Error listenerStart 是class="tags" href="/tags/SECURITY.html" title=security>security.xml中有错误的原因。
class="tags" href="/tags/SECURITY.html" title=security>security.xml
各种过滤器实战,常用九个如下
一 链之 RememberMeProcessingFilter
1。使用 ,选上remember me后,一旦页面关闭或者服务器重启,还可以记得用户的登陆状态。
<input type="checkbox" id="remember" name="j_remember_me"> Remember me
2.设置 class="tags" href="/tags/SECURITY.html" title=security>security.xml
<!-- 记住用户登录信息 -->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="rememberMeFilter" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices" />
</class="tags" href="/tags/BEAN.html" title=bean>bean>
<class="tags" href="/tags/BEAN.html" title=bean>bean id="rememberMeServices" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService" />
<property name="parameter" value="j_remember_me" /> <!--与多选框名字相同-->
<property name="key" value="remember_Me" />
<property name="tokenValiditySeconds" value="31536000" /> <!--记住多长时间 ,这里是一年-->
登陆,登出中 <property name="rememberMeServices" ref="rememberMeServices" />
</class="tags" href="/tags/BEAN.html" title=bean>bean>
<class="tags" href="/tags/BEAN.html" title=bean>bean id="authenticationManager" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.providers.ProviderManager">
<property name="providers">
<list>
<ref class="tags" href="/tags/BEAN.html" title=bean>bean="rememberMeAuthenticationProvider" />
</list>
</property>
</class="tags" href="/tags/BEAN.html" title=bean>bean>
<class="tags" href="/tags/BEAN.html" title=bean>bean id="rememberMeAuthenticationProvider"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.providers.rememberme.RememberMeAuthenticationProvider">
<property name="key" value="remember_Me" />
</class="tags" href="/tags/BEAN.html" title=bean>bean>
二 链之 RememberMeProcessingFilter 安全拦截器
<!-- 基于URL的安全拦截器 -->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="class="tags" href="/tags/SECURITY.html" title=security>securityInterceptor"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager" />
<property name="accessDecisionManager" ref="accessDecisionManager" />
<property name="objectDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/admin/**=ROLE_ADMIN <!-- 对admin目录只有Role_admin的角色可以访问-->
/user/**=ROLE_USER
</value>
</property>
</class="tags" href="/tags/BEAN.html" title=bean>bean>
三。 链之 authenticationProcessingFilter 登陆验证
1.login.jsp
<%
String error = request.getParameter("login_error");
if(error!=null) {
out.println("<p><font color=/"red/">");
out.println(error);
out.println("</font></p>");
}
%>
<form action="j_login.do" method="POST">
Username: <input type="text" name="j_username" />
Password: <input type="password" name="j_password">
<input name="submit" type="submit" value="Login">
</form>
<!-- 验证用户身份 -->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="authenticationProcessingFilter"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.webapp.AuthenticationProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationFailureUrl" value="/login.jsp?login_error=Login%20failed." /> <!-- 失败后跳转页-->
<property name="defaultTargetUrl" value="/helloWorld.jsp" /> <!-- 成功后跳转页-->
<property name="filterProcessesUrl" value="/j_login.do" /> <!-- 重点,与action一致-->
</class="tags" href="/tags/BEAN.html" title=bean>bean>
四。 链之 logoutFilter
<a href="j_logout.do">logout</a></p>
<class="tags" href="/tags/BEAN.html" title=bean>bean id="logoutFilter" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.logout.LogoutFilter">
<!-- URL redirected to after logout登出后的指向页面 -->
<constructor-arg value="/helloWorld.jsp" />
<constructor-arg>
<list>
<ref class="tags" href="/tags/BEAN.html" title=bean>bean="rememberMeServices" /> <!-- 登出后就不再记住用户的登陆了-->
<class="tags" href="/tags/BEAN.html" title=bean>bean class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.logout.SecurityContextLogoutHandler" />
</list>
</constructor-arg>
<property name="filterProcessesUrl" value="/j_logout.do" /><!-- 重点,要一致-->
</class="tags" href="/tags/BEAN.html" title=bean>bean>
五 链之 exceptionFilter,如果用户未能被认证,AuthenticationException就会被抛出;
即使用户成功地通过了身份验证,他们仍可能不被授予访问某些受保护页面所必需的权限。这样,AcessDeniedException就会被抛出。
<!-- 处理登录异常或权限异常的Filter -->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="exceptionFilter" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.ExceptionTranslationFilter">
<!-- 出现AuthenticationException时的登录入口 -->
<property name="authenticationEntryPoint">
<class="tags" href="/tags/BEAN.html" title=bean>bean class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.jsp" />
<property name="forceHttps" value="false" /><!--为true,login.jsp页面会通过Https安全地进行显示-->
</class="tags" href="/tags/BEAN.html" title=bean>bean>
</property>
<!-- 出现AccessDeniedException时的Handler -->
<property name="accessDeniedHandler">
<class="tags" href="/tags/BEAN.html" title=bean>bean class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.ui.AccessDeniedHandlerImpl" />
<!-- 可选属性: property name="errorPage" value="/denied.html" -->
</property>
</class="tags" href="/tags/BEAN.html" title=bean>bean>
六 链之 HttpSessionContextIntegrationFilter , 不知道有什么用处哪????
