package com.berchina.uums.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.context.support.ReloadableResourceBundleMessageSource;
import org.springframework.core.env.Environment;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import javax.annotation.Resource;
/**
* Created by on 16/6/16.
*/
@Configuration
public class SecurityConfig {
@Configuration
@EnableWebSecurity
@PropertySource("classpath:config.properties")
protected static class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private Environment env;
@Bean
public ReloadableResourceBundleMessageSource messageSource() {//本地化(不完全)
ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
messageSource.setBasename("classpath:org/springframework/authentication/messages");
return messageSource;
}
@Autowired
@Qualifier("cerUserDetailsServiceImpl")
private UserDetailsService cerUserDetailsServiceImpl;
@Autowired
@Qualifier("daoUserDetailsServiceImpl")
private UserDetailsService daoUserDetailsServiceImpl;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(daoUserDetailsServiceImpl);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().anyRequest().authenticated()
.and().x509().userDetailsService(cerUserDetailsServiceImpl)
.and().formLogin().loginPage("/login").permitAll()
.and().logout().logoutUrl("/logout").permitAll()
.and().exceptionHandling().accessDeniedPage("/exclude/403");
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/static/**", "/exclude/**");
}
//暴露AuthenticationManager注册成Bean供@EnableGlobalMethodSecurity使用
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
}
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
protected static class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
}
}
springSecurity双模认证
5星 · 超过95%的资源 需积分: 36 80 浏览量
2016-06-16
14:48:55
上传
评论
收藏 107KB ZIP 举报 
testweb.zip (25个子文件) 
pom.xml 10KB
src test java com berchina uums main Main.java 389B controller UserControllerTest.java 1KB org main webapp WEB-INF login.jsp 1KB index.jsp 516B test.jsp 313B exclude 403.jsp 269B 401.jsp 270B static jquery jquery.min.js 91KB jquery-1.10.2.min.map 144KB resources logback.xml 1KB config.properties 321B java com berchina uums config DispatcherServletInitializer.java 2KB SecurityConfig.java 4KB MvcConfig.java 3KB AppConfig.java 555B SecurityWebApplicationInitializer.java 340B web DefaultController.java 367B service DaoUserDetailsServiceImpl.java 774B CerUserDetailsServiceImpl.java 853B etc jetty-http.xml 3KB jetty-https.xml 1KB jetty.xml 9KB jetty-ssl-context.xml 2KB jetty-ssl.xml 3KB资源评论
zhangwei50952016-11-12下来学习搭建 mvc4 还是不错的
superlazy2018-04-09思路可以借鉴。。。。。
