Spring MVC and Spring Security Configuration spring-servlet.xml and Spring-security.xml settings

Source: Internet
Author: User

Spring-servlet.xml Configuration

<?xml version= "1.0"  encoding= "UTF-8"? ><beans xmlns= "http://www.springframework.org/ Schema/beans "       xmlns:xsi=" Http://www.w3.org/2001/XMLSchema-instance "        xmlns:mvc= "Http://www.springframework.org/schema/mvc"         xmlns:context= "Http://www.springframework.org/schema/context"         xsi:schemalocation= "http://www.springframework.org/schema/beans http:// Www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http ://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context  Http://www.springframework.org/schema/context/spring-context.xsd "&GT;&NBSP;&NBSP;&NBSP;&NBSP;&LT;MVC: Annotation-driven></mvc:annotation-driven>    <mvc:resources mapping= "/ static/** " location="/statics/"></mvc:resources>    <mvc:resources mapping= "/resources/**"  location= "/ resources/></mvc:resources>    <!--  Configure view resolver  -->     <bean class= "Org.springframework.web.servlet.view.InternalResourceViewResolver" >         <property name= "prefix"  value= "/resources/jsp/" >< /property>        <property name= "suffix"  value= ". JSP" ></property>    </bean>        < !--  from request and response   read/write String  -->    <bean id= "Stringhttpmessageconverter"  class= "Org.springframework.http.converter.StringHttpMessageConverter" >         <property name= "Supportedmediatypes" >             <list>                 <value>text/plain;charset=UTF-8</value>             </list>        </property>     </bean></beans>

Spring-security.xml Configuration

<?xml version= "1.0"  encoding= "UTF-8"? ><beans xmlns= "http://www.springframework.org/ Schema/beans "       xmlns:security=" http://www.springframework.org/schema/ Security "       xmlns:xsi=" Http://www.w3.org/2001/XMLSchema-instance "        xsi:schemalocation= "Http://www.springframework.org/schema/beans http ://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security  http://www.springframework.org/schema/security/spring-security.xsd ">    < Security:http pattern= "/statics/**"  security= "None"/>    <security:http   auto-config= "true"  use-expressions= "true" >         <security:intercept-url pattern= "/login.do"  access= "isanonymous ()"/>         < security:intercept-url pattern= "/register.do"  access= "isanonymous ()"/>         <security:intercept-url pattern= "/registerusers.do"  access= "isAnonymous () "/>        <security:intercept-url pattern="/useradd.do "  access= "isanonymous ()"/>        <security:intercept-url  pattern= "/admins/**"  access= "hasrole (' role_admin ')"/>         <security:intercept-url pattern= "/**"  access= "hasrole (' Role_user ')"/>         <security:csrf disabled= "false"  token-repository-ref= " Cookiecsrftokenrepository " />        <security:form-login  login-page= "/login.do"  login-processing-url= "/login"   username-parameter= "username"   password-parameter= "Password"  Authentication-failure-url= "/login.do?error=true"  />         <security:logout invalidate-session= "true"  logout-url= "/logout"  logout-success-url= "/ Login.do "/>        <security:http-basic />         <security:remember-me data-source-ref= "DataSource"  key= " Youkey " remember-me-parameter=" Remember-me "/>        < security:session-management>            < Security:concurrency-control  />        </security: Session-management>    </security:http>    <security: authentication-manager>        <!--statically added user logon information-->         <!--<security:authentication-provider>             <security:user-service>                 <security:user name= "admin"  password= "admin123"  authorities= "ROLE_ User,role_admin "/>                 <security:user name= "User"  password= "user123"  authorities= "Role_user"/>             </security:user-service>         </security:authentication-provider>-->         <security:authentication-provider>             <security:password-encoder ref= "Bcryptpasswordencoder"/>        &nbSp;    <security:jdbc-user-service id= "Userdetailsservice"  data-source-ref= " DataSource "                                          users-by-username-query= "Select username,password,enabled from  users where username=? "                                           authorities-by-username-query= "Select u.username as username,r.rolename  as authority from users u join userrole ur on u.userid= Ur.userid join roles r on r.roleid=ur.roleid where u.username=?"             />         </security:authentication-provider>    </security: Authentication-manager>    <bean id= "Bcryptpasswordencoder"  class= " Org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder "/>    <bean id = "Daoauthenticationprovider"  class= " Org.springframework.security.authentication.dao.DaoAuthenticationProvider ">         <property name= "Hideusernotfoundexceptions"  value= "false"/>         <property name= "Userdetailsservice"  ref= "UserDetailsService"/ >        <property name= "PasswordEncoder"  ref= " Bcryptpasswordencoder "/>    </bean>    <bean id=" CookiecsRftokenrepository " class=" Org.springframework.security.web.csrf.CookieCsrfTokenRepository ">         <property name= "Cookiehttponly"  value= "false"/>     </bean>  </beans>


This article is from the Java Technology Blog blog, so be sure to keep this source http://lingdong.blog.51cto.com/3572216/1889438

Spring MVC and Spring Security Configuration spring-servlet.xml and Spring-security.xml settings

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.