zoukankan      html  css  js  c++  java
  • [找程序员代写推荐]spring Scurity终于测试OK了,复杂的功能还待深入研究!发布出来一起探讨吧!

    spring Scurity终于测试OK了,复杂的功能还待深入研究!发布出来一起探讨吧!

    就是因 为研究它,我的个天啦!头都大了一圈!还待修改完整版!我的目标不是每个项目拿到它就能使用!到时再说啦。。。

    虽然只是一个登陆,但里面的知识真是太广了!什么md5 盐值   加密 生成,cookie 生成序列保存数据库,

    sessionID防护的一大堆安全,资源权限分配和保护 等。。。值得一学的框架!

    sql 脚本也在项目一起

    项目源码下载:http://download.csdn.net/detail/liangrui1988/5916359

    官方文档:http://static.springsource.org/spring-security/site/docs/3.0.x/reference/springsecurity.html

    jar 下载  http://www.springsource.org/download/community

    项目图片:



    部分代码:

    applicationContext-security2.xml

    <?xml version="1.0" encoding="UTF-8"?>  <beans:beans     xmlns="http://www.springframework.org/schema/security"     xmlns:beans="http://www.springframework.org/schema/beans"     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"      xsi:schemaLocation="http://www.springframework.org/schema/beans                          http://www.springframework.org/schema/beans/spring-beans-3.2.xsd                         http://www.springframework.org/schema/security                         http://www.springframework.org/schema/security/spring-security.xsd">        <!-- 使用security="none"忽略所有过滤器会提升性能,而是用匿名登录功能可以实现权限操作的一致性,                      具体应用时还需要大家根据实际情况自行选择了。    <http pattern="/" security="none"/>  -->    <http pattern="/image" security="none"/>      <!--entry-point-ref=""  未登录的切入点          servlet-api-provision="true" 默认启用  保存没有登录之前的请求            access-denied-page="" 被拦截之后的页面-->     <http auto-config="true" entry-point-ref="myAuthenticationEntryPoint"            access-denied-page="/error/page403.jsp" >                  <!-- 在配置文件中使用auto-config="true"就会启用匿名登录功能。在启用匿名登录之后,                       如果我们希望允许未登录就可以访问一些资源,可以在进行如下配置。 IS_AUTHENTICATED_ANONYMOUSLY=ROLE_ANONYMOUS-->        <intercept-url pattern="/" access="ROLE_ANONYMOUS"/>        <anonymous username="游客"/>              <!-- 只要登 陆的用户都可以访问项目资源    除了受保护的次源 -->       <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY" />             <!-- 自定义过滤器  在之前执行 -->       <custom-filter ref="filterSecurityInterceptor" before="FILTER_SECURITY_INTERCEPTOR" />       <!-- 切换用户 -->       <custom-filter position="SWITCH_USER_FILTER" ref="switchUserProcessingFilter" />       <!-- 获取 ip  -->       <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrentSessionFilter"/>                       <!-- 用户退出  session无效 -->      <logout invalidate-session="true"        logout-url="/j_spring_security_logout" />            <!-- 保存cookie  保存用户名密码多长时间-->      <!--60*60*24*7=604800=  一个星期的秒数  -->      <remember-me key="myApp" token-validity-seconds="604800" data-source-ref="authoritiesData" />            <!-- 用户登陆  默认跳转页面 and  失败面页 -->      <form-login default-target-url="/index.jsp" authentication-failure-url="/login.jsp?error=true"/>           <!-- 防御会话伪造 none,migrateSession和newSession。默认使用的是migrationSession,       <session-management session-fixation-protection="migrateSession"/>-->             <!-- 会话管理  默认30分钟 ,空闲30分钟后,自动销毁        session-authentication-strategy 会话认证策略  session-authentication-strategy-ref="currentControllerStrategy" -->      <session-management  invalid-session-url="/login.jsp"        session-authentication-strategy-ref="currentControllerStrategy"/>     <!--  <concurrency-control max-sessions="1" error-if-maximum-exceeded="true"  />      </session-management> -->              <!-- 允许同时登陆几个,如果溢出这个数则报异常  -->      <!-- error-if-maximum-exceeded="true"=不允许把在线用户踢出去-->          </http>     <!