0
所有,春天網絡安全問題
我有我的應用程序設置,使我可以使用特定的用戶名和密碼組合:
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<http use-expressions="true" access-denied-page="/start.jsf">
<intercept-url pattern="/start.jsf" filters="none" />
<intercept-url pattern="/web/**" access="isAuthenticated()" />
<form-login login-page="/start.jsf" default-target-url="/web/user/homepage.jsf" authentication-failure-url="/start.jsf?state=failure"/>
<logout logout-success-url="/start.jsf?state=logout" />
</http>
<!-- <authentication-manager alias="authenticationManager">
<authentication-provider>
<password-encoder hash="md5" />
<jdbc-user-service data-source-ref="dataSource"
users-by-username-query="SELECT U.email_address AS username, U.password as password, 'true' as enabled FROM users U where U.email_address=?"
authorities-by-username-query="SELECT U.email_address AS username, 'USER' as authority FROM users U WHERE U.email_address=?"
role-prefix="ROLE_" />
</authentication-provider>
</authentication-manager> -->
<authentication-manager alias="authenticationManager">
<authentication-provider>
<password-encoder hash="md5"/>
<user-service>
<user name="user1" password="a564de63c2d0da68cf47586ee05984d7" authorities="ROLE_SUPERVISOR, ROLE_USER, ROLE_TELLER" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
問題是,當我要求它轉到了數據源,它找不到數據源。原因是我有另一個ApplicationContext.xml在一個配置文件夾中的所有我的Java源文件。人們通常如何組織項目,以便該文件能夠拾取數據源文件?我想相應地設置項目...感謝您的輸入!
此外,登錄作品,然而,一旦用戶登錄時,我希望能夠得到用戶名/密碼,我不能。這怎麼可能?
但因爲這是被通過的servlet做,我如何獲得上下文,這樣我可以從它搶豆? – KVISH 2012-03-18 21:53:18
@kalvish,你可以使用'從Servlet訪問應用程序上下文ApplicationContext中CTX =(ApplicationContext的)getServletContext()方法的getAttribute(WebApplicationContext.ROOT_WEB_APPLICATION_CONTEXT_ATTRIBUTE這個);' – alexkasko 2012-03-18 22:08:40
嗯...由於某種原因,沒有爲我工作。但這並:'WebApplicationContextUtils.getWebApplicationContext(。FacesContext.getCurrentInstance()getExternalContext()的getContext());' – KVISH 2012-04-03 00:55:13