Spring Security借助servlet过滤器提供安全功能

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>
            org.springframework.web.filter.DelegatingFilterProxy
        </filter-class>
    </filter>

DelegatingFilterProxy是特殊的Servlet过滤器，可以将任务委托给javax.servlet.Filter实现类，而这个实现类是注册在Spring Context。

最小化web安全

  <http auto-config="true">
    <intercept-url pattern="/**" access="ROLE_SPITTER"/>
  </http>

等价于

  <http auto-config="true">
    <form-login />
    <http-basic />
    <logout />
    <intercept-url pattern="/**" access="ROLE_SPITTER"/>
  </http>

Spring Security命名空间

<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
        http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
        http://www.springframework.org/schema/security 
        http://www.springframework.org/schema/security/spring-security-3.0.xsd">

Web

results matching ""

No results matching ""