Cheap handbags, Cheap shoes, watches

springsecurity3 configuration file-error record-blog Park

admin — Fri, 10 Feb 2012 14:16:28 +0000

September 10, 2010

< - deny users access to the handler ->

<- configuration that do not require the address of the authentication filter ->
< intercept-url pattern = "/ roots / login.jsp" filters = "none" />

add a filter, this is not the same with Acegi, you can not modify the default filter, the filter is located FILTER_SECURITY_INTERCEPTOR before
->
< custom-filter position = "LOGOUT_FILTER" ref = "logoutFilter">

session-authentication-strategy-ref = ” sas “/>

class = “org.springframework.security.authentication. dao.DaoAuthenticationProvider”>

a custom filter must contain the three authenticationManager, accessDecisionManager, securi tyMetadataSource property,
all of our control in these three categories to explain the detailed specific configuration 
->

the following three classes have been done automatically scans class = “com.security.MyInvocationSecurityMetadataSo urce “>

->
 class = “org.springframework.security.web.authentica tion.logout.LogoutFilter”>

class = “org.springframework.security.web.authentica tion.logout.SecurityContextLogoutHandler”>
< / beans: list>

class = “org.springframework.security.web . session.Co ncurrentSessionFilter “>

class = “org.springframework.security.web.authentica tion.session.ConcurrentSessionControlStrategy”>
ref = “sessionRegistry” />

class = “com.security.fliter.MyUsernamePasswordAuthe nticationFilter”>
 ref = “sas” />

ref =” failureHandler “/>
 ref = “successHandler” />

class = “org . springframework.security.web.authentica tion.SavedRequestAwareAuthenticationSuccessHandler “>

class = “org.springframework.security.web.authentica tion.SimpleUrlAuthenticationFailureHandler”>

 class = “org.springframework.security.core.session.S essionRegistryImpl” />
Article Source: fly NET (www.firnow.com): http://dev.firnow.com/course/3_pr ogram/java/javajs/20100719/461036.html

SpringSecurity 3 configuration file

admin — Fri, 10 Feb 2012 14:16:23 +0000

June 1, 2010
struggled for a week, and finally come up with a springSecurity3 configuration file
students later commonly used functions are and all can be configured to refine the parameters. For example, you can configure, remembermeService the cookie time for one year all the permissions database configuration, the role is taken from the database. method of protection is taken from the database. next time single point of landing in a configuration, this stuff will be able to meet the needs of ordinary users.
<- entry-point-ref for the first time a user access to protected url handler -> <- here is to deny users access handler -> < - authentication management, user authentication entrance UserDetailsService interface can be as follows, you can configure more than the Provider -> access to the decision maker determine the role of a user, whether there are sufficient permissions to access a resource -> < beans: property name = "rememberMeServices" ref = "rememberMeServices"> <- remember me fliter this fliter configuration did not use to keep as a reference – -> <- did not use to keep as reference configuration of this fliter -> false <- Note: The following model is configured with the class ISome the doSupervisor method only needs ROLE_SUPERVISOR to access com.acegi.MethodInterceptionTest.method * = ROLE_ADMIN -> * test <- written on the entry point, -> methodSecurityInterceptor ->

SpringSecurity3.X– a simple implementation

admin — Fri, 10 Feb 2012 14:16:13 +0000

August 26, 2011 but most of our management system will be divided into foreground and background, that is, the foreground and background of the login home and write-off address is not the same, then how multi-use SpringSecurity reference to some examples on the network before the application the following changes:
applicationContext-the security.xml

