化 -->
	<beans:bean id="messageSource"
	    class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
	  <beans:property name="basename" value="classpath:messages_zh_CN"/>
	</beans:bean>


</beans:beans>

----------->数据库

----------用户表----

-- Create table
create table USERS
(
  USERNAME   VARCHAR2(50) not null,
  PASSWORD   VARCHAR2(50) not null,
  ENABLED    INTEGER not null,
  NAME       VARCHAR2(50) not null,
  MANAGER_ID VARCHAR2(50),
  SALARY     INTEGER
)
tablespace AQMS_TEST
  pctfree 10
  initrans 1
  maxtrans 255
  storage
  (
    initial 64K
    minextents 1
    maxextents unlimited
  );
-- Create/Recreate primary, unique and foreign key constraints
alter table USERS
  add primary key (USERNAME)
  using index
  tablespace AQMS_TEST
  pctfree 10
  initrans 2
  maxtrans 255
  storage
  (
    initial 64K
    minextents 1
    maxextents unlimited
  );
alter table USERS
  add constraint FK_USERS_MANAGER foreign key (MANAGER_ID)
  references USERS (USERNAME);


----------权限表----

-- Create table
create table AUTHORITIES
(
  USERNAME  VARCHAR2(50)