ï»??xml version="1.0" encoding="utf-8" standalone="yes"?>国产免费一区二区三区在线观看
,国产日韩中文字幕在线,日韩一区二区久久http://www.aygfsteel.com/mkchen/category/18750.html用开攄¡š„è„‘å去闯è?用开阔的视野åŽÀL‹¼æ?用åã^和的íw«å¿ƒåŽÈ£¨¾l?用美好的ç†æƒ³åŽ»è¿½æ±?zh-cnWed, 28 Feb 2007 07:48:02 GMTWed, 28 Feb 2007 07:48:02 GMT60- [转]Acegi½Ž€ä»?/title><link>http://www.aygfsteel.com/mkchen/archive/2006/12/27/90397.html</link><dc:creator>‹¹äh€?/dc:creator><author>‹¹äh€?/author><pubDate>Wed, 27 Dec 2006 15:20:00 GMT</pubDate><guid>http://www.aygfsteel.com/mkchen/archive/2006/12/27/90397.html</guid><wfw:comment>http://www.aygfsteel.com/mkchen/comments/90397.html</wfw:comment><comments>http://www.aygfsteel.com/mkchen/archive/2006/12/27/90397.html#Feedback</comments><slash:comments>0</slash:comments><wfw:commentRss>http://www.aygfsteel.com/mkchen/comments/commentRss/90397.html</wfw:commentRss><trackback:ping>http://www.aygfsteel.com/mkchen/services/trackbacks/90397.html</trackback:ping><description><![CDATA[
<a >matrixeditor</a> å‘表äº?2005-07-28 11:06:41<br />作è€?Matrixeditor    æ¥æº:BEA dev2dev<br />评论æ•?4 点击æ•?6,815    投票æ€Õd¾—åˆ?8 投票æ€ÖMh‹Æ?3<br />关键å? <!-- end of div title --><div id="wmqeeuq" class="summary"><div id="wmqeeuq" class="left"></div><div id="wmqeeuq" class="center"><h4>摘è¦:</h4>Acegi安全¾pÈ»ŸåQŒæ˜¯ä¸€ä¸ªç”¨äºŽSpring Framework的安全框æžÓž¼Œèƒ½å¤Ÿå’Œç›®å‰æµè¡Œçš„Webå®¹å™¨æ— ç¼é›†æˆã€‚它使用了Springçš„æ–¹å¼æ供了安全和认è¯å®‰å…¨æœåŠ¡ï¼ŒåŒ…括使用Bean ContextåQŒæ‹¦æˆªå™¨å’Œé¢å‘接å£çš„¾~–程方å¼ã€‚å› æ¤ï¼ŒAcegi安全¾pÈ»Ÿèƒ½å¤Ÿè½ÀL¾åœ°é€‚用于å¤æ‚的安全需求ã€?</div><div id="wmqeeuq" class="right"><div id="wmqeeuq" class="help"><h4>工具½Ž?/h4><a >本站收è—</a><br /><a onclick="javascript:location. >¾ŸŽå‘³ä¹¦ç¾</a><br /><a >投票评分</a><br /><a >å‘表评论</a><br /><a title="点击åŽç›´æŽ¥ç²˜è´´å³å? onclick="copyLink();" >å¤åˆ¶é“¾æŽ¥</a><br /></div></div></div><!-- end of summary line --><div id="wmqeeuq" class="overflow" id="text">          Acegi安全¾pÈ»ŸåQŒæ˜¯ä¸€ä¸ªç”¨äºŽSpring Framework的安全框æžÓž¼Œèƒ½å¤Ÿå’Œç›®å‰æµè¡Œçš„Webå®¹å™¨æ— ç¼é›†æˆã€‚它使用了Springçš„æ–¹å¼æ供了安全和认è¯å®‰å…¨æœåŠ¡ï¼ŒåŒ…括使用Bean ContextåQŒæ‹¦æˆªå™¨å’Œé¢å‘接å£çš„¾~–程方å¼ã€‚å› æ¤ï¼ŒAcegi安全¾pÈ»Ÿèƒ½å¤Ÿè½ÀL¾åœ°é€‚用于å¤æ‚的安全需求ã€?br />      安全涉åŠåˆîC¸¤ä¸ªä¸åŒçš„概念åQŒè®¤è¯å’ŒæŽˆæƒã€‚å‰è€…是关于¼‹®è®¤ç”¨æˆ·æ˜¯å¦¼‹®å®žæ˜¯ä»–们所宣称的èín份。授æƒåˆ™æ˜¯å…³äºŽç¡®è®¤ç”¨æˆäh˜¯å¦æœ‰å…许执行一个特定的æ“作ã€?br />      在Acegi安全¾pÈ»Ÿä¸ï¼Œéœ€è¦è¢«è®¤è¯çš„用æˆøP¼Œ¾pÈ»Ÿæˆ–代ç†ç§°ä¸?Principal"。Acegi安全¾pÈ»Ÿå’Œå…¶ä»–的安全¾pÈ»Ÿä¸åŒåQŒå®ƒòq¶æ²¡æœ‰è§’色和用户¾l„的概念ã€?br />Acegi¾pÈ»Ÿè®¾è®¡<br />  关键¾l„äšg<br />      Acegi安全¾pÈ»ŸåŒ…å«ä»¥ä¸‹ä¸ƒä¸ªå…³é”®çš„功能组ä»Óž¼š<br />        1 Authentication对象åQŒåŒ…å«äº†PrincipalåQŒCredentialå’ŒPrincipal的授æƒä¿¡æ¯ã€‚åŒæ—¶è¿˜å¯ä»¥åŒ…å«å…³äºŽå‘è“v认è¯è¯äh±‚的客æˆïLš„其他信æ¯åQŒå¦‚IP地å€ã€?br />        2 ContextHolder对象åQŒä‹É用ThreadLocal储å˜Authentication对象的地æ–V€?br />        3 AuthenticationManageråQŒç”¨äºŽè®¤è¯ContextHolderä¸çš„Authentication对象ã€?br />        4 AccessDecissionManageråQŒç”¨äºŽæŽˆæƒä¸€ä¸ªç‰¹å®šçš„æ“作ã€?br />        5 RunAsManageråQŒå½“执行特定的æ“作时åQŒç”¨äºŽé€‰æ‹©æ€§åœ°æ›¿æ¢Authentication对象ã€?br />        6 Secure Object拦截器,用于åè°ƒAuthenticationManageråQŒAccessDecissionManageråQŒRunAsManager和特定æ“作的执行ã€?br />        7 ObjectDefinitionSourceåQŒåŒ…å«äº†ç‰¹å®šæ“作的授æƒå®šä¹‰ã€?br />      ˜q™ä¸ƒä¸ªå…³é”®çš„功能¾l„äšgçš„å…³¾pÕd¦‚下图所½Cºï¼ˆå›¾ä¸ç°è‰²éƒ¨åˆ†æ˜¯å…³é”®ç»„ä»Óž¼‰åQ?br /><br /><br /><b>安全½Ž¡ç†å¯¹è±¡</b><br />      Acegi安全¾pÈ»Ÿç›®å‰æ”¯æŒä¸¤ç±»å®‰å…¨½Ž¡ç†å¯¹è±¡ã€?br />      ½W¬ä¸€¾cÈš„安全½Ž¡ç†å¯¹è±¡½Ž¡ç†AOP Allianceçš„MethodInvocationåQŒå¼€å‘äh员å¯ä»¥ç”¨å®ƒæ¥ä¿æŠ¤Spring容器ä¸çš„业务对象。äؓ了ä‹ÉSpring½Ž¡ç†çš„Beanå¯ä»¥ä½œäØ“MethodInvocationæ¥ä‹É用,Beanå¯ä»¥é€šè¿‡ProxyFactoryBeanå’ŒBeanNameAutoProxyCreatoræ¥ç®¡ç†ï¼Œž®±åƒåœ¨Spring的事务管ç†ä¸€æ ·ä‹É用ã€?br />      ½W¬äºŒ¾cÀL˜¯FilterInvocation。它用过滤器åQˆFilteråQ‰æ¥åˆ›å¾åQŒåƈ½Ž€å•åœ°åŒ…装了HTTPçš„ServletRequeståQŒServletResponseå’ŒFilterChain。FilterInvocationå¯ä»¥ç”¨æ¥ä¿æŠ¤HTTP资æºã€‚通常åQŒå¼€å‘äh员åƈä¸éœ€è¦äº†è§£å®ƒçš„工作机åˆÓž¼Œå› äؓ他们åªéœ€è¦å°†FilteråŠ å…¥web.xmlåQŒAcegi安全¾pÈ»Ÿž®±å¯ä»¥å·¥ä½œäº†ã€?br /><br /><b>安全é…ç½®å‚æ•°</b><br />      æ¯ä¸ªå®‰å…¨½Ž¡ç†å¯¹è±¡éƒ½å¯ä»¥æ˜q°æ•°é‡ä¸é™çš„å„ç§å®‰å…¨è®¤è¯è¯äh±‚。例如,MethodInvocation对象å¯ä»¥æ述带有ä»ÀL„å‚æ•°çš„ä“Qæ„方法的调用åQŒè€ŒFilterInvocationå¯ä»¥æè¿°ä»ÀL„çš„HTTP URLã€?br />      Acegi安全¾pÈ»Ÿéœ€è¦è®°å½•åº”用于æ¯ä¸ªè®¤è¯è¯äh±‚的安全酾|®å‚数。例如,对于BankManager.getBalanceåQˆint accountNumberåQ‰æ–¹æ³•å’ŒBankManager.approveLoanåQˆint applicationNumberåQ‰æ–¹æ³•ï¼Œå®ƒä»¬éœ€è¦çš„认è¯è¯äh±‚的安全酾|®å¾ˆä¸ç›¸åŒã€?br />      ä¸ÞZº†ä¿å˜ä¸åŒçš„认è¯è¯·æ±‚的安全é…ç½®åQŒéœ€è¦ä‹É用酾|®å‚数。