锘??xml version="1.0" encoding="utf-8" standalone="yes"?>污污在线观看,中文字幕在线永久在线视频,一级日本不卡的影视http://www.aygfsteel.com/keweibo/category/43262.htmlAs long as you are there to lead me ,I won't lose my way zh-cnThu, 24 Dec 2009 11:40:05 GMTThu, 24 Dec 2009 11:40:05 GMT60securityfilter-remembermehttp://www.aygfsteel.com/keweibo/articles/307169.htmlKEKEThu, 24 Dec 2009 08:09:00 GMThttp://www.aygfsteel.com/keweibo/articles/307169.htmlhttp://www.aygfsteel.com/keweibo/comments/307169.htmlhttp://www.aygfsteel.com/keweibo/articles/307169.html#Feedback0http://www.aygfsteel.com/keweibo/comments/commentRss/307169.htmlhttp://www.aygfsteel.com/keweibo/services/trackbacks/307169.html
<!DOCTYPE securityfilter-config PUBLIC
    "-//SecurityFilter.org//DTD Security Filter Configuration 2.0//EN"
    "http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd">

<securityfilter-config>

   <security-constraint>
      <web-resource-collection>
         <web-resource-name>Secure Page</web-resource-name>
         <url-pattern>/admin/*.action</url-pattern>
      </web-resource-collection>
      <auth-constraint>
         <role-name>ADMIN</role-name>
      </auth-constraint>
   </security-constraint>

   <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
         <form-login-page>/login_input.action</form-login-page>
         <form-error-page>/loginError.jsp</form-error-page>
         <form-default-page>/index.jsp</form-default-page>
         <!-- logout page definition is important for persistent logins -->
         <form-logout-page>/logout.jsp</form-logout-page>
         <!-- remember-me config -->
         <remember-me className="org.securityfilter.authenticator.persistent.DefaultPersistentLoginManager">
            <!-- optional settings for default persistent login manager -->
            <remember-me-param name="cookieLife" value="15"/>
            <remember-me-param name="protection" value="all"/>
            <remember-me-param name="useIP" value="true"/>
            <remember-me-param name="encryptionAlgorithm" value="DES"/>
            <remember-me-param name="encryptionMode" value="ECB"/>
            <remember-me-param name="encryptionPadding" value="PKCS5Padding"/>
            <!-- encryption keys; customize for each application -->
            <!-- NOTE: these kys must be speciied AFTER other encryption settings -->
            <remember-me-param name="validationKey" value="347382902489402489754895734890347"/>
            <remember-me-param name="encryptionKey" value="347892347028490237487846240673842"/>
         </remember-me>
      </form-login-config>
   </login-config>

   <realm className="gecs.mes.security.SecurityRealm">

   </realm>

</securityfilter-config>

鍙冩暩瑙f瀽
cookieLife (optional) specifies the number of days that you wish to keep the login cookie.  The default if not specified is 15 days)
protection (optional) specifies the type of protection you want for the persisted cookie.  Valid values are: all, validation, encryption, none.  The default is not specified is all.

validationkey (required if protection is all or validation) specifies a key that is combined with the actual cookie data and then used to generate a MD5 hash value.  This hash value is stored with the cookie and then is later used to determine if the cookie has been tampered with.

useIP (optional) (valid only when protection is all or validation) specifies if the clients IP address
is to be used when calculating the validation hash.  Provides extra protection against someone moving a cookie from one machine to another.

encryptionAlgorithm (optional) (valid only when protection is all or encryption)  specifies the encryption algorithm to use when encrypting the cookie values.  The default if not specified is DES.

encryptionMode (optional) (valid only when protection is all or encryption)  specifies the encryption mode to use when encrypting the cookie values.  The default if not specified is ECB.

encryptionPadding (optional) (valid only when protection is all or encryption)  specifies the encryption padding to use when encrypting the cookie values.  The default if not specified is PKCS5Padding.

encryptionkey (required if protection is all or encryption) specifies a key that is used to encrypt and decrypt cookie values.  Should NOT appear before the other encryption* parameters (if specified) in the securityfilter-config.xml file.

IMPORTANT!

A couple of points about this encryption implementation.

- This implementation makes use of the Sun Java Cryptography Extension
(JCE).  The JCE comes as a part of the standard download for Java 1.4  BUT, it?s an optional (separate) download for Java 1.3 and earlier.  If a user is using Java 1.3 or earlier and they want to use the encryption feature then they must download and install (per Sun?s instructions) the Java Cryptography Extension from the Sun website (http://java.sun.com/products/archive/jce/1.2/)

- The default "provider" that comes with JCE is the SunJCE provider.  The SunJCE provider supports the DES, Triple DES, and the Blowfish encryption algorithms.  I have tested this implementation ONLY with the DES algorithm.  I suspect that there may need to be some coding tweaks to get the this implementation to work with other algorithms but I have not yet tried them.
- Other, third-party, JCE providers can be used instead of the SunJCE provider.  See Sun?s website for a complete list of known third-party providers and for instructions on how to change the JCE default provider.

- The standard JCE provides for "strong" encryption.  "Unlimited" encryption is available as a separate download from Sun?s site.  There are some export restrictions on the "unlimited" encryption so if a user chooses to use it they need to understand and adhere to those restrictions.  See Sun?s website for complete details.



KE 2009-12-24 16:09 鍙戣〃璇勮
]]> 主站蜘蛛池模板: 磐石市| 大埔县| 微山县| 新和县| 泽库县| 新安县| 嵩明县| 务川| 图们市| 玉树县| 同江市| 大新县| 桂平市| 原平市| 揭西县| 库尔勒市| 吉林省| 仁布县| 麦盖提县| 扎囊县| 靖边县| 云龙县| 鄢陵县| 高雄县| 九龙坡区| 武川县| 沧州市| 资讯 | 磴口县| 同心县| 三原县| 恩施市| 通辽市| 镇康县| 呼玛县| 新泰市| 嘉鱼县| 海原县| 红桥区| 烟台市| 镇雄县|