--注意必须放在用来验证权限的FilterSecurityInterceptor之后,这样可以控制当前用户是否拥有切换用户的权限 -->     <beans:bean id="switchUserProcessingFilter"         class="org.springframework.security.web.authentication.switchuser.SwitchUserFilter" autowire="byType">     <beans:property name="targetUrl" value="/manager.jsp"/>     </beans:bean>           <!-- 未登录的切入点 -->     <beans:bean id="myAuthenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">         <beans:property name="loginFormUrl" value="/login.jsp"></beans:property>     </beans:bean>  <!-- 认证管理 -->     <authentication-manager>         <authentication-provider>          <!-- md5加密   -->      <password-encoder hash="md5">      <!-- 盐值加密 -->         <salt-source user-property="username"/>       </password-encoder>       <!-- 数据库是自定义的,所以要修改sql查询语句  用户信息 和 权限信息 -->             <jdbc-user-service data-source-ref="authoritiesData"                  users-by-username-query="select username,password,status as enabled                                            from user                                           where username=?"                 authorities-by-username-query="select u.username,r.name as authority                                                  from user u                                                  join user_role ur                                                    on u.id=ur.user_id                                                  join role r                                                    on r.id=ur.role_id                                                 where u.username=?"/>                          </authentication-provider>              </authentication-manager> <!-- 过虑拦截器 作用:就是把自定义的数据库查询字段  封装成security规范 的字段-->     <beans:bean id="filterSecurityInterceptor"         class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor" autowire="byType">         <beans:property name="securityMetadataSource" ref="filterInvocationSecurityMetadataSource" />         <beans:property name="authenticationManager" ref="org.springframework.security.authenticationManager"/>     </beans:bean>  <!-- 替换原有功能的切入点  从数据库里查询出数据    资源==角色  注入数据库源  和查询结果的sql语句                把受保护的资源(jsp页面)写入到数据库中 需要这样的配置-->              <beans:bean id="filterInvocationSecurityMetadataSource"          class="accp.util.JdbcFilterInvocationDefinitionSourceFactoryBean">         <beans:property name="dataSource" ref="authoritiesData"/>         <beans:property name="resourceQuery" value="             select re.res_string,r.name               from role r               join resc_role rr                 on r.id=rr.role_id               join resc re                 on re.id=rr.resc_id           order by re.priority         "/> </beans:bean>      <!-- 提示信息 国际化--> <beans:bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource"> <beans:property name="basename" value="classpath:messages_zh_CN"/> </beans:bean>   <!-- 获取用户  ip 和用户绑定,(如是果设了最大会话为1,不用担心没注销用户,无法再登陆!)              这样在同一个电脑是可以重复登陆, -->  <beans:bean id="concurrentSessionFilter"         class="org.springframework.security.web.session.ConcurrentSessionFilter">  <beans:property name="sessionRegistry" ref="sessionRegistry"/> </beans:bean>  <beans:bean id="sessionRegistry"  class="accp.myFilter.SmartSessionRegistry"/>  <beans:bean id="currentControllerStrategy"  class="accp.myFilter.SmartConcurrentSessionControlStrategy">  <beans:constructor-arg ref="sessionRegistry"/>    <!-- 允许同时登陆几个,如果溢出这个数则报异常  -->      <!-- error-if-maximum-exceeded="true"=不允许把在线用户踢出去   -->   <beans:property name="exceptionIfMaximumExceeded" value="true"/>  <beans:property name="maximumSessions" value="1"/>  </beans:bean>    <!-- 记录日志 -->  <beans:bean class="accp.myFilter.AuditListener"/>   </beans:beans>

