标签:spring security springmvc mybatis cxf
整合出现很多问题,这里就不例举了,大家各自修炼吧,这里我只提供demo架包,可以在里面折腾。这里我说一下为什么会有这样的框架:我们项目要求是为子系统提供权限认证和管理(web service),同时对这些web service进行权限管理。所以demo中对security做了url和方法级的认证做了扩展,但没做具体实现。
1.web.xml
<?xml version="1.0" encoding="UTF-8" ?> <web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.5" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <display-name>Archetype Created Web Application</display-name> <servlet> <servlet-name>CXFServlet</servlet-name> <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class> <load-on-startup>2</load-on-startup> </servlet> <servlet-mapping> <servlet-name>CXFServlet</servlet-name> <url-pattern>/ws/*</url-pattern> </servlet-mapping> <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/spring/*.xml</param-value> </context-param> <listener> <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class> </listener> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class> org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <servlet> <servlet-name>spring</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>spring</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.jpg</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.png</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.gif</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.ico</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.gif</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.js</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>default</servlet-name> <url-pattern>*.css</url-pattern> </servlet-mapping> <error-page> <exception-type>500</exception-type> <location>/500.jsp</location> </error-page> <error-page> <error-code>404</error-code> <location>/404.jsp</location> </error-page> <error-page> <error-code>403</error-code> <location>/403.jsp</location> </error-page> </web-app>2.spring.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:p="http://www.springframework.org/schema/p" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:security="http://www.springframework.org/schema/security" xmlns:mvc="http://www.springframework.org/schema/mvc" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.2.xsd"> <context:component-scan base-package="clubgod.controller" /> <!-- 对模型视图名称的解析,即在模型视图名称添加前后缀 --> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" p:prefix="/WEB-INF/view/" p:suffix=".jsp" /> <!-- 支持文件上传 --> <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"> <property name="defaultEncoding" value="UTF-8" /> <!-- <property name="maxUploadSize" value="5000000" /> max size 5M --> </bean> <bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter"> <property name="messageConverters"> <list> <bean class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter" /> </list> </property> </bean> </beans>
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:jdbc="http://www.springframework.org/schema/jdbc" xmlns:p="http://www.springframework.org/schema/p" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.2.xsd"> <security:global-method-security access-decision-manager-ref="clubgodAccessDecisionManager"> <security:protect-pointcut access="none" expression="execution(* clubgod.service.I*.*(..))"/> </security:global-method-security> <security:http pattern="/login" security="none" /> <security:http pattern="/" security="none" /> <security:http pattern="/ws/**" security="none" /> <security:http pattern="/favicon.ico" security="none" /> <security:http pattern="/*.jsp" security="none" /> <security:http pattern="/resource/**" security="none" /> <security:http use-expressions="true" access-denied-page="/403.jsp" entry-point-ref="authenticationProcessingFilterEntryPoint"> <security:logout/> <!-- 实现免登陆验证 --> <security:remember-me /> <security:session-management invalid-session-url="/"> <security:concurrency-control max-sessions="10" error-if-maximum-exceeded="true" /> </security:session-management> <security:custom-filter ref="clubgodLoginAuthenticationFilter" position="FORM_LOGIN_FILTER" /> <security:custom-filter ref="clubgodSecurityFilter" before="FILTER_SECURITY_INTERCEPTOR" /> </security:http> <bean id="clubgodSecurityFilter" class="clubgod.security.common.ClubgodSecurityFilter"> <property name="authenticationManager" ref="clubgodAuthenticationManager" /> <property name="accessDecisionManager" ref="clubgodAccessDecisionManager" /> <property name="securityMetadataSource" ref="clubgodMetadataSourceService" /> </bean> <security:authentication-manager alias="clubgodAuthenticationManager"> <security:authentication-provider user-service-ref="securityUserDetailsService"/> </security:authentication-manager> <bean id="clubgodAccessDecisionManager" class="clubgod.security.common.ClubgodAccessDecisionManager"> </bean> <bean id="clubgodMetadataSourceService" class="clubgod.security.common.ClubgodMetadataSourceService"> </bean> <bean id="securityUserDetailsService" class="clubgod.security.common.SecurityUserDetailsService"> </bean> <!-- 登录验证器 --> <bean id="clubgodLoginAuthenticationFilter" class="clubgod.security.common.ClubgodLoginAuthenticationFilter"> <!-- 处理登录 --> <property name="filterProcessesUrl" value="/j_spring_security_check"></property> <property name="authenticationSuccessHandler" ref="loginLogAuthenticationSuccessHandler"></property> <property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler"></property> <property name="authenticationManager" ref="clubgodAuthenticationManager"></property> </bean> <bean id="loginLogAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"> <property name="defaultTargetUrl" value="/home"></property> </bean> <bean id="simpleUrlAuthenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"> <property name="defaultFailureUrl" value="/"></property> </bean> <!-- 未登录的切入点 --> <bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> <property name="loginFormUrl" value="/"></property> </bean> <context:component-scan base-package="clubgod.service" /> <!-- 数据库配置 --> <bean id="dataSource" class="org.logicalcobwebs.proxool.ProxoolDataSource"> <property name="driver"> <value>com.mysql.jdbc.Driver</value> </property> <property name="driverUrl"> <value>jdbc:mysql://10.10.8.8:3307/aaa?characterEncoding=utf8</value> </property> <property name="user" value="dev" /> <property name="password" value="dev" /> <property name="alias" value="Pool_dbname" /> <property name="houseKeepingSleepTime" value="90000" /> <property name="prototypeCount" value="0" /> <property name="maximumConnectionCount" value="50" /> <property name="minimumConnectionCount" value="2" /> <property name="simultaneousBuildThrottle" value="50" /> <property name="maximumConnectionLifetime" value="14400000" /> <property name="houseKeepingTestSql" value="select CURRENT_DATE" /> </bean> <!-- myBatis文件 --> <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean"> <property name="dataSource" ref="dataSource" /> <!-- 自动扫描entity目录, 省掉Configuration.xml里的手工配置 --> </bean> <bean class="org.mybatis.spring.mapper.MapperScannerConfigurer"> <property name="basePackage" value="clubgod.dao,clubgod.mybatis.auto.dao,clubgod.security.resource" /> <property name="sqlSessionFactoryBeanName" value="sqlSessionFactory" /> </bean> <!-- 配置事务管理器 --> <bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager"> <property name="dataSource" ref="dataSource" /> </bean> <!-- 注解方式配置事物 --> <tx:annotation-driven transaction-manager="transactionManager" /> </beans>
4.cxf-beans.xml
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:jaxws="http://cxf.apache.org/jaxws" xsi:schemaLocation="http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd" > <import resource="classpath:META-INF/cxf/cxf.xml" /> <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" /> <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> <jaxws:endpoint id="validate" implementor="clubgod.cxf.service.impl.DemoImpl" address="/validate" /> </beans>
springMVC3+apache CXF+spring security3+mybatis3(proxool)整合项目,布布扣,bubuko.com
springMVC3+apache CXF+spring security3+mybatis3(proxool)整合项目
标签:spring security springmvc mybatis cxf
原文地址:http://blog.csdn.net/yklfxy/article/details/38534467