从实现的视角æ¥çœ‹ï¼Œé…ç½®å‚数使用ConfigAttribute接å£æ¥è¡¨½Cºã€‚Acegi安全¾pÈ»Ÿæ供了ConfigAttribute接å£çš„一个实玎ͼŒSecurityConfigåQŒå®ƒæŠŠé…¾|®å‚æ•îC¿å˜äؓ一个嗽W¦ä¸²ã€?br />      ConfigAttributeDefinition¾cÀL˜¯ConfigAttribute对象的一个简å•çš„容器åQŒå®ƒä¿å˜äº†å’Œç‰¹å®šè¯äh±‚相关的ConfigAttribute的集åˆã€?br />      当安全拦截器收到一个安全认è¯è¯·æ±‚æ—¶åQŒéœ€è¦å†³å®šåº”用哪一个酾|®å‚数。æ¢å¥è¯è¯ß_¼Œå®ƒéœ€è¦æ‰¾å‡ºåº”用于˜q™ä¸ªè¯äh±‚çš„ConfigAttributeDefinition对象。这个查扄¡š„˜q‡ç¨‹æ˜¯ç”±ObjectDefinitionSource接å£æ¥å¤„ç†çš„。这个接å£çš„主è¦æ–ÒŽ³•æ˜¯public ConfigAttributeDefinition getAttributes(Object object)åQŒå…¶ä¸Objectå‚数是一个安全管ç†å¯¹è±¡ã€‚å› ä¸ºå®‰å…¨ç®¡ç†å¯¹è±¡åŒ…å«æœ‰è®¤è¯è¯äh±‚的详¾l†ä¿¡æ¯ï¼Œæ‰€ä»¥ObjectDefinitionSource接å£çš„实现类å¯ä»¥ä»Žä¸èŽ·å¾—所需的详¾l†ä¿¡æ¯ï¼Œä»¥æŸ¥æ‰„¡›¸å…³çš„ConfigAttributeDefiniton对象ã€?br /><br /><br /><b>Acegi如何工作</b><br />      ä¸ÞZº†è¯´æ˜ŽAcegi安全¾pÈ»Ÿå¦‚何工作åQŒæˆ‘们设想一个ä‹É用Acegi的例å。通常åQŒä¸€ä¸ªå®‰å…¨ç³»¾lŸéœ€è¦å‘挥作用,它必™åÕd®Œæˆä»¥ä¸‹çš„工作åQ?br />      1 首先åQŒç³»¾lŸä»Žå®¢æˆ·ç«¯è¯·æ±‚ä¸èŽ·å¾—Principalå’ŒCredentialåQ?br />      2 然厾pÈ»Ÿè®¤è¯Principalå’ŒCredentialä¿¡æ¯åQ?br />      3 如果认è¯é€šè¿‡åQŒç³»¾lŸå–出Principal的授æƒä¿¡æ¯ï¼›<br />      4 接下æ¥ï¼Œå®¢æˆ·ç«¯å‘èµäh“作请求;<br />      5 ¾pÈ»Ÿæ ÒŽ®é¢„å…ˆé…置的å‚数检查Principal对于该æ“作的授æƒåQ?br />      6 如果授惋‚€æŸ¥é€šè¿‡åˆ™æ‰§è¡Œæ“作,å¦åˆ™æ‹’ç»ã€?br />      那么åQŒAcegi安全¾pÈ»Ÿæ˜¯å¦‚何完æˆè¿™äº›å·¥ä½œçš„呢?首先åQŒæˆ‘们æ¥çœ‹çœ‹Acegi安全¾pÈ»Ÿçš„认è¯å’ŒæŽˆæƒçš„相关类åQ?<br />      安全拦截器的抽象基类åQŒå®ƒåŒ…å«æœ‰ä¸¤ä¸ªç®¡ç†ç±»åQŒAuthenticationManagerå’ŒAccessDecisionManager。AuthenticationManager用于认è¯ContextHolderä¸çš„Authentication对象åQˆåŒ…å«äº†PrincipalåQŒCredentialå’ŒPrincipal的授æƒä¿¡æ¯ï¼‰åQ›AccessDecissionManager则用于授æƒä¸€ä¸ªç‰¹å®šçš„æ“作ã€?br /><br />      下é¢æ¥çœ‹ä¸€ä¸ªMethodSecurityInterceptor的例å:<br /><pre class="overflow">      <bean id="bankManagerSecurity" <br />                    class="net.sf.acegisecurity.intercept.method.MethodSecurityInterceptor"><br />            <property name="validateConfigAttributes"><br />                    <value>true</value><br />            </property><br />            <property name="authenticationManager"><br />                  <ref bean="authenticationManager"/><br />            </property><br />            <property name="accessDecisionManager"><br />                  <ref bean="accessDecisionManager"/><br />            </property><br />            <property name="objectDefinitionSource"><br />                  <value><br />                    net.sf.acegisecurity.context.BankManager.delete*=<br />                            ROLE_SUPERVISOR,RUN_AS_SERVER<br />                    net.sf.acegisecurity.context.BankManager.getBalance=<br />                            ROLE_TELLER,ROLE_SUPERVISOR,BANKSECURITY_CUSTOMER,RUN_<br />                  </value><br />            </property><br />      </bean> </pre><br />      上é¢çš„é…¾|®æ–‡ä»¶ä¸åQŒMethodSecurityInterceptor是AbstractSecurityInterceptor的一个实现类。它包å«äº†ä¸¤ä¸ªç®¡ç†å™¨åQŒauthenticationManagerå’ŒaccessDecisionManager。这两者的é…置如下åQ?br />      <pre class="overflow"><bean id="authenticationDao" class="net.sf.acegisecurity.providers.dao.jdbc.JdbcDaoImpl"><br />              <property name="dataSource"><ref bean="dataSource"/></property><br />      </bean><br />      <bean id="daoAuthenticationProvider" <br />                    class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider"><br />              <property name="authenticationDao"><ref bean="authenticationDao"/></property><br />      </bean><br />      <bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager"><br />              <property name="providers"><br />                      <list><ref bean="daoAuthenticationProvider"/></list><br />              </property><br />      </bean><br />      <bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/><br />      <bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased"><br />              <property name="allowIfAllAbstainDecisions"><value>false</value></property><br />              <property name="decisionVoters"><br />                      <list><ref bean="roleVoter"/></list><br />              </property><br />      </bean></pre><br /><br />      准备工作åšå¥½äº†ï¼ŒçŽ°åœ¨æˆ‘们æ¥çœ‹çœ‹Acegi安全¾pÈ»Ÿæ˜¯å¦‚何实现认è¯å’ŒæŽˆæƒæœºåˆ¶çš„。以使用HTTP BASIC认è¯çš„应用äؓ例ååQŒå®ƒåŒ…括下é¢çš„æ¥éª¤ï¼š<br />      1. 用户ç™Õd½•¾pÈ»ŸåQŒAcegi从acegisecurity.uiåç³»¾lŸçš„安全拦截器(如BasicProcessingFilteråQ‰ä¸å¾—到用户的登录信æ¯ï¼ˆåŒ…括Principalå’ŒCredentialåQ‰åƈ攑օ¥Authentication对象åQŒåƈä¿å˜åœ¨ContextHolder对象ä¸ï¼›<br />      2. 