    applicationContext-action.xml


    <?xml version="1.0" encoding="UTF-8"?> <beans  xmlns="http://www.springframework.org/schema/beans"  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xmlns:p="http://www.springframework.org/schema/p"  xsi:schemaLocation="http://www.springframework.org/schema/beans                      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd                      "> <!--*************************注入services层接口到action******************************-->  <!-- 用户action 注入services接口 --> <bean id="userAction" class="accp.action.UserAction"> <property name="services" ref="userServices"/> <property name="baseUserServices" ref="baseServices"/> <property name="baseRoleServices" ref="baseServices"/> </bean>  <!-- registerAction  注入services接口 --> <bean id="userRegisterAction" class="accp.action.RegisterAction"> <property name="services" ref="userServices"/> <property name="baseUserServices" ref="baseServices"/> <property name="baseRoleServices" ref="baseServices"/> </bean>  <!-- resc action --> <bean id="rescAction" class="accp.action.RescAction"> <property name="rescServices" ref="rescServices"/> <property name="baseRescServices" ref="baseServices"/> <property name="baseRoleServices" ref="baseServices"/> </bean>   <!-- role action --> <bean id="roleAction" class="accp.action.RoleAction"> <property name="roleServices" ref="roleServices"/> <property name="baseRoleServices" ref="baseServices"/> <property name="baseRescServices" ref="baseServices"/> </bean>  </beans> 

    applicationContext-service.xml


    <?xml version="1.0" encoding="UTF-8"?> <beans  xmlns="http://www.springframework.org/schema/beans"  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xmlns:p="http://www.springframework.org/schema/p"  xsi:schemaLocation="http://www.springframework.org/schema/beans                      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd                      ">                       <!--*************************hibernateTemplate******************************-->  <!-- BaseDaoImpl注入 hibernateTemplate-->  <bean id="baseDao" class="accp.dao.imple.BaseDaoImpl">  <property name="hibernateTemplate" ref="hibernateTemplate"/>  </bean>     <!-- RescDaoImpl注入 hibernateTemplate  || parent父类是谁 同样实现的继承关系-->  <bean id="rescDao" class="accp.dao.imple.RescDaoImpl" parent="baseDao">  <!-- <property name="hibernateTemplate" ref="hibernateTemplate" /> -->  </bean>   <!-- RoleDaoImpl注入 hibernateTemplate-->  <bean id="roleDao" class="accp.dao.imple.RoleDaoImpl" parent="baseDao">  </bean>    <!-- UserDaoImpl注入 hibernateTemplate -->  <bean id="userDao" class="accp.dao.imple.UserDaoImpl" parent="baseDao">  <!-- <property name="hibernateTemplate" ref="hibernateTemplate" /> -->  </bean>    <!--*************************注入dao层接口到services层******************************-->  <!-- baseDao到业务层    parent="baseDao"--> <bean id="baseServices" class="accp.services.imple.BaseServicesImple" > <property name="basedao" ref="baseDao"/>  </bean>    <!-- user    方便真接调用基本操作类  hibernateTemplate-->  <bean id="userServices" class="accp.services.imple.UserServicesImple">   <property name="userDao" ref="userDao"/>  </bean>    <!-- 角色 -->  <bean id="roleServices" class="accp.services.imple.RoleServicesImple">  <property name="roleDao" ref="roleDao"/>  </bean>    <!-- 资源 -->  <bean id="rescServices" class="accp.services.imple.RescServicesImple">  <property name="rescDao" ref="rescDao"/>  </bean>   </beans> 