<!-- 从Session中获得用户信息并放入SecurityContextHolder -->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="httpSessionContextIntegrationFilter"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.context.HttpSessionContextIntegrationFilter" />
————————————————————————————————————
<!-- 过滤器链-->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="filterChainProxy" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=channelProcessingFilter
ConcurrentSessionFilter .................
httpSessionContextIntegrationFilter,
logoutFilter,
authenticationProcessingFilter,
rememberMeFilter,
AnonymousProcessingFilter,.................
exceptionFilter
,class="tags" href="/tags/SECURITY.html" title=security>securityInterceptor
</value>
</property>
</class="tags" href="/tags/BEAN.html" title=bean>bean>
<!-- 认证管理器--> <class="tags" href="/tags/BEAN.html" title=bean>bean id="authenticationManager" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.providers.ProviderManager"> <property name="providers"> <list> <ref class="tags" href="/tags/BEAN.html" title=bean>bean="daoAuthenticationProvider" /> </list> </property> </class="tags" href="/tags/BEAN.html" title=bean>bean> <!-- 基于DAO验证的AuthenticationProvider --> <class="tags" href="/tags/BEAN.html" title=bean>bean id="daoAuthenticationProvider" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="userDetailsService" /> </class="tags" href="/tags/BEAN.html" title=bean>bean> <!-- 使用内存DAO,实际应用时可用JdbcDao代替 --> <class="tags" href="/tags/BEAN.html" title=bean>bean id="userDetailsService" class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.userdetails.memory.InMemoryDaoImpl"> <property name="userMap"> <value> admin=password,enabled,ROLE_ADMIN,ROLE_USER test=test,enabled,ROLE_USER guest=guest,disabled,ROLE_USER </value> </property> </class="tags" href="/tags/BEAN.html" title=bean>bean>
<!-- 决策管理器-->
<class="tags" href="/tags/BEAN.html" title=bean>bean id="accessDecisionManager"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.vote.AffirmativeBased">
<property name="decisionVoters">
<list>
<class="tags" href="/tags/BEAN.html" title=bean>bean class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.vote.RoleVoter" />
</list>
</property>
<property name="allowIfAllAbstainDecisions" value="false" />
</class="tags" href="/tags/BEAN.html" title=bean>bean>
附件:class="tags" href="/tags/SPRING.html" title=spring>spring的光盘/source/10Acegi/Spring_Acegi
补记:七 链之channelProcessingfilter 通道,
login.jsp=REQUIRES_SECURE_CHANNEL 有安全映射的,表明login.jsp应该通过HTTPS进行发送.
即跳到https://127.0.0.1:8443/ssh/login.jsp ,但是为什么显示出错???????是要上网吗?
<class="tags" href="/tags/BEAN.html" title=bean>bean id="channelProcessingFilter"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.securechannel.ChannelProcessingFilter">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/login.jsp=REQUIRES_SECURE_CHANNEL
/**=REQUIRES_INSECURE_CHANNEL
</value>
</property>
<property name="channelDecisionManager"
ref="channelDecisionManager">
</property>
</class="tags" href="/tags/BEAN.html" title=bean>bean>
<class="tags" href="/tags/BEAN.html" title=bean>bean id="channelDecisionManager"
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.securechannel.ChannelDecisionManagerImpl">
<property name="channelProcessors">
<list>
<class="tags" href="/tags/BEAN.html" title=bean>bean
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.securechannel.SecureChannelProcessor" />
<class="tags" href="/tags/BEAN.html" title=bean>bean
class="org.acegiclass="tags" href="/tags/SECURITY.html" title=security>security.securechannel.InsecureChannelProcessor" />
</list>
</property>
</class="tags" href="/tags/BEAN.html" title=bean>bean>