安全拦截器将Authentication对象交给AuthenticationManager˜q›è¡Œíw«ä†¾è®¤è¯åQŒå¦‚果认è¯é€šè¿‡åQŒè¿”回带有Principal授æƒä¿¡æ¯çš„Authentication对象。æ¤æ—¶ContextHolder对象的Authentication对象已拥有Principal的详¾l†ä¿¡æ¯ï¼›<br />      3. 用户ç™Õd½•æˆåŠŸåŽï¼Œ¾l§ç®‹˜q›è¡Œä¸šåŠ¡æ“作åQ?br />      4. 安全拦截器(bankManagerSecurityåQ‰æ”¶åˆ°å®¢æˆïL«¯æ“作è¯äh±‚åŽï¼Œž®†æ“作请求的数æ®åŒ…装æˆå®‰å…¨ç®¡ç†å¯¹è±¡ï¼ˆFilterInvocation或MethodInvocation对象åQ‰ï¼›<br />      5. 然åŽåQŒä»Žé…置文äšgåQˆObjectDefinitionSourceåQ‰ä¸è¯Õd‡ºç›¸å…³çš„安全酾|®å‚æ•°ConfigAttributeDefinitionåQ?br />      6. 接ç€åQŒå®‰å…¨æ‹¦æˆªå™¨å–出ContextHolderä¸çš„Authentication对象åQŒæŠŠå®ƒä¼ 递给AuthenticationManager˜q›è¡Œíw«ä†¾è®¤è¯åQŒåƈ用返回值更新ContextHolderçš„Authentication对象åQ?br />      7. ž®†Authentication对象åQŒConfigAttributeDefinition对象和安全管ç†å¯¹è±¡ï¼ˆsecure ObjectåQ‰äº¤¾l™AccessDecisionManageråQŒæ£€æŸ¥Principalçš„æ“作授æƒï¼›<br />      8. 如果授惋‚€æŸ¥é€šè¿‡åˆ™æ‰§è¡Œå®¢æˆïL«¯è¯äh±‚çš„æ“作,å¦åˆ™æ‹’ç»åQ?br /><br /><b>AccessDecisionVoter</b><br />      注æ„上节的accessDecisionManager是一个AffirmativeBased¾c»ï¼Œå®ƒå¯¹äºŽç”¨æˆähŽˆæƒçš„投票½{–略是,åªè¦é€šè¿‡å…¶ä¸çš„一个授æƒæŠ•¼œ¨æ£€æŸ¥ï¼Œå›_¯é€šè¿‡åQ›å®ƒçš„allowIfAllAbstainDecisions属性值是falseåQŒæ„æ€æ˜¯å¦‚果所有的授æƒæŠ•ç¥¨æ˜¯éƒ½æ˜¯å¼ƒæƒï¼Œåˆ™é€šä¸˜q‡æŽˆæƒæ£€æŸ¥ã€?br />      Acegi安全¾pÈ»ŸåŒ…æ‹¬äº†å‡ ä¸ªåŸºäºŽæŠ•¼œ¨ç–略的AccessDecisionManageråQŒä¸ŠèŠ‚çš„RoleVoterž®±æ˜¯å…¶ä¸çš„一个投¼œ¨ç–略实玎ͼŒå®ƒæ˜¯AccessDecisionVoter的一个å¾c…R€‚AccessDecisionVoter的具体实现类通过投票æ¥è¿›è¡ŒæŽˆæƒå†³½{–,AccessDecisionManageråˆ™æ ¹æ®æŠ•¼œ¨ç»“æžœæ¥å†›_®šæ˜¯é€šè¿‡æŽˆæƒ‹‚€æŸ¥ï¼Œ˜q˜æ˜¯æŠ›å‡ºAccessDeniedException例外ã€?br />      AccessDecisionVoter接å£å…±æœ‰ä¸‰ä¸ªæ–ÒŽ³•åQ?br />public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config);<br />public boolean supports(ConfigAttribute attribute);<br />public boolean supports(Class clazz);<br />      其ä¸çš„voteæ–ÒŽ³•˜q”回int˜q”回å€û|¼Œå®ƒä»¬æ˜¯AccessDecisionVoter的三个é™æ€æˆå‘˜å±žæ€§ï¼šACCESS_ABSTAIN,åQŒACCESS_DENIEDå’ŒACCESS_GRANTEDåQŒå®ƒä»¬åˆ†åˆ«æ˜¯å¼ƒæƒåQŒå¦å†›_’Œèµžæˆã€?br />      Acegi安全¾pÈ»Ÿä¸ï¼Œä½¿ç”¨æŠ•ç¥¨½{–略的AccessDecisionManager共有三个具体实现¾c»ï¼šAffirmativeBasedã€ConsensusBasedå’ŒUnanimousBased。它们的投票½{–略是,AffirmativeBased¾cÕdªéœ€æœ‰ä¸€ä¸ªæŠ•¼œ¨èµžæˆå³å¯é€šè¿‡åQ›ConsensusBased¾c»éœ€è¦å¤§å¤šæ•°æŠ•ç¥¨èµžæˆå›_¯é€šè¿‡åQ›è€ŒUnanimousBased¾c»éœ€è¦æ‰€æœ‰çš„投票赞æˆæ‰èƒ½é€šè¿‡ã€?br />      RoleVoter¾cÀL˜¯ä¸€ä¸ªAcegi安全¾pÈ»ŸAccessDecisionVoter接å£çš„实现。如果ConfigAttribute以ROLE_å¼€å¤ß_¼ŒRoleVoter则进行投¼œ¨ã€‚如果GrantedAuthorityçš„getAutorityæ–ÒŽ³•çš„String˜q”回值匹é…一个或多个以ROLE_开头的ConfigAttributeåQŒåˆ™æŠ•ç¥¨é€šè¿‡åQŒå¦åˆ™ä¸é€šè¿‡ã€‚如果没有以ROLE_开头的ConfigAttributeåQŒRoleVoter则弃æƒã€?br /><br /><b>安全拦截å™?/b><br />  拦截器如何工ä½?br />  MethodInvocation拦截å™?br />  FilterInvocation拦截å™?br />认è¯<br />  认è¯è¯äh±‚<br />  认诽Ž¡ç†å™?br />  Authentication Provider<br />授æƒ<br />  Access Decision Manager<br />  Voting Decision Manager<br />  授惽Ž¡ç†æŽ¨è<br />ContextHolder的用æˆähŽ¥å?br />  用户接å£ç›®æ ‡<br />  HTTP会è¯è®¤è¯<br />  HTTP Basic认è¯<br /><br />1ã€Log4j的概å¿?br />  Log4jä¸æœ‰ä¸‰ä¸ªä¸»è¦çš„组ä»Óž¼Œå®ƒä»¬åˆ†åˆ«æ˜¯Loggerã€Appenderå’ŒLayoutåQŒLog4j å…许开å‘äh员定义多个LoggeråQŒæ¯ä¸ªLogger拥有自己的åå—,Logger之间通过åå—æ¥è¡¨æ˜Žéš¶å±žå…³¾p…R€‚有一个Logger¿UîCØ“RootåQŒå®ƒæ°¸è¿œ å˜åœ¨åQŒä¸”ä¸èƒ½é€šè¿‡åå—‹‚€ç´¢æˆ–引用åQŒå¯ä»¥é€šè¿‡Logger.getRootLogger()æ–ÒŽ³•èŽ·å¾—åQŒå…¶å®ƒLogger通过 Logger.getLogger(String name)æ–ÒŽ³•ã€?br />  Appender则是用æ¥æŒ‡æ˜Žž®†æ‰€æœ‰çš„logä¿¡æ¯å˜æ”¾åˆîC»€ä¹ˆåœ°æ–¹ï¼ŒLog4jä¸æ”¯æŒå¤š¿UappenderåQŒå¦‚ consoleã€filesã€GUI componentsã€NT Event Loggers½{‰ï¼Œä¸€ä¸ªLoggerå¯ä»¥æ‹¥æœ‰å¤šä¸ªAppenderåQŒä¹Ÿž®±æ˜¯ä½ æ—¢å¯ä»¥ž®†Logä¿¡æ¯è¾“出到å±òq•ï¼ŒåŒæ—¶å˜å‚¨åˆîC¸€ä¸ªæ–‡ä»¶ä¸ã€?br />  Layout的作用是控制Logä¿¡æ¯çš„输出方å¼ï¼Œä¹Ÿå°±æ˜¯æ ¼å¼åŒ–输出的信æ¯ã€?br />  Log4jä¸å°†è¦è¾“出的Logä¿¡æ¯å®šä¹‰äº?¿Uçñ”别,ä¾æ¬¡ä¸ºDEBUGã€INFOã€WARNã€ERRORå’ŒFATALåQŒå½“输出æ—Óž¼Œåªæœ‰¾U§åˆ«é«˜è¿‡é…ç½®ä¸è§„定的 ¾U§åˆ«çš„ä¿¡æ¯æ‰èƒ½çœŸæ£çš„输出åQŒè¿™æ ·å°±å¾ˆæ–¹ä¾¿çš„æ¥é…¾|®ä¸åŒæƒ…况下è¦è¾“出的内容åQŒè€Œä¸éœ€è¦æ›´æ”¹ä»£ç ,˜q™ç‚¹å®žåœ¨æ˜¯æ–¹ä¾¿å•Šã€?br /><br />2ã€Log4jçš„é…¾|®æ–‡ä»?br />  虽然å¯ä»¥ä¸ç”¨é…置文äšgåQŒè€Œåœ¨½E‹åºä¸å®žçŽ°é…¾|®ï¼Œä½†è¿™¿U方法在如今的系¾lŸå¼€å‘ä¸æ˜„¡„¶æ˜¯ä¸å¯å–的,能采用酾|®æ–‡ä»¶çš„地方一定一定è¦ç”¨é…¾|®æ–‡ä»¶ã€‚Log4j支æŒä¸?¿Uæ ¼å¼çš„é…置文äšgåQšXMLæ ¼å¼å’ŒJavaçš„propertyæ ¼å¼åQŒæœ¬äººæ›´å–œæ¬¢åŽè€…,首先看一个简å•çš„例åå§ï¼Œå¦‚下åQ?br /><br /><pre class="overflow"> log4j.rootLogger=debug, stdout, R<br />  log4j.appender.stdout=org.apache.log4j.ConsoleAppender<br />  log4j.appender.stdout.layout=org.apache.log4j.PatternLayout<br /><br />  # Pattern to output the caller's file name and line number.