Spring-servlet.xml Configuration
<?xml version= "1.0" encoding= "UTF-8"? ><beans xmlns= "http://www.springframework.org/ Schema/beans " xmlns:xsi=" Http://www.w3.org/2001/XMLSchema-instance " xmlns:mvc= "Http://www.springframework.org/schema/mvc" xmlns:context= "Http://www.springframework.org/schema/context" xsi:schemalocation= "http://www.springframework.org/schema/beans http:// Www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/mvc http ://www.springframework.org/schema/mvc/spring-mvc.xsd http://www.springframework.org/schema/context Http://www.springframework.org/schema/context/spring-context.xsd ">&NBSP;&NBSP;&NBSP;&NBSP;<MVC: Annotation-driven></mvc:annotation-driven> <mvc:resources mapping= "/ static/** " location="/statics/"></mvc:resources> <mvc:resources mapping= "/resources/**" location= "/ resources/></mvc:resources> <!-- Configure view resolver --> <bean class= "Org.springframework.web.servlet.view.InternalResourceViewResolver" > <property name= "prefix" value= "/resources/jsp/" >< /property> <property name= "suffix" value= ". JSP" ></property> </bean> < !-- from request and response read/write String --> <bean id= "Stringhttpmessageconverter" class= "Org.springframework.http.converter.StringHttpMessageConverter" > <property name= "Supportedmediatypes" > <list> <value>text/plain;charset=UTF-8</value> </list> </property> </bean></beans>
Spring-security.xml Configuration
<?xml version= "1.0" encoding= "UTF-8"? ><beans xmlns= "http://www.springframework.org/ Schema/beans " xmlns:security=" http://www.springframework.org/schema/ Security " xmlns:xsi=" Http://www.w3.org/2001/XMLSchema-instance " xsi:schemalocation= "Http://www.springframework.org/schema/beans http ://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd "> < Security:http pattern= "/statics/**" security= "None"/> <security:http auto-config= "true" use-expressions= "true" > <security:intercept-url pattern= "/login.do" access= "isanonymous ()"/> < security:intercept-url pattern= "/register.do" access= "isanonymous ()"/> <security:intercept-url pattern= "/registerusers.do" access= "isAnonymous () "/> <security:intercept-url pattern="/useradd.do " access= "isanonymous ()"/> <security:intercept-url pattern= "/admins/**" access= "hasrole (' role_admin ')"/> <security:intercept-url pattern= "/**" access= "hasrole (' Role_user ')"/> <security:csrf disabled= "false" token-repository-ref= " Cookiecsrftokenrepository " /> <security:form-login login-page= "/login.do" login-processing-url= "/login" username-parameter= "username" password-parameter= "Password" Authentication-failure-url= "/login.do?error=true" /> <security:logout invalidate-session= "true" logout-url= "/logout" logout-success-url= "/ Login.do "/> <security:http-basic /> <security:remember-me data-source-ref= "DataSource" key= " Youkey " remember-me-parameter=" Remember-me "/> < security:session-management> < Security:concurrency-control /> </security: Session-management> </security:http> <security: authentication-manager> <!--statically added user logon information--> <!--<security:authentication-provider> <security:user-service> <security:user name= "admin" password= "admin123" authorities= "ROLE_ User,role_admin "/> <security:user name= "User" password= "user123" authorities= "Role_user"/> </security:user-service> </security:authentication-provider>--> <security:authentication-provider> <security:password-encoder ref= "Bcryptpasswordencoder"/> &nbSp; <security:jdbc-user-service id= "Userdetailsservice" data-source-ref= " DataSource " users-by-username-query= "Select username,password,enabled from users where username=? " authorities-by-username-query= "Select u.username as username,r.rolename as authority from users u join userrole ur on u.userid= Ur.userid join roles r on r.roleid=ur.roleid where u.username=?" /> </security:authentication-provider> </security: Authentication-manager> <bean id= "Bcryptpasswordencoder" class= " Org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder "/> <bean id = "Daoauthenticationprovider" class= " Org.springframework.security.authentication.dao.DaoAuthenticationProvider "> <property name= "Hideusernotfoundexceptions" value= "false"/> <property name= "Userdetailsservice" ref= "UserDetailsService"/ > <property name= "PasswordEncoder" ref= " Bcryptpasswordencoder "/> </bean> <bean id=" CookiecsRftokenrepository " class=" Org.springframework.security.web.csrf.CookieCsrfTokenRepository "> <property name= "Cookiehttponly" value= "false"/> </bean> </beans>
This article is from the Java Technology Blog blog, so be sure to keep this source http://lingdong.blog.51cto.com/3572216/1889448
Spring MVC and Spring Security Configuration spring-servlet.xml and Spring-security.xml settings