spring security除通过form-login的熟悉指定登陆还可以通过entry-point-ref 指定登陆入口。具体配置如下:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd"> <!-- entry-point-ref指定登录入口 --> <security:http entry-point-ref="authEntryPoint"> <security:logout delete-cookies="JSESSIONID" /> <security:intercept-url pattern="/login*.jsp*" access="IS_AUTHENTICATED_ANONYMOUSLY" /> <security:intercept-url pattern="/**" access="ROLE_USER" /> <!-- 添加自己定义的AuthenticationFilter到FilterChain的FORM_LOGIN_FILTER位置 --> <security:custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER"/> </security:http> <!-- AuthenticationEntryPoint,引导用户进行登录 --> <bean id="authEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint"> <property name="loginFormUrl" value="/login.jsp"> </property> </bean> <!-- 认证过滤器 --> <bean id="authenticationFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="usernameParameter" value="username"/> <property name="passwordParameter" value="password"/> <property name="filterProcessesUrl" value="/login.do" /> </bean> <security:authentication-manager alias="authenticationManager"> <security:authentication-provider user-service-ref="userDetailsService"> <security:password-encoder hash="md5"></security:password-encoder> </security:authentication-provider> </security:authentication-manager> <bean id="userDetailsService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl"> <property name="dataSource" ref="dataSource"></property> </bean> <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close"> <property name="driverClass" value="com.mysql.jdbc.Driver"></property> <property name="jdbcUrl" value="jdbc:mysql://localhost:3306/security"></property> <property name="user" value="root"></property> <property name="password" value="root"></property> <property name="acquireIncrement" value="5"></property> <!-- 当连接池中的连接用完时,C3P0一次性创建新连接的数目2 --> <property name="initialPoolSize" value="10"></property> <!-- 初始化时创建的连接数,必须在minPoolSize和maxPoolSize之间 --> <property name="minPoolSize" value="5"></property> <property name="maxPoolSize" value="20"></property> <!-- 最大空闲时间,超过空闲时间的连接将被丢弃 [需要注意:mysql默认的连接时长为8小时(28800)【可在my.ini中添加 wait_timeout=30(单位秒)设置连接超时】,这里设置c3p0的超时必须<28800] --> <property name="maxIdleTime" value="300"></property> <property name="idleConnectionTestPeriod" value="60"></property> <!-- 每60秒检查连接池中的空闲连接 --> <property name="maxStatements" value="20"></property> <!-- jdbc的标准参数 用以控制数据源内加载的PreparedStatement数量,但由于预缓存的Statement属 于单个Connection而不是整个连接 --> </bean> </beans>