<br />  log4j.appender.stdout.layout.ConversionPattern=%5p [%t] (%F:%L) - %m%n<br /><br />  log4j.appender.R=org.apache.log4j.RollingFileAppender<br />  log4j.appender.R.File=example.log<br />  log4j.appender.R.MaxFileSize=100KB<br /><br />  # Keep one backup file<br />  log4j.appender.R.MaxBackupIndex=1<br /><br />  log4j.appender.R.layout=org.apache.log4j.PatternLayout<br />  log4j.appender.R.layout.ConversionPattern=%p %t %c - %m%n</pre>        <br /><br />  首先åQŒæ˜¯è®„¡½®rootåQŒæ ¼å¼äØ“ log4j.rootLogger=[level],appenderName, ...åQŒå…¶ä¸levelž®±æ˜¯è®„¡½®éœ€è¦è¾“å‡ÞZ¿¡æ¯çš„¾U§åˆ«åQŒåŽé¢æ˜¯appender的输出的目的圎ͼŒappenderNamež®±æ˜¯æŒ‡å®šæ—¥å¿—ä¿¡æ¯è¾“出到哪个地æ–V€‚您å¯ä»¥åŒæ—¶æŒ‡å®šå¤šä¸ªè¾“出目的地。酾|®æ—¥å¿—ä¿¡æ¯è¾“出目的地AppenderåQŒå…¶è¯æ³•ä¸?br />  log4j.appender.appenderName = fully.qualified.name.of.appender.class<br />  log4j.appender.appenderName.option1 = value1<br />  ...<br />  log4j.appender.appenderName.option = valueN<br />Log4jæ供的appenderæœ‰ä»¥ä¸‹å‡ ¿U:<br />  org.apache.log4j.ConsoleAppenderåQˆæŽ§åˆ¶å°åQ?br />  org.apache.log4j.FileAppenderåQˆæ–‡ä»Óž¼‰<br />  org.apache.log4j.DailyRollingFileAppenderåQˆæ¯å¤©äñ”生一个日志文ä»Óž¼‰<br />  org.apache.log4j.RollingFileAppenderåQˆæ–‡ä»¶å¤§ž®åˆ°è¾¾æŒ‡å®šå°ºå¯¸çš„时候äñ”生新文äšgåQ?br />  org.apache.log4j.WriterAppenderåQˆå°†æ—¥å¿—ä¿¡æ¯ä»¥æµæ ¼å¼å‘é€åˆ°ä»ÀL„指定的地方)<br />é…置日志信æ¯çš„æ ¼å¼ï¼ˆå¸ƒå±€åQ‰ï¼Œå…¶è¯æ³•äØ“åQ?br />  log4j.appender.appenderName.layout = fully.qualified.name.of.layout.class<br />  log4j.appender.appenderName.layout.option1 = value1<br />  ....<br />  log4j.appender.appenderName.layout.option = valueN<br />Log4jæ供的layoutæœ‰ä»¥ä¸‹å‡ ¿U:<br />  org.apache.log4j.HTMLLayoutåQˆä»¥HTMLè¡¨æ ¼å½¢å¼å¸ƒå±€åQ‰ï¼Œ<br />  org.apache.log4j.PatternLayoutåQˆå¯ä»¥çµ‹zÕdœ°æŒ‡å®šå¸ƒå±€æ¨¡å¼åQ‰ï¼Œ<br />  org.apache.log4j.SimpleLayoutåQˆåŒ…å«æ—¥å¿—ä¿¡æ¯çš„¾U§åˆ«å’Œä¿¡æ¯å—½W¦ä¸²åQ‰ï¼Œ<br />  org.apache.log4j.TTCCLayoutåQˆåŒ…å«æ—¥å¿—äñ”生的旉™—´ã€çº¿½E‹ã€ç±»åˆ«ç‰½{‰ä¿¡æ¯ï¼‰ <br /><br />3ã€Log4j在程åºä¸çš„ä‹Éç”?br />  è¦åœ¨è‡ªå·±çš„ç±»ä¸ä‹É用Log4jåQŒé¦–先声明一个é™æ€å˜é‡Logger logger=Logger.getLog("classname")åQ›åœ¨ä½¿ç”¨ä¹‹å‰åQŒç”¨PropertyConfigurator.configure ("é…置文äšg")é…置一下,现在ž®±å¯ä»¥ä‹É用了åQŒç”¨æ³•å¦‚下:logger.debug("debug message")或者logger.info("info message")åQŒçœ‹ä¸‹é¢ä¸€ä¸ªå°ä¾‹ååQ?br /><br /><pre class="overflow"> import com.foo.Bar;<br />  import org.apache.log4j.Logger;<br />  import org.apache.log4j.PropertyConfigurator;<br />  public class MyApp {<br />    static Logger logger = Logger.getLogger(MyApp.class.getName());<br />    public static void main(String[] args) {<br />      // BasicConfigurator replaced with PropertyConfigurator.<br />      PropertyConfigurator.configure(args[0]);<br />      logger.info("Entering application.");<br />      Bar bar = new Bar();<br />      bar.doIt();<br />      logger.info("Exiting application.");<br />    }<br />  }</pre><br /><br /><br />[½Ž€ä»‹]<br /><br />对于一个典型的Web应用åQŒå®Œå–„的认è¯å’ŒæŽˆæƒæœºåˆ¶æ˜¯å¿…ä¸å¯å°‘的,在SpringFrameworkä¸ï¼ŒJuergen Hoelleræ供的范例JPetStore¾l™äº†ä¸€äº›è¿™æ–šw¢çš„介¾l,但还˜qœè¿œä¸å¤ŸåQŒAcegi是一个专门äØ“SpringFrameworkæ供安全机制çš?™å¹ç›®åQŒå…¨¿UîCØ“Acegi Security System for SpringåQŒå½“å‰ç‰ˆæœ¬äØ“0.5.1åQŒå°±å…¶ç›®å‰æ供的功能åQŒåº”该å¯ä»¥æ»¡‘³ç»å¤§å¤šæ•°åº”用的需求ã€?br /><br />本文的主è¦ç›®çš„是希望能够说明如何在基于Spring构架的Web应用ä¸ä‹É用AcegiåQŒè€Œä¸æ˜¯è¯¦¾l†ä»‹¾lå…¶ä¸çš„æ¯ä¸ªæŽ¥å£ã€æ¯ä¸ªç±»ã€‚注æ„,å³ä‹É对已¾lå˜åœ¨çš„Spring应用åQŒé€šè¿‡ä¸‹é¢ä»‹ç»çš„æ¥éª¤ï¼Œä¹Ÿå¯ä»¥é©¬ä¸Šäínå—到Acegiæ供的认è¯å’ŒæŽˆæƒã€?br /><br />[基础工作]<br />åœ¨ä½ çš„Web应用的libä¸æ·»åŠ Acegi下è²åŒ…ä¸çš„acegi-security.jar<br /><br />[web.xml]<br />实现认è¯å’ŒæŽˆæƒçš„最常用的方法是通过filteråQŒAcegi亦是如æ¤åQŒé€šå¸¸Acegi需è¦åœ¨web.xmlæ·ÕdŠ 以下5个filter:<br /><br /><pre class="overflow"><filter><br />  <filter-name>Acegi Channel Processing Filter</filter-name><br />  <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class><br />  <init-param><br />    <param-name>targetClass</param-name><br />    <param-value>net.sf.acegisecurity.securechannel.ChannelProcessingFilter</param-value><br />  </init-param><br /></filter><br /><filter><br />  <filter-name>Acegi Authentication Processing Filter</filter-name><br />  <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class><br />  <init-param><br />    <param-name>targetClass</param-name><br />    <param-value>net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter</param-value><br />  </init-param><br /></filter><br /><filter><br />  <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name><br />  <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class><br />  <init-param><br />    <param-name>targetClass</param-name><br />    <param-value>net.sf.acegisecurity.ui.basicauth.BasicProcessingFilter</param-value><br />  </init-param><br /></filter><br /><filter><br />  <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name><br />  <filter-class>net.sf.acegisecurity.ui.AutoIntegrationFilter</filter-class><br /></filter><br /><filter><br />  <filter-name>Acegi HTTP Request Security Filter</filter-name><br />  <filter-class>net.sf.acegisecurity.util.FilterToBeanProxy</filter-class><br />  <init-param><br />    <param-name>targetClass</param-name><br />    <param-value>net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter</param-value><br />  </init-param><br /></filter></pre><br /><br />最先引赯‚¿·æƒ‘的是net.sf.acegisecurity.util.FilterToBeanProxyåQŒAcegi自己的文档上解释是: “What  FilterToBeanProxy does is delegate the Filter's methods through to a bean which is obtained from the <br />Spring application context. This enables the bean to benefit from the Spring application context lifecycle support and configuration flexibility.â€ï¼Œå¦‚希望深½I¶çš„è¯ï¼ŒåŽÈœ‹çœ‹æºä»£ç 应该ä¸éš¾ç†è§£ã€?br /><br />å†ä¸‹æ¥å°±æ˜¯æ·»åŠ filter-mapping了:<br /><pre class="overflow"><filter-mapping><br />  <filter-name>Acegi Channel Processing Filter</filter-name><br />  <url-pattern>/*</url-pattern><br /></filter-mapping><br /><filter-mapping><br />  <filter-name>Acegi Authentication Processing Filter</filter-name><br />  <url-pattern>/*</url-pattern><br /></filter-mapping><br /><filter-mapping><br />  <filter-name>Acegi HTTP BASIC Authorization Filter</filter-name><br />  <url-pattern>/*</url-pattern><br /></filter-mapping><br /><filter-mapping><br />  <filter-name>Acegi Security System for Spring Auto Integration Filter</filter-name><br />  <url-pattern>/*</url-pattern><br /></filter-mapping><br /><filter-mapping><br />  <filter-name>Acegi HTTP Request Security Filter</filter-name><br />  <url-pattern>/*</url-pattern><br /></filter-mapping></pre><br /><br />˜q™é‡ŒåQŒéœ€è¦æ³¨æ„以下两点:<br />1) ˜q™å‡ 个filter的顺åºæ˜¯ä¸èƒ½æ›´æ”¹çš„,™åºåºä¸å¯¹ž®†æ— 法æ£å¸¸å·¥ä½œï¼›<br />2) å¦‚æžœä½ çš„åº”ç”¨ä¸éœ€è¦å®‰å…¨ä¼ 输,如httpsåQŒåˆ™ž®?Acegi Channel Processing Filter"相关内容注释掉å³å¯ï¼›<br />3) å¦‚æžœä½ çš„åº”ç”¨ä¸éœ€è¦Springæ供的远½E‹è®¿é—®æœºåˆÓž¼Œå¦‚Hessian and BurlapåQŒå°†"Acegi HTTP BASIC Authorization <br />Filter"相关内容注释掉å³å¯ã€?br /><br />[applicationContext.xml]<br />接下æ¥å°±æ˜¯è¦æ·ÕdŠ applicationContext.xmlä¸çš„内容了,从刚æ‰FilterToBeanFactory的解释å¯ä»¥çœ‹å‡ºï¼ŒçœŸæ£çš„filteréƒ?br />在Springçš„applicationContextä¸ç®¡ç†ï¼š<br /><br />1) 首先åQŒä½ çš„æ•°æ®åº“ä¸å¿…™åÕd…·æœ‰ä¿å˜ç”¨æˆ·å和密ç çš„tableåQŒAcegiè¦æ±‚tableçš„schema必须如下åQ?br /><br /><pre class="overflow">CREATE TABLE users (<br />    username VARCHAR(50) NOT NULL PRIMARY KEY,<br />    password VARCHAR(50) NOT NULL,<br />    enabled BIT NOT NULL<br />);<br />CREATE TABLE authorities (<br />    username VARCHAR(50) NOT NULL,<br />    authority VARCHAR(50) NOT NULL<br />);<br />CREATE UNIQUE INDEX ix_auth_username ON authorities ( username, authority );<br />ALTER TABLE authorities ADD CONSTRAINT fk_authorities_users foreign key (username) REFERENCES users<br />(username);</pre><br /><br />2) æ·ÕdŠ 讉K—®ä½ çš„æ•°æ®åº“çš„datasourceå’ŒAcegiçš„jdbcDaoåQŒå¦‚下:<br /><br /><pre class="overflow"><bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"><br />  <property name="driverClassName"><value>${jdbc.driverClassName}</value></property><br />  <property name="url"><value>${jdbc.url}</value></property><br />  <property name="username"><value>${jdbc.username}</value></property><br />  <property name="password"><value>${jdbc.password}</value></property><br /></bean><br /><bean id="jdbcDaoImpl" class="net.sf.acegisecurity.providers.dao.jdbc.JdbcDaoImpl"><br />  <property name="dataSource"><ref bean="dataSource"/></property><br /></bean></pre><br /><br />3) æ·ÕdŠ DaoAuthenticationProvider:<br /><br /><pre class="overflow"><bean id="daoAuthenticationProvider" class="net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider"><br />  <property name="authenticationDao"><ref bean="authenticationDao"/></property><br />  <property name="userCache"><ref bean="userCache"/></property><br /></bean><br /><br /><bean id="userCache" class="net.sf.