< ? xml version = "1.0" encoding = "UTF-8"?>
 xmlns: xsi = “http://www.w3.org/2001/XMLSchema-instance” xmlns: p = “http://www.springframework.org/schema/p”

xmlns: aop = “http://www.springframework.org/schema/aop” xmlns: context = “http://www.springframework.org/schema/context”
xmlns: jee = “http://www.springframework.org/schema/jee” xmlns: tx = “http://www.springframework.org/schema/tx”
xmlns: util = “http: / / www.springframework.org / schema / util “xmlns: mvc =” http://www.springframework.org/schema/mvc “
xmlns: tool =” http://www. springframework.org / schema / tool “xmlns: beans =” ??http://www.springframework.org/schema/beans “
xsi: schemaLocation =”
http: / / www.springframework.org / schema / aop http://www.springframework.org/schema/aop/spring-a op-3.0.xsd
http://www.springframework.org / schema / beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http:// www.springframework.org / schema / context / spri ng-context-3.0.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema / jee / spring-j ee-3.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx – 3.0.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring- util-3.0.xsd
 http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-m vc-3.0.xsd
http:// www.springframework.org / schema / tool http://www.springframework.org/schema/tool/spring- tool-3.0.xsd
http://www.springframework.org/schema/ security http://www.springframework.org/schema/security/spr ing-security-3.1.xsd “
default-lazy-init =” true “>
<- does not require certification resources so that the configuration was changed to 3.0 after ->

 In fact, I only in accessDecisionManager in an increase of a voting machine, the properties are relatively simple, not ->
<- In addition, in order to achieve before and after access use a different login address, where an increase of an entry-point-ref ->

<- address the background to intercept ->

<- front address to intercept ->

<- write-off filter ->
 

<- Authentication entry point, use it for is to ensure that when the user login access to the front and back, it will jump to a different login page -> 

class = “org.springframework.security.web.authentication.U sernamePasswordAuthenticationFilter”>
 

class = “org.springframework.security.web.authentication.S impleUrlAuthenticationFailureHandler”>

class = “org.springframework.security.web.authentication.S impleUrlAuthenticationSuccessHandler”>

<- log on filters, verify the background of the user ->
class = org.springframework.security.web.authentication.U sernamePasswordAuthenticationFilter “>

class = “org.springframework.security.web.authentication.S impleUrlAuthenticationFailureHandler”>

class = “org.springframework.security.web. authentication.S impleUrlAuthenticationSuccessHandler “>

 

 class = “org.springframework.security.authentication.event. LoggerListener” />

class = “org.springframework . security.access.vote.Authenti catedVoter “/>

< intercept-url pattern = "/ admin *. do *" access = "HODLE" />

< session-management>

< custom-filter position = "FORM_LOGIN_FILTER" ref = "adminLoginFilter" />

< / beans: the bean> < beans: property name = "alwaysUseDefaultTargetUrl" value = "true" />

Description:
In order to achieve different login authentication, where the statement of the login filter and the cancellation of the filter, and specify the location of the corresponding filter.
2. as our own login filter and the cancellation of the filter, so I can not be set in auto-config = “true”
3. In order to distinguish different login page, authentication entry point “entry-point-ref” configured in in the role of authentication entry point is how to deal with when the request was blocked, here treated as a jump to the respective login page
4. idealized foreground users and back-office users use the same userService management, it means that is stored in the same user table for processing in the front and back office users not in the same table I also study.
LoginUrlEntryPoint.java

public class LoginUrlEntryPoint implements AuthenticationEntryPoint {
public void commence (HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException, ServletException {
String targetUrl = null;
String url = request.getRequestURI () ;
if (url.indexOf (“admin”) = -1) {
/ / logged in to access background controlled resources Jump to Back Log page
targetUrl = “/ admin / login.do”;
} else {
/ / logged in to access front controlled resources Jump to the front login page
targetUrl = “/ login.do”;
}
targetUrl = request.getContextPath () targetUrl ;
response.sendRedirect (targetUrl);
}}
public class LoginUrlEntryPoint implements AuthenticationEntryPoint {public void commence (HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {String targetUrl = null; String url = request.getRequestURI (); if (url.indexOf (“admin”)! = -1) {/ / when not logged access backstage controlled resources. jump to the background Login of page targetUrl = “/ admin / login.do”;} else {/ / not logged in, visit the front desk controlled resources, jump to the front login page targetUrl = “/ login.do”;} targetUrl = request.getContextPath () targetUrl; Response.sendRedirect (targetUrl);}}
Reference Address: http://zhousl.koo.blog.163.com/blog/static/7136380 420,113,208,174,680 /