    UserAction.java

    package accp.action;   import java.io.PrintWriter; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Set;  import javax.servlet.http.HttpServletResponse;  import org.apache.struts2.ServletActionContext; import org.springframework.security.authentication.encoding.Md5PasswordEncoder; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails;  import accp.bean.Role; import accp.bean.User; import accp.services.BaseServices; import accp.services.RoleServices; import accp.services.UserServices;  import com.opensymphony.xwork2.ActionSupport; /**  * 用户管理Action  * @author liangrui  * @qq382453602  *  */ public class UserAction extends ActionSupport {  private User user;  private List<User> listUser;//用户集合  private List<Role> roleList;//角色集合  private UserServices services;//用户接口  private BaseServices<User,Long> baseUserServices;//基本user业务  private BaseServices<Role,Long> baseRoleServices;//基本role业务    private String enabled;//是否生效    public List<Role> getRoleList() {   return roleList;  }   public void setRoleList(List<Role> roleList) {   this.roleList = roleList;  }   public void setBaseUserServices(BaseServices<User, Long> baseUserServices) {   this.baseUserServices = baseUserServices;  }   public void setBaseRoleServices(BaseServices<Role, Long> baseRoleServices) {   this.baseRoleServices = baseRoleServices;  }      public String getEnabled() {   return enabled;  }   public void setEnabled(String enabled) {   this.enabled = enabled;  }   public UserServices getServices() {   return services;  }   public List<User> getListUser() {   return listUser;  }   public void setListUser(List<User> listUser) {   this.listUser = listUser;  }   public User getUser() {   return user;  }   public void setUser(User user) {      this.user = user;     }   public void setServices(UserServices services) {   this.services = services;  } /*************************login*********************************/  public String logins() throws Exception {   System.out.println("login:"+user.getUsername());   User user2=services.getLogin(user);      if(null==user2){    return "notUser";   }      if("admin".equals(user2.getUsername())){    return "adminPage";   }  System.out.println(user2.getUsername());   return SUCCESS;  } /************************连接到admin.jsp页面***********************************/  public String fowaredAdmin() throws Exception {   System.out.println("获取u p中-------....");   printUserInfo();   System.out.println("转到admin.jsp面面");   return "adminPage";  } /************************打印信息:用户名***********************************/   public void printUserInfo(){   System.out.println("获取principal 中");   String userName="";   //获取安全上下文内容   /*SecurityContext sc=SecurityContextHolder.getContext();   Authentication atc=sc.getAuthentication();//获取认证对象   //获取主体对象   Object obj=atc.getPrincipal();      if(obj instanceof UserDetails){   //获取用户详细内容对象   UserDetails ud=(UserDetails)obj;   userName=ud.getUsername();   }else{   userName=obj.toString();   }*/   //api 原代码   Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();   if (principal instanceof UserDetails) {    userName = ((UserDetails)principal).getUsername();   } else {    userName = principal.toString();   }   System.out.println("u: "+userName);  } /************************hello***********************************/  public String hello() throws Exception {   //printUserInfo();   System.out.println("开始调用方法....");   String moedth=services.sayHello("刘备");   System.out.println(moedth);   return "indexs";  }  /************************bye***********************************/  public String bye() throws Exception {   //printUserInfo();   System.out.println("开始调用方法..");      String moedth=services.sayBye("张飞");   System.out.println(moedth);   return "indexs";  }  /************************ajax判断是否有用户名**********************************/     public String ajaxIsUser() throws Exception {  // TODO Auto-generated method stub  System.out.println("ajax来了!开始行动...........: "+user.getUsername());  boolean b=services.getAjaxIsUserName(user.getUsername());  //获取响应对象  HttpServletResponse response=ServletActionContext.getResponse();  PrintWriter out = response.getWriter();  String bb="";  if(b)bb="true";else bb="false";  System.out.println("b: "+bb);  out.print(bb);    return null;     } /************************显示所有用户信息**********************************/     public String showUserInfo() throws Exception {      listUser=baseUserServices.getAll(new User());   return "showUser";  }      /**************************删除用户****************************************/     public String deleteUser() throws Exception {      try {      System.out.println("du: id "+user.getId());      baseUserServices.delete(user);   } catch (Exception e) {   e.printStackTrace();   return "error";   }   return "deleteUserOK";  } /**************************修改用户 查询信息 并显示************************************/     public String  updateUser() throws Exception {      try {      user=baseUserServices.getTInId(user,user.getId());      //查询角色      System.out.println("开始查询role----");      roleList=baseRoleServices.getAll(new Role());         } catch (Exception e) {    return "error";   }   return "updateEidt";  }           /**************************保存修改后的用户************************************/     public String  updateSave() throws Exception {      try {   Md5PasswordEncoder md5 = new Md5PasswordEncoder();   String passwordMD5=md5.encodePassword(user.getPassword(), user.getUsername());      user.setPassword(passwordMD5);      //封装角色集合      Set<Role> rolesSet=new HashSet<Role>();      //取到权限的对象      Set set=user.getRoles();      Iterator it=set.iterator();   while(it.hasNext()){    //根据id查询对象    Long roleID=Long.valueOf(it.next().toString());    //System.out.println(roleID);    Role role=baseRoleServices.getTInId(new Role(),roleID);    rolesSet.add(role);   }      user.setRoles(rolesSet);//将角色加入用户对象里   //是否生效   if(null==enabled){    user.setStatus(0);   }else{    user.setStatus(1);   }   System.out.println(user.getId()+user.getUsername()+user.getPassword());      //通过传过来的角色id获取角色对象   baseUserServices.update(user);   } catch (Exception e) {    return "error";   }   return "updateOk";  } /*********************通对对象条件查询****************************/     public String  searchUser() throws Exception {      if(null!=user){      listUser=baseUserServices.getTInName(user);      }      return "showUser";     }       /*************************显示所有角色*************************/     public String displayRole() throws Exception {      System.out.println("开始查询role----");      roleList=baseRoleServices.getAll(new Role());      return "addUsersAndShowRole";      } } 