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"><br />  <property name="minutesToIdle"><value>5</value></property><br /></bean></pre><br /><br />å¦‚æžœä½ éœ€è¦å¯¹å¯†ç åŠ å¯†åQŒåˆ™åœ¨daoAuthenticationProviderä¸åŠ 入:<property name="passwordEncoder"><ref <br />bean="passwordEncoder"/></property>åQŒAcegiæä¾›äº†å‡ ¿UåŠ å¯†æ–¹æ³•ï¼Œè¯¦ç»†æƒ…å†µå¯çœ‹åŒ?br />net.sf.acegisecurity.providers.encoding<br /><br />4) æ·ÕdŠ authenticationManager:<br /><br /><pre class="overflow"><bean id="authenticationManager" class="net.sf.acegisecurity.providers.ProviderManager"><br />  <property name="providers"><br />    <list><br />      <ref bean="daoAuthenticationProvider"/><br />    </list><br />  </property><br /></bean></pre><br /><br />5) æ·ÕdŠ accessDecisionManager:<br /><br /><pre class="overflow"><bean id="accessDecisionManager" class="net.sf.acegisecurity.vote.AffirmativeBased"><br />  <property name="allowIfAllAbstainDecisions"><br />    <value>false</value><br />  </property><br />  <property name="decisionVoters"><br />    <list><ref bean="roleVoter"/></list><br />  </property><br /></bean><br /><bean id="roleVoter" class="net.sf.acegisecurity.vote.RoleVoter"/></pre><br /><br />6) æ·ÕdŠ authenticationProcessingFilterEntryPoint:<br /><br /><pre class="overflow"><bean id="authenticationProcessingFilterEntryPoint" <br />class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"><br />  <property name="loginFormUrl"><value>/acegilogin.jsp</value></property><br />  <property name="forceHttps"><value>false</value></property><br /></bean></pre><br /><br />å…¶ä¸acegilogin.jsp是登陆页é¢ï¼Œä¸€ä¸ªæœ€½Ž€å•çš„ç™Õd½•™åµé¢å¦‚下åQ?br /><br /><pre class="overflow"><%@ taglib prefix='c' uri='http://java.sun.com/jstl/core' %><br /><%@ page import="net.sf.acegisecurity.ui.AbstractProcessingFilter" %><br /><%@ page import="net.sf.acegisecurity.AuthenticationException" %><br /><html><br />  <head><br />    <title>Login</title><br />  </head><br /><br />  <body><br />    <h1>Login</h1><br />    <form action="<c:url value='j_acegi_security_check'/>" method="POST"><br />      <table><br />        <tr><td>User:</td><td><input type='text' name='j_username'></td></tr><br />        <tr><td>Password:</td><td><input type='password' name='j_password'></td></tr><br />        <tr><td colspan='2'><input name="submit" type="submit"></td></tr><br />        <tr><td colspan='2'><input name="reset" type="reset"></td></tr><br />      </table><br />    </form><br />  </body><br /></html></pre><br /><br />7) æ·ÕdŠ filterInvocationInterceptor:<br /><br /><pre class="overflow"><bean id="filterInvocationInterceptor" <br />class="net.sf.acegisecurity.intercept.web.FilterSecurityInterceptor"><br />  <property name="authenticationManager"><br />    <ref bean="authenticationManager"/><br />  </property><br />  <property name="accessDecisionManager"><br />    <ref bean="accessDecisionManager"/><br />  </property><br />  <property name="objectDefinitionSource"><br />    <value><br />      CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON<br />      \A/sec/administrator.*\Z=ROLE_SUPERVISOR<br />      \A/sec/user.*\Z=ROLE_TELLER<br />    </value><br />  </property><br /></bean></pre><br /><br />˜q™é‡Œè¯äh³¨æ„,è¦objectDefinitionSourceä¸å®šä¹‰å“ªäº›é¡µé¢éœ€è¦æƒé™è®¿é—®ï¼Œéœ€è¦æ ¹æ®è‡ªå·Þqš„应用需求进行修改,我上é¢ç»™å‡?br />的定义的æ„æ€æ˜¯˜q™æ ·çš„:<br />a. CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISONæ„æ€æ˜¯åœ¨æ¯”较请求èµ\径时全部转æ¢ä¸ºå°å†?br />b. \A/sec/administrator.*\Z=ROLE_SUPERVISORæ„æ€æ˜¯åªæœ‰æƒé™ä¸ºROLE_SUPERVISORæ‰èƒ½è®‰K—®/sec/administrator*的页é?br />c. \A/sec/user.*\Z=ROLE_TELLERæ„æ€æ˜¯åªæœ‰æƒé™ä¸ºROLE_TELLER的用æˆäh‰èƒ½è®¿é—?sec/user*的页é?br /><br />8) æ·ÕdŠ securityEnforcementFilter:<br /><br /><pre class="overflow"><bean id="securityEnforcementFilter" class="net.sf.acegisecurity.intercept.web.SecurityEnforcementFilter"><br />  <property name="filterSecurityInterceptor"><br />    <ref bean="filterInvocationInterceptor"/><br />  </property><br />  <property name="authenticationEntryPoint"><br />    <ref bean="authenticationProcessingFilterEntryPoint"/><br />  </property><br /></bean></pre><br /><br />9) æ·ÕdŠ authenticationProcessingFilter:<br /><br /><pre class="overflow"><bean id="authenticationProcessingFilter" <br />class="net.sf.acegisecurity.ui.webapp.AuthenticationProcessingFilter"><br />  <property name="authenticationManager"><br />    <ref bean="authenticationManager"/><br />  </property><br />  <property name="authenticationFailureUrl"><br />    <value>/loginerror.jsp</value><br />  </property><br />  <property name="defaultTargetUrl"><br />    <value>/</value><br />  </property><br />  <property name="filterProcessesUrl"><br />    <value>/j_acegi_security_check</value><br />  </property><br /></bean></pre><br />å…¶ä¸authenticationFailureUrl是认è¯å¤±è´¥çš„™åµé¢ã€?br /><br />10) 如果需è¦ä¸€äº›é¡µé¢é€šè¿‡å®‰å…¨é€šé“çš„è¯åQŒæ·»åŠ 下é¢çš„é…ç½®:<br /><br /><pre class="overflow"><bean id="channelProcessingFilter" class="net.sf.acegisecurity.securechannel.ChannelProcessingFilter"><br />  <property name="channelDecisionManager"><br />    <ref bean="channelDecisionManager"/><br />  </property><br />  <property name="filterInvocationDefinitionSource"><br />    <value><br />      CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON<br />      \A/sec/administrator.*\Z=REQUIRES_SECURE_CHANNEL<br />      \A/acegilogin.jsp.*\Z=REQUIRES_SECURE_CHANNEL<br />      \A/j_acegi_security_check.*\Z=REQUIRES_SECURE_CHANNEL<br />      \A.*\Z=REQUIRES_INSECURE_CHANNEL<br />    </value><br />  </property><br /></bean><br /><br /><bean id="channelDecisionManager" class="net.sf.acegisecurity.securechannel.ChannelDecisionManagerImpl"><br />  <property name="channelProcessors"><br />    <list><br />      <ref bean="secureChannelProcessor"/><br />      <ref bean="insecureChannelProcessor"/><br />    </list><br />  </property><br /></bean><br /><bean id="secureChannelProcessor" class="net.sf.acegisecurity.securechannel.SecureChannelProcessor"/><br /><bean id="insecureChannelProcessor" class="net.sf.acegisecurity.securechannel.InsecureChannelProcessor"/></pre><br /><br />[¾~ºå°‘了什么?]<br />Acegiç›®å‰æ供了两¿U?secure object"åQŒåˆ†åˆ«å¯¹™åµé¢å’Œæ–¹æ³•è¿›è¡Œå®‰å…¨è®¤è¯ç®¡ç†ï¼Œæˆ‘这里介¾lçš„åªæ˜¯åˆ©ç”¨<br />FilterSecurityInterceptor对访问页é¢çš„æƒé™æŽ§åˆ¶åQŒé™¤æ¤ä¹‹å¤–,Acegi˜q˜æ供了å¦å¤–一个Interceptor―â€?br />MethodSecurityInterceptoråQŒå®ƒ¾l“åˆrunAsManagerå¯å®žçŽ°å¯¹å¯¹è±¡ä¸çš„æ–ÒŽ³•çš„æƒé™æŽ§åˆÓž¼Œä½¿ç”¨æ–ÒŽ³•å¯å‚看Acegi自带的文æ¡?br />å’Œcontact范例ã€?br /><br />[最åŽè¦è¯´çš„]<br />本æ¥ä»¥äØ“åªæ˜¯è¯´æ˜Žå¦‚何使用Acegi而已åQŒåº”该éžå¸¸ç®€å•ï¼Œä½†çœŸæ£å†™èµäh¥æ‰å‘现想è¦æ¡ç†æ¸…楚的ç†é¡ºæ‰€æœ‰éœ€è¦çš„bean˜q˜æ˜¯å¾?br />困难的,但愿我没有é—æ¼å¤ªå¤šä¸œè¥¿ï¼Œå¦‚æžœæˆ‘çš„æ–‡ç« æœ‰ä»€ä¹ˆé—æ¼æˆ–错误的è¯åQŒè¿˜è¯·å‚看Acegi自带的quick-start范例åQŒä½†è¯?br />注æ„åQŒè¿™ä¸ªèŒƒä¾‹æ˜¯ä¸èƒ½ç›´æŽ¥æ‹¿æ¥ç”¨çš„ã€?br />分æžå’Œå¦ä¹ Springä¸çš„jpetstore用户½Ž¡ç† <br />  å˜åœ¨ç”¨æˆ·çš„ç³»¾lŸï¼Œå¿…然需è¦ç”¨æˆïLš„ç™Õd½•å’Œè®¤è¯ï¼Œä»Šå¤©ž®±é€šè¿‡åˆ†æžSpringä¸è‡ªå¸¦çš„jpetstore的例åæ¥å¦ä¹ 一下如何实现在Spring构架的系¾lŸä¸ç”¨æˆ·ç™Õd½•ã€?br />1ã€é¦–先从注册用户开始,先看看jpetstore-servlet.xmlä¸å…³äºŽæ³¨å†Œç”¨æˆïLš„bean定义åQŒä»Žå®šä¹‰å‘½åä¸å°±å¯ä»¥çœ‹å‡ºä¸‹é¢˜q™æ®µž®±æ˜¯æ³¨å†Œç”¨æˆ·çš„:<br />  <pre class="overflow"><bean name="/shop/newAccount.do" class="org.springframework.samples.jpetstore.web.spring.AccountFormController"><br />    <property name="petStore"><ref bean="petStore"/></property><br />    <property name="validator"><ref bean="accountValidator"/></property><br />    <property name="successView"><value>index</value></property><br />  </bean></pre><br />1). formView呢?从AccountFormControllerçš„æž„é€ å‡½æ•îC¸å¾—到åQŒåŽŸæ¥äØ“EditAccountFormåQ›Â Â?br />2). EditoAccountForm.jspä¸æ˜¾å¾—éžå¸æ€Ø•åQŒå…¶å®žæ²¡æœ‰å¤šž®‘éš¾ç†è§£çš„地方,最主è¦çš„是˜q™ä¸ªform既是æ·ÕdŠ 新用æˆïLš„åQŒåˆæ˜¯ç¼–辑用户信æ¯çš„åQŒæ‰€ä»¥æ˜¾å¾—有点äØ•¾pŸç³Ÿçš„ã€?br />2ã€æ·»åŠ 好了新用户åQŒæŽ¥ä¸‹æ¥çœ‹çœ‹å¦‚何ç™Õd½•åQŒåœ¨jpetstore-servletä¸å‘现这两个相关bean定义åQŒå¦‚下:<br />  <pre class="overflow"><bean name="/shop/signon.do" class="org.springframework.samples.jpetstore.web.spring.SignonController"><br />    <property name="petStore"><ref bean="petStore"/></property><br />  </bean><br />  <bean name="/shop/signonForm.do" class="org.springframework.web.servlet.mvc.ParameterizableViewController"><br />    <property name="viewName"><value>SignonForm</value></property><br />  </bean></pre><br />1). ½W¬äºŒä¸ªbean是在˜q行时用戯‚¾“入用户å和密ç çš„formåQŒå«åšSignonFormåQŒå¯¹äºŽè¿™ä¸?ParameterizableViewControlleråQŒç”¨æ–‡æ¡£é‡Œçš„è¯è¯´˜q™æ˜¯æœ€½Ž€å•çš„ControlleråQŒå…¶ä½œç”¨ž®±æ˜¯åœ¨è¿è¡Œä¸æŒ‡å‘ Controller而ä¸æ˜¯ç›´æŽ¥æŒ‡å‘jspæ–‡äšgåQŒä»…æ¤è€Œå·²ã€?br />2). SignonForm.jspåQŒé‡Œé¢å°±æ˜¯ä¸€ä¸ªç®€å•çš„formåQŒå…¶actionž®±æ˜¯½W¬ä¸€ä¸ªbeanåQŒå³/shop/signon.doåQŒæœ€éœ€è¦æ³¨æ„çš„æ˜?signonForwardActionåQŒå…¶ä¸»è¦ä½œç”¨æ˜¯forward到需è¦è¾“入用户å和密ç 