SPRINGMVC + Security Module Framework integration detailed

Forgive Link: http://blog.csdn.net/abcd_d_/article/details/50478344

Recently organized a second-hand backstage management project, the overall can be divided into: Springmvc + mybatis + tiles + Easyui + security modules, and then with MAVEN management. Just got the hand inside too many things, so the eldest brother let the whole, only pick out skeleton. Admittedly, the overall planning of the architecture is still very good, especially the front-end interface with Tiles+easyui, development is very efficient. In fact, although previously heard of security, but did not use the project security, so also considered a novice. The integration process is still very brain-burning.

1, the first is the SPRINGMVC part, is also the framework of the most core skeleton part. SPRINGMVC is also based on the servlet framework, so we can start with Web. XML and then take a few clues to sort out the entire architecture. The main part of Web. XML is the various configurations that place spring:

[Java] view plain copy <context-param> <PARAM-NAME>CONTEXTCONFIGLOCATION</PARAM-NAME&G           T                  <param-value>/web-inf/spring/appservlet/servlet-context.xml </param-value> </context-param>

And

[HTML]  View Plain  copy <servlet>           < servlet-name>appservlet</servlet-name>            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>            <init-param>                <param-name>contextConfigLocation</param-name>               <param-value>/web-inf/spring/ appservlet/servlet-context.xml</param-value>            </init-param>           <load-on-startup>1</ load-on-startup>           <async-supported>true< /async-supported>       </servlet>               <servlet-mapping>           < servlet-name>appservlet</servlet-name>            <url-pattern>/</url-pattern>       </servlet-mapping>   

These two sections specify the profile address and Web request address interception rules. It is important to note that the configuration files are frequently used annotations, data sources, and the like.

2, then security, this article realizes the custom user information login authentication, the main part: Spring Security main note several places:

1) The filter to configure security in Web. XML, note that the name must be Springsecurityfilterchain, which is a built-in filter, and then set the filter rule to/* to intercept all requests.

2) The security profile must be added to the <context-param> because Contextloaderlistener loads the security-related stuff The SPRINGMVC (servlet) module is not initialized at this time.

The two are configured as follows:

        [Java]   View plain  copy <context-param>   & Nbsp;       <param-name>contextconfiglocation</param-name>            <param-value>            /WEB-INF/spring/appServlet/servlet-context.xml            </param-value>                   </context-param>