spring security2ÖжÔurl½øÐÐÀ¹½ØµÄÅäÖÃ

1¡¢ÅäÖÃweb.xmlÎļþ：

<!-- Ö¸¶¨spring securityµÄÅäÖÃÎļþ--> <context-param> <param-name>contextConfigLocation</param-name> <param-value>/WEB-INF/spring-security.xml</param-value> </context-param> <!-- spring security µÄ Filter Chain ´úÀí --> <filter> <filter-name>springSecurityFilterChain</filter-name> <filter-class> org.springframework.web.filter.DelegatingFilterProxy </filter-class> </filter> <filter-mapping> <filter-name>springSecurityFilterChain</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- È¡µÃSpringµÄContext --> <listener> <listener-class> org.springframework.web.context.ContextLoaderListener </listener-class> </listener>

2¡¢ÅäÖÃspring-security.xml（¸ÃÎļþÃû×ÖÓëweb.xmlÖеÄ<context-param />ÖеÄÏà¶ÔÓ¦） ：

<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"> <http auto-config="true"> <!-- µÇ¼ҳÃæ²»À¹½Ø，ÈκÎÈ˶¼¿ÉÒÔ·ÃÎʵ½ --> <intercept-url pattern="/login.jsp" filters="none" /> <!-- ÐèÒªÀ¹½ØµÄ·¾¶，pattern±íʾҪÀ¹½ØµÄ·¾¶，access±íʾÄܹ»·ÃÎʵĽÇÉ« --> <intercept-url pattern="/a/*" access="ROLE_A,ROLE_ADMIN,ROLE_SUPER" /> <intercept-url pattern="/a/aa/*" access="ROLE_AA,ROLE_ADMIN,ROLE_SUPER" /> <intercept-url pattern="/b/*" access="ROLE_B,ROLE_ADMIN,ROLE_SUPER" /> <intercept-url pattern="/b/bb/*" access="ROLE_BB,ROLE_ADMIN,ROLE_SUPER" /> <!-- Ö¸¶¨µÇ¼ҳÃæ --> <form-login login-page="/login.jsp" /> <!-- Ö¸¶¨Í˳öºóÒªÏÔʾµÄÒ³Ãæ --> <logout logout-success-url="/index.jsp"></logout> <!-- ͬ²½session¿ØÖÆ --> <concurrent-session-control max-sessions="1" /> </http> <!-- ÈÏÖ¤ÌṩÆ÷ --> <authentication-provider> <password-encoder hash="plaintext"></password-encoder> <user-service> <user password="super" name="super" authorities="ROLE_SUPER" /> <user password="admin" name="admin" authorities="ROLE_ADMIN" /> <user password="a" name="a" authorities="ROLE_A" /> <user password="b" name="b" authorities="ROLE_B" /> <user password="aa" name="aa" authorities="ROLE_AA" /> <user password="bb" name="bb" authorities="ROLE_BB" /> </user-service> </authentication-provider> </beans:beans>