SpringSecurity3.X–remember-me

admin — Fri, 10 Feb 2012 14:16:02 +0000

November 24, 2011
I remember-me configured in SpringSecurity encountered such a problem, remember-me does not work, according to official documents to explain, only in in increase configuration, and in login.jsp to add the following code to Java code:

looks quite simple, but I tested did not work, google a bit, but also no one has ever mentioned the problem The reason that pulls out the source to find out, it was found that the problem.
here first a brief description of the look SpringSecurity login process: the Java code,

UsernamePasswordAuthenticationFilter: the user submits the username and password information -> a UserDetailsService : from its package user objects the -> AbstractUserDetailsAuthenticationProvider: transfer by passwords and permissions validation package verified by an Authentication -> the ProviderManager : the Authentication package to the SecurityContext (by default, the ProviderManager will be removed after successful authentication, Authentication password, but will keep the user name) – the> AbstractRememberMeServices: to determine whether contains _spring_security_remember_me parameter request parameter, if it contains and the value (true, on, yes, 1) any one, then the user name and password information saved into the cookies, or not deal -> AccessDecisionManager is: by deciding whether to release at the request of the protected resource, RememberMeAuthenticationFilter will first determine whether the Authentication has failed, if the failure is trying to seek, to find a cookie is to re-package Authentication.
out in ProviderManager Boolean attribute eraseCredentialsAfterAuthentication of default value is true, if not true, it removed the password in the Authentication username and password authentication is successful, AbstractRememberMeServices save the cookie condition Authentication To obtain the username and password, which led to AbstractRememberMeServices never will be the username and password stored in a cookie by default, in order to ensure that the username and password can be correctly stored to a cookie, we need to modify eraseCredentialsAfterAuthentication value is false, but fortunately very easy to modify this attribute are as follows:

add this configuration, the cookie information is successfully saved.
By default, the cookie is valid for two weeks, if you want to modify this validity can be configured in the :
the Xml code

not know Why ProviderManager is this, perhaps I have not figure out why, I hope to discuss with you .
retained the stand
switched the: http://www.iteye.com/topic/1113881

springsecurity3 international processing

admin — Fri, 10 Feb 2012 14:15:52 +0000

January 1, 2011
international processing handled in two ways.

In the security configuration file

which
the classpath: org / springframework / security / messages_zh _CN
reference messages_zh_CN.properties files in spring-security-core-3.0.5.jar

springsecurity comes with the internationalization of Chinese configuration translation is not very accurate, we need to manually change the
the Extract messages_zh_CN.properties download the src package springsecurity3 file to change the message.
files are copied to the src folder (maven project copied to the src / main / resource)

springsecurity configuration file to add:

Crystal necklace

admin — Sun, 29 Jan 2012 11:53:21 +0000

Necklace is one of the body ornament, pandora sale
and it is a earliest jewelry. In addition to necklaces decorative
features, pandora beads
some necklaces also have special display effects , such as Catholic
cross chain and Buddhist prayer beads. From ancient times, people
, in order to beautify themselves and the environment, they created
a variety of different styles, pandora charms
different characteristics and different style necklaces to meet the
people of different color, with same nation, but different
aesthetic needs.
Necklace is made by a long chain stringed with colored pearl jade
cable. pandora bracelet
Generally hanging at the necklaces bottom also have exquisite
pendant, to achieve the finishing touch. Crystal necklace
category is generally divided into amethyst necklace , black crystal
necklace, natural crystal necklace and white crystal necklace.