    BaseServices.java

    package accp.services;  import java.io.Serializable; import java.util.List;  import accp.dao.BaseDao; import accp.dao.imple.BaseDaoImpl;  /**  *   * @author liangrui  * @qq 382453602  * @param <T> 泛型类  * @param <PK> 主健   * 基本数据操作 业务层   * 都 可以来这时调用 增、删、改、查  */  public interface BaseServices<T,PK extends Serializable > /* extends BaseDao<T,PK>*/{     public PK save(T t); public void delete(T t); public void update(T t); /***根据对象 获取对象集合**/ public List<T> getAll(T t); /***通过id 获取对象集合**/ public T getTInId(T t,PK pk); /***根据名称 获取对象集合**/ public List<T> getTInName(T t) throws Exception;   } 


    BaseDao.java


    package accp.dao;  import java.io.Serializable; import java.util.List;  /**  *   * @author liangrui  * @qq 382453602  * @param <T> 泛型类  * @param <PK> 主健   * 基本数据操作 代业务层 数据层 什么层层的   * 都 可以来这时调用 增、删、改、查  */ public interface BaseDao<T,PK extends Serializable> {   public PK save(T t); public void delete(T t); public void update(T t); /***根据对象 获取对象集合**/ public List<T> getAll(T t); /***通过id 获取对象集合**/ public T getTInId(T t,PK pk); /***根据对象条件 获取对象集合**/ public List<T> getTInName(T t) throws Exception;  } 

