Simply say Spring Security use (additional verification code login, custom authentication)

Read the Official document first: http://docs.spring.io/spring-security/site/docs/4.0.x/reference/htmlsingle/

Spring Security4 has added a way to annotate, but in order to get a clearer picture, the configuration is used.

Step one: Web. XML joins intercept

<!--configuration Springsecurityfilter--<filter> <filter-name>springsecurityfilterchain</filter-name&      Gt    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*< ;/url-pattern> </filter-mapping>

Step Two: Write the configuration file: Spring-security.xml

<beans:beans xmlns= "Http://www.springframework.org/schema/security"     xmlns:beans = "Http://www.springframework.org/schema/beans"  xmlns:xsi= "Http://www.w3.org/2001/XMLSchema-instance"     xsi:schemalocation= "http://www.springframework.org/schema/beans       http://www.springframework.org/schema/beans/spring-beans-3.2.xsd       http://www.springframework.org/schema/security      http:// www.springframework.org/schema/security/spring-security-3.2.xsd  ">     
  step three: Write the login authentication function  
 
Package com.eshore.upsweb.service;import java.util.arraylist;import java.util.hashset;import  java.util.List;import java.util.Set;import  org.springframework.beans.factory.annotation.autowired;import  org.springframework.security.core.grantedauthority;import  org.springframework.security.core.authority.simplegrantedauthority;import  org.springframework.security.core.userdetails.user;import  org.springframework.security.core.userdetails.userdetails;import  org.springframework.security.core.userdetails.userdetailsservice;import  org.springframework.security.core.userdetails.usernamenotfoundexception;import  org.springframework.stereotype.service;import com.eshore.upsweb.dao.cwsysuserdao;import  com.eshore.upsweb.model.cwsysuser;import com.eshore.upsweb.model.cwsysuserrole; @Service (value= " Cwsysuserdetailsservice ") public class cwsysuserdetailsservice implements  Userdetailsservice{   &nbSP; @Autowired   CwSysUserDAO cwSysUserDAO;     @Override   public  userdetails loaduserbyusername (String username)       throws  usernamenotfoundexception {     system.out.println ("username is  " + username);      cwsysuser user =  Cwsysuserdao.finduser (username);     list<grantedauthority> authorities =  builduserauthority (User.getuserroles ());     return builduserforauthentication ( User, authorities);  }    /**   *  return to validation role     *  @param  userRoles   *  @return    */  private  list<grantedauthority> builduserauthority (set<cwsysuserrole> userroles) {     Set<GrantedAuthority> Setauths = new hashset<grantedauthority> ();     for (CwSysUserRole  userrole:userroles) {      setauths.add (new simplegrantedauthority ( Userrole.getrole (). Getroleid (). toString ());    }    list< Grantedauthority> result = new arraylist<grantedauthority> (setAuths);     return result;  }    /**   *  return to Authenticated users     *  @param  user   *  @param  authorities   * @ Return   */  private user builduserforauthentication (CwSysUser user, list<grantedauthority> authorities) {    return new user ( User.getuserno (), User.getpassword (), true,true,true,true,authorities);   }    /**    *    */  } 
 
  Fifth step: write the corresponding login JSP  
 
<%@ page language= "java"  contenttype= "Text/html; charset=utf-8"   pageEncoding = "UTF-8"%>  <%@ taglib prefix= "C"  uri= "Http://java.sun.com/jsp/jstl/core"%> <! Doctype html "> 

Simply say Spring Security use (additional verification code login, custom authentication)