How to maintenance crystal necklace

admin — Sun, 29 Jan 2012 11:53:14 +0000

1.Do not wear jewelry when bathing, washing dishes or
swimming! pandora sale
If not cleaning your crystal necklace in time or just poor cleaning
it, the water gas and chemicals (such as: shower gel, detergent,
etc.) will be attached to the crystal surface, pandora beads
so that crystals may become dull.
Always remember that you should not wear it before spraying perfume
or hair care products. They may erode your necklace.
When not wearing, please place your jewelry on the jewelry box or
a sealed soft velvet bag to avoid prolonged exposure to moist air
or exposure directly to strong sunlight, pandora charms
just in order to prevent the metal surface in contact with air and
oxide black.
After wearing, you should wipe it with a clean soft cloth
, pandora UK
in this way, you can maintain its unique luster! If you print
fingerprints on the crystal or make it dirty uncarefully, you can
use a light, soft and lint-free cloth to clean crystal dust.
Light intensity need when cleaning, to avoid scratch its
surface.
Please do not use water, wet cloth or use any commercially
available ultrasonic jewelry cleaner or cleaning apparatus, in
order to avoid crystal fading and oxidation.
6 . Crystal is brittle, you should care that avoiding stress,
dropping and high temperature. Proper care and preservation methods
can ensure your jewelry beautiful and bright forever.

2011 qiu dong big necklace exaggeration colorful pie (4)

admin — Sun, 29 Jan 2012 11:53:03 +0000

Givenchy2011 chun xia series accessories , diablo style
bracelet with
earring, full of religious color robust of the cross, and so
on. You can wear to make exaggeration of luxuriant wind restoring
ancient ways, with gothic cool feeling is very suitable for build
sexy and mysterious temperament.

2011 qiu dong big necklace exaggeration colorful pie (5)

admin — Sun, 29 Jan 2012 11:52:55 +0000

Philippe Audibert of grain shape design chain
necklace, gold mesh line surrounded the water lines type
ring, naturalism and modern beauty will fusion to acme,
enlightened me. So shiny Jewelry collocation a
brunet dress will shine the New Year party.

lotto-lotto official website Taobao flagship store

admin — Tue, 03 Jan 2012 23:22:15 +0000

Lotto official network of the brand, now has online sales.

click on the link to enter the official website
 product since its introduction, with strict control of product quality and reasonable price positioning, the brand favored by consumers, the official opening of flagship store on Taobao, and it is the only official web shops, all selling goods are official authentic! ∮ lotto Taobao – lotto official website flagship store
shop online through the efforts of recent years, sales of products, from zero to today credit to the mall crown shop, through the middle of the growing number of The ups and downs and ups and downs! Thanks for the past thousands of buyers we support and love! Their counterparts with the pro-choice all the way! You were not there would be no us today!
company and you have to go further, we continue to raise their own demands: every forward step and strive to quality first, service first!
For more details, click on the images below, or link to enter the only official flagship store!
] [Le Tour official website: here to remind you that at present there have been many high network of fake imitation of our products, so consumers are sure to look for, and be careful not to buy fakes. Company in line to provide consumers with the best service. ☆ We have set up shop on a special hotline service channel and we met at the time of purchase of the stores have any questions or better suggestions welcome your calls and consulting. Degree look forward with you, let us never had to create a miracle. lotto official website flagship store
[official website] Lotto: General bought online friends are aware of things, the number of shops on Taobao is considerable, each store product quality and style is also uneven. So when you buy something on Taobao, often need to spend a lot of valuable time in order to differentiate Which is a good Taobao. Lotto official website is the case, you want to find some cheap and good quality shops, is a fee of God. Here according to most buyers shop shopkeeper and his evaluation of Taobao shopping experience, summed up the general good Taobao shop with a four characteristics: First, the popularity relatively prosperous; Second, buyers have good reviews of the treasurer; third shop rate is relatively high overall praise; Finally, fast and timely delivery. Generally able to meet these conditions, the seller, then this shop is quite trustworthy.
the end of this article, Thanks for viewing!!
lotto official website flagship store