的那个™åµé¢ä¸ŠåŽ»åQŒè¿™ä¸ªå˜é‡å“ªé‡Œæ¥çš„å‘¢åQŸçœ‹çœ‹ä¸‹é¢ï¼š<br />  <pre class="overflow"><bean id="secureHandlerMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"><br />    <property name="interceptors"><br />      <list><br />        <ref bean="signonInterceptor"/><br />      </list><br />    </property><br />    <property name="urlMap"><br />      <map><br />        <entry key="/shop/editAccount.do"><ref local="secure_editAccount"/></entry><br />        <entry key="/shop/listOrders.do"><ref local="secure_listOrders"/></entry><br />        <entry key="/shop/newOrder.do"><ref local="secure_newOrder"/></entry><br />        <entry key="/shop/viewOrder.do"><ref local="secure_viewOrder"/></entry><br />      </map><br />    </property><br />  </bean></pre><br />  原æ¥åQŒä¸Šé¢çš„signonInterceptor实现了preHandleåQŒå› æ¤åœ¨è¯äh±‚上é¢çš„map™åµé¢æ—Óž¼Œé¦–å…ˆè¦ç»˜q‡è¿™ä¸ªInterceptoråQŒçœ‹çœ?SignonInterceptorçš„æºç ,原æ¥åœ¨å…¶ä¸äØ“signon.jsp赋予一个signonForwardAction对象åQŒå‘µå‘µï¼Œæ€È®—明白了ã€?br />3). 接下æ¥åŽ»å¦ä¹ 一下SignonControlleråQŒå…¶ä¸ÖM½“部分ä¸å¯ä»¥çœ‹å‡ºï¼Œé¦–å…ˆå–出用户输入的usernameå’ŒpasswordåQŒç„¶åŽåˆ°æ•°æ®åº“ä¸éªŒè¯ 有没有这个用æˆøP¼Œå¦‚果没有˜q™ä¸ªç”¨æˆ·åQŒè¿”回å„错误™åµé¢åQ›å¦‚æžœæˆåŠŸï¼Œé¦–先生æˆä¸€ä¸ªUserSession对象åQŒåœ¨requestçš„sessionåŠ å…¥˜q™ä¸ª userSessionåQŒæ³¨æ„这部分代ç ä¸ç»™å‡ÞZº†PagedListHolder分页的简å•ä‹É用方法,关于分页昄¡¤ºåQŒä»¥åŽå†å¦ä¹ å§ã€?br />3ã€ç™»å½•æˆåŠŸåŽåQŒå°±å¯ä»¥æ ÒŽ®ä¸åŒçš„用戯‚®¾æ–½ä¸åŒçš„è¡Œäؓ了,å–得用户信æ¯åQŒæ— éžå°±æ˜¯ä»Žsessionå–出userSessionå›_¯ã€?br /></div><img src ="http://www.aygfsteel.com/mkchen/aggbug/90397.html" width = "1" height = "1" /><br><br><div align=right><a style="text-decoration:none;" href="http://www.aygfsteel.com/mkchen/" target="_blank">‹¹äh€?/a> 2006-12-27 23:20 <a href="http://www.aygfsteel.com/mkchen/archive/2006/12/27/90397.html#Feedback" target="_blank" style="text-decoration:none;">å‘表评论</a></div>]]></description></item></channel></rss> <footer>
<div class="friendship-link">
<a href="http://www.aygfsteel.com/" title="狠狠久久亚洲欧美专区_中文字幕亚洲综合久久202_国产精品亚洲第五区在线_日本免费网站视频">狠狠久久亚洲欧美专区_中文字幕亚洲综合久久202_国产精品亚洲第五区在线_日本免费网站视频</a>
</div>
</footer>
Ö÷Õ¾Ö©Öë³ØÄ£°å£º
<a href="http://" target="_blank">ɽÒõÏØ</a>|
<a href="http://" target="_blank">ãÉÐÐÇø</a>|
<a href="http://" target="_blank">¹ð¶«ÏØ</a>|
<a href="http://" target="_blank">ÊÕ²Ø</a>|
<a href="http://" target="_blank">»¨Á«ÏØ</a>|
<a href="http://" target="_blank">Ρɽ</a>|
<a href="http://" target="_blank">ÒÊË®ÏØ</a>|
<a href="http://" target="_blank">ÂÞɽÏØ</a>|
<a href="http://" target="_blank">ÎåÕ¯ÏØ</a>|
<a href="http://" target="_blank">»¸Ì¨ÏØ</a>|
<a href="http://" target="_blank">³¤ÄþÏØ</a>|
<a href="http://" target="_blank">¹àÔÆÏØ</a>|
<a href="http://" target="_blank">·À³Ç¸ÛÊÐ</a>|
<a href="http://" target="_blank">³çÑôÏØ</a>|
<a href="http://" target="_blank">½¨Ê¼ÏØ</a>|
<a href="http://" target="_blank">Á鱦ÊÐ</a>|
<a href="http://" target="_blank">ÉñÅ©¼ÜÁÖÇø</a>|
<a href="http://" target="_blank">Ç°¹ù¶û</a>|
<a href="http://" target="_blank">°²ÈûÏØ</a>|
<a href="http://" target="_blank">¼ÎÒåÊÐ</a>|
<a href="http://" target="_blank">ТÒåÊÐ</a>|
<a href="http://" target="_blank">̨ÖÐÊÐ</a>|
<a href="http://" target="_blank">Äϲ¿ÏØ</a>|
<a href="http://" target="_blank">º×ɽÊÐ</a>|
<a href="http://" target="_blank">Ë绯ÊÐ</a>|
<a href="http://" target="_blank">ƽɽÏØ</a>|
<a href="http://" target="_blank">ÎôÑôÏØ</a>|
<a href="http://" target="_blank">ÈÊ»¯ÏØ</a>|
<a href="http://" target="_blank">Ô˳ÇÊÐ</a>|
<a href="http://" target="_blank">ÉÛÑôÏØ</a>|
<a href="http://" target="_blank">ÐË¡ÏØ</a>|
<a href="http://" target="_blank">¾ÅÁúÏØ</a>|
<a href="http://" target="_blank">³Â°Í¶û»¢Æì</a>|
<a href="http://" target="_blank">ÉÐÒåÏØ</a>|
<a href="http://" target="_blank">³ØÖÝÊÐ</a>|
<a href="http://" target="_blank">¾¸±ßÏØ</a>|
<a href="http://" target="_blank">Èý¶¼</a>|
<a href="http://" target="_blank">ñçÑôÊÐ</a>|
<a href="http://" target="_blank">·ïÏèÏØ</a>|
<a href="http://" target="_blank">ÁÙÏÄÊÐ</a>|
<a href="http://" target="_blank">ÌÒÔ°ÊÐ</a>|
<script>
(function(){
var bp = document.createElement('script');
var curProtocol = window.location.protocol.split(':')[0];
if (curProtocol === 'https') {
bp.src = 'https://zz.bdstatic.com/linksubmit/push.js';
}
else {
bp.src = 'http://push.zhanzhang.baidu.com/push.js';
}
var s = document.getElementsByTagName("script")[0];
s.parentNode.insertBefore(bp, s);
})();
</script>
</body>