spring security helloword

官方說明文檔

https://docs.spring.io/spring-security/site/docs/4.2.4.RELEASE/reference/htmlsingle/#ns-config 

1. 添加pom

    	<dependencies>
    	  <!-- ... other dependency elements ... -->
    	  <dependency>
    		<groupId>org.springframework.security</groupId>
    		<artifactId>spring-security-web</artifactId>
    		<version>5.0.3.RELEASE</version>
    	  </dependency>
    	  <dependency>
    		<groupId>org.springframework.security</groupId>
    		<artifactId>spring-security-config</artifactId>
    		<version>5.0.3.RELEASE</version>
    	  </dependency>
    	</dependencies>

2.添加Spring Security配置

	<b:beans xmlns="http://www.springframework.org/schema/security"
		 xmlns:b="http://www.springframework.org/schema/beans"
		 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
		 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
						http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
		<http />
		<user-service>
			<user name="user" password="password" authorities="ROLE_USER" />
		</user-service>
	</b:beans>

3.啟用Spring Security：

	<?xml version="1.0" encoding="UTF-8"?>
	<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
			 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
			 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
	  http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">

		<!--
		  - Location of the XML file that defines the root application context
		  - Applied by ContextLoaderListener.
		  -->
		<context-param>
			<param-name>contextConfigLocation</param-name>
			<param-value>
				/WEB-INF/spring/*.xml
			</param-value>
		</context-param>


		<filter>
			<filter-name>springSecurityFilterChain</filter-name>
			<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
		</filter>
		<filter-mapping>
			<filter-name>springSecurityFilterChain</filter-name>
			<url-pattern>/*</url-pattern>
		</filter-mapping>

		<!--
		  - Loads the root application context of this web app at startup.
		  - The application context is then available via
		  - WebApplicationContextUtils.getWebApplicationContext(servletContext).
		-->
		<listener>
			<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
		</listener>

	</web-app>

4.新建文件：src/main/webapp/index.jsp

	<body>
	  <div class="container">
		<h2>This is secured!</h2>
		<p>
		  Hello <b><c:out value="${pageContext.request.remoteUser}"/></b>
		</p>
		<c:url var="logoutUrl" value="/logout"/>
		<form class="form-inline" action="${logoutUrl}" method="post">
		  <input type="submit" value="Log out" />
		  <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
		</form>
	  </div>
	</body>