    BaseDaoImpl.java


    package accp.dao.imple;  import java.io.Serializable; import java.lang.reflect.Field; import java.lang.reflect.ParameterizedType; import java.lang.reflect.Type; import java.util.ArrayList; import java.util.List; import java.util.Set;  import accp.util.GenericsUtils; import org.springframework.orm.hibernate3.support.HibernateDaoSupport;  import accp.dao.BaseDao;   public class BaseDaoImpl<T,PK extends Serializable> extends HibernateDaoSupport implements BaseDao<T, PK> {   private  Class clas ;  //得到类  public BaseDaoImpl(){   /**    *  得到泛型的类    *  即  BaseDaoImpl<Users>  得到Users     *  类的超类>>>现在类型的 论据    */   clas = GenericsUtils.getSuperClassGenricType(getClass());     }      public PK save(T t) {   //System.out.println("T:" +t.getClass().getSimpleName());   return (PK) this.getHibernateTemplate().save(t);     }   public void delete(T t) {   this.getHibernateTemplate().delete(t);  }   public void update(T t) {   this.getHibernateTemplate().update(t);    }   public List<T> getAll(T t) {   // 根据对象 得到对像集合   String objName=t.getClass().getSimpleName();//得到 对象名   //System.out.println(objName);   return this.getHibernateTemplate().find("from "+objName);  }      /********************通过id获取对象****************************/  public T getTInId(T t,PK pk) {      /*String objName=clas.getClass().getSimpleName();//得到 对象名   System.out.println(clas +" : "+objName +" PK: "+pk);*/   return (T) this.getHibernateTemplate().get(t.getClass(),pk);      }       /************************************************************      *通过传送过来的对象值做为条件   查询       *并得到反回的集合       ************************************************************/  @SuppressWarnings("unchecked")  public List<T> getTInName(T t) throws Exception {  //得到对象的字段 就是查询条件  String objName=t.getClass().getSimpleName();  //拼接条件  StringBuffer hql=new StringBuffer("from "+objName);    hql.append(" where 1=1");  Field [] objFileds =t.getClass().getDeclaredFields();    Object [] SqlParamter = null;  List<Object> SqlParamters=new ArrayList<Object>();  for(int i=0;i<objFileds.length;i++){   Field fileld=objFileds[i];   fileld.setAccessible(true);//可进入的   Object objT=fileld.get(t);     //得到值   if(!"".equals(objT)&&null!=objT){        if(fileld.getName().equals("id")){    if(Integer.parseInt(objT.toString())>0){//不为0    //如果是id则 则直接处理    return this.getHibernateTemplate().      find("from "+objName +" where id="+objT);    }    }else if(objT instanceof Set){//如果是集合    //可以断续追加对象 条件    }else{    System.out.println(fileld.getName()+" value: "+objT);    hql.append(" and "+fileld.getName()+"=?");    SqlParamters.add(objT);        //SqlParamter[i]=objT;    }   }  }  //如果没有任条件的对象 ,则返回所有数据  if(null==SqlParamters||SqlParamters.size()<=0){  return this.getHibernateTemplate().find("from "+objName);  }  //把集合中的数据 转入数组  SqlParamter=new Object[SqlParamters.size()];  for(int i=0;i<SqlParamters.size();i++){   SqlParamter[i]=SqlParamters.get(i);  }  //excute  return this.getHibernateTemplate().find(hql.toString(),SqlParamter);    }  } 



    UserServicesImple.java


    package accp.services.imple;  import java.io.Serializable; import java.util.Iterator; import java.util.List; import java.util.Set;  import org.springframework.orm.hibernate3.support.HibernateDaoSupport;   import accp.bean.Resc; import accp.bean.Role; import accp.bean.User; import accp.dao.UserDao; import accp.dao.imple.BaseDaoImpl; import accp.services.UserServices; /**  *   * @author liangrui  * 基本操做可以调用BaseDao时的方法  * 用户业务处理层  * extends BaseDaoImpl<User,Integer>  *  */  public class UserServicesImple implements UserServices {    private UserDao userDao;//用户数据层接口      public UserDao getUserDao() {   return userDao;  }   public void setUserDao(UserDao userDao) {   this.userDao = userDao;  }   public String sayHello(String name) {   System.out.println("进来了!!!");   return "hello:"+name;  }   public String sayBye(String name) {   // TODO Auto-generated method stub   return "bay:"+name;  }   /**************ajax判断是否有重复名字*********************/  public boolean getAjaxIsUserName(String name) {  return userDao.getAjaxIsUserName(name);  }    /***************************用户登陆***************************/  public User getLogin(User u) {   // TODO Auto-generated method stub   //List<User> list=super.getAll(u);   List list=userDao.getAll(u);      if(null==list||list.size()<=0){   return null;   }else {   return (User) list.get(0);   }     }    /***register***/  public User saveUser(User u){   try {      userDao.save(u);   } catch (Exception e) {    e.printStackTrace();    return null;   }   return u;  }   } 

    struts_user.xml


    <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE struts PUBLIC  "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"  "http://struts.apache.org/dtds/struts-2.3.dtd"> <struts>         <package name="userPackage" namespace="/" extends="struts-default">     <!-- 用户 action --> <action name="user_*" class="userAction" method="{1}" > <result name="success">/userPage.jsp</result> <result name="adminPage">/admin.jsp</result> <result name="indexs">/index.jsp</result> <result name="ok">/userReg/ok.jsp</result> <result name="showUser">/admin/userAuthorities.jsp</result> <result name="error">/userReg/error.jsp</result> <result name="updateEidt">/userReg/updateEdit.jsp</result> <!--  --> <result name="deleteUserOK" type="redirectAction">user_showUserInfo.action</result> <result name="updateOk" type="redirectAction">user_showUserInfo.action</result> <result name="addUsersAndShowRole">/userReg/regsiter.jsp</result>  </action>  <action name="users_*" class="userRegisterAction" method="{1}"> <result name="ok">/userReg/ok.jsp</result> <result name="error">/userReg/error.jsp</result> <result name="input">/userReg/regsiter.jsp</result>  <!--防止表单重提交 --> <result name="invalid.token">/userReg/alert.jsp</result> <interceptor-ref name="token"/> <interceptor-ref name="defaultStack"/>   </action>  </package>   </struts> 

    login.jsp

    <%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html>   <head>     <title>My JSP 'index.jsp' starting page</title>     <style type="text/css">     .errorhide{display: none;}     .error{display: block;}     </style>   </head>    <body> <div style="1200px; text-align: center; margin-top: 150px;"> <div class="error${param.error==true ? '' : 'hide'}"> 登陆失败<br> <font color="red">${sessionScope['SPRING_SECURITY_LAST_EXCEPTION'].message}</font><br/> </div>  <form action="${pageContext.request.contextPath}/j_spring_security_check" method="post" style="260px;text-align:center;"> <fieldset> <legend>登陆</legend> 用户: <input type="text" name="j_username" style="150px;" value="${sessionScope['SPRING_SECURITY_LAST_USERNAME']}"/><br /> 密码: <input type="password" name="j_password" style="150px;" /> <br />     <input type="checkbox" name="_spring_security_remember_me"/>一周之内不必登陆<br />     <input type="submit" value="登陆"/>     <input type="reset" value="重置"/> </fieldset> </form>  <br/>     <a HREF="${pageContext.request.contextPath}/admin.jsp">ADMIN.JSP</a> <br/>      <a HREF="${pageContext.request.contextPath}/userPage.jsp">userPage.jsp</a> <br/>     <a href="j_spring_security_logout">注销用户</a>  </div>                </body> </html> 

    主要代码就这些吧!有兴趣的朋友可以下载源码,全部贴出来,累死个人


  • 相关阅读:
    windows环境下Node.js 和npm(Node Package Manager)的安装
    WiX初阶指导
    Selenium实战——.Net下的自动化测试搭建
    spring boot Websocket(使用笔记)
    【原创】XNA 4.0学习笔记索引
    【原创】XNA 4.0学习知识记录(1)
    【总结】Asp.Net MVC 知识点汇总
    【总结】Asp.net MVC1.0 学习笔记索引
    JPype python调用Java
    比较:Java和python
  • 原文地址:https://www.cnblogs.com/java20131201/p/3476050.html
Copyright © 2011-2022 走看看