spring3+struts2+hibernate3+dwr3+spring security3+ajax请求+数据库配置权限 完整实例

阅读更多

项目结构：

web.xml

  1 xml version="1.0" encoding="UTF-8"?>
  2 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
  3   <display-name>S3S2H3display-name>
  4   
  5      <context-param>
  6       <param-name>webAppRootKeyparam-name>
  7       <param-value>log.rootparam-value>
  8      context-param>
  9   
 10       
 11     <context-param>  
 12         <param-name>log4jConfigLocationparam-name>  
 13         <param-value>classpath:log4j.propertiesparam-value>  
 14     context-param> 
 15   
 16      <context-param>
 17       <param-name>log4jRefreshIntervalparam-name>
 18       <param-value>60000param-value>
 19      context-param>
 20  
 21       <context-param>
 22         <param-name>contextConfigLocationparam-name>
 23         <param-value>classpath*:applicationContext.xml,classpath:dao.xml,classpath:applicationContext-security.xmlparam-value>
 24       context-param>
 25       
 26       <listener>
 27         <listener-class>org.springframework.web.context.ContextLoaderListenerlistener-class>
 28     listener>
 29 
 30 
 31 
 32        
 33     <listener>
 34         <listener-class>org.springframework.security.web.session.HttpSessionEventPublisherlistener-class>
 35     listener>
 36       <filter>
 37     <filter-name>OpenSessionInViewFilterfilter-name>
 38     <filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilterfilter-class>
 39   filter>
 40   <filter-mapping>
 41     <filter-name>OpenSessionInViewFilterfilter-name>
 42     <url-pattern>/*url-pattern>
 43   filter-mapping>
 44         
 45     <filter>
 46         <filter-name>springSecurityFilterChainfilter-name>
 47         <filter-class>
 48             org.springframework.web.filter.DelegatingFilterProxy
 49         filter-class>
 50     filter>
 51     <filter-mapping>
 52         <filter-name>springSecurityFilterChainfilter-name>
 53         <url-pattern>/*url-pattern>
 54     filter-mapping>
 55       
 56       <filter>
 57         <filter-name>struts2filter-name>
 58         <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilterfilter-class>
 59     filter>
 60 
 61 
 62 
 63 
 64 
 65 
 66 
 67 
 68 
 69 
 70 
 71 
 72     <filter-mapping>
 73         <filter-name>struts2filter-name>
 74         <url-pattern>*.actionurl-pattern>
 75     filter-mapping>
 76     
 77     
 78     
 79      <servlet>
 80        <servlet-name>dwr-invokerservlet-name>
 81        <servlet-class>org.directwebremoting.spring.DwrSpringServletservlet-class>
 82            <init-param>
 83             <param-name>debugparam-name>
 84             <param-value>trueparam-value>
 85            init-param>
 86            <init-param>            
 87                 <param-name>crossDomainSessionSecurityparam-name>           
 88                 <param-value>falseparam-value>        
 89            init-param>        
 90            <init-param>            
 91                 <param-name>allowScriptTagRemotingparam-name> 
 92                 <param-value>trueparam-value>    
 93            init-param>
 94            <init-param>
 95             <description>使用服务器推技术(反转AJAX)description>
 96             <param-name>activeReverseAjaxEnabledparam-name>
 97             <param-value>trueparam-value>
 98         init-param>
 99         <init-param>
100             <param-name>
101                 initApplicationScopeCreatorsAtStartup
102             param-name>
103             <param-value>trueparam-value>
104         init-param>
105         <init-param>
106             <param-name>maxWaitAfterWriteparam-name>
107             <param-value>100param-value>
108         init-param>
109            <load-on-startup>4load-on-startup>
110     servlet>
111     <servlet-mapping>
112        <servlet-name>dwr-invokerservlet-name>
113        <url-pattern>/dwr/*url-pattern>
114     servlet-mapping>
115     
116     
117     <listener>
118      <listener-class>
119      org.springframework.web.util.IntrospectorCleanupListener
120      listener-class>
121     listener>
122   <welcome-file-list>
123     <welcome-file>index.htmlwelcome-file>
124     <welcome-file>index.htmwelcome-file>
125     <welcome-file>index.jspwelcome-file>
126     <welcome-file>default.htmlwelcome-file>
127     <welcome-file>default.htmwelcome-file>
128     <welcome-file>default.jspwelcome-file>
129   welcome-file-list>
130 web-app>

applicationContext.xml

  1 xml version="1.0" encoding="UTF-8"?>
  2 <beans xmlns="http://www.springframework.org/schema/beans"
  3        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  4        xmlns:dwr="http://www.directwebremoting.org/schema/spring-dwr"
  5        xmlns:aop="http://www.springframework.org/schema/aop"
  6        xmlns:tx="http://www.springframework.org/schema/tx"
  7        xmlns:p="http://www.springframework.org/schema/p"
  8        xmlns:context="http://www.springframework.org/schema/context"
  9        xsi:schemaLocation="
 10        http://www.springframework.org/schema/beans
 11        http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
 12        http://www.springframework.org/schema/tx
 13        http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
 14        http://www.springframework.org/schema/context
 15        http://www.springframework.org/schema/context/spring-context-3.0.xsd
 16        http://www.springframework.org/schema/aop
 17        http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
 18        http://www.directwebremoting.org/schema/spring-dwr 
 19        http://www.directwebremoting.org/schema/spring-dwr-3.0.xsd ">
 20     
 21     <context:annotation-config />
 22     <context:component-scan base-package="cn.com.sengis" />
 23     <bean id="propertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
 24             <property name="locations">
 25                 <list>
 26                     <value>classpath:jdbc.propertiesvalue>
 27                 list>
 28             property>
 29         bean>
 30         
 31     <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close">
 32         <property name="driverClass" value="${connection.driver_class}">property>
 33         <property name="jdbcUrl" value="${connection.url}">property>
 34         <property name="user" value="${connection.username}">property>
 35         <property name="password" value="${connection.password}">property>
 36         
 37         <property name="maxPoolSize" value="${proxool.maximum.connection.count}">property>
 38         <property name="minPoolSize" value="${proxool.minimum.connection.count}">property>
 39         
 40         <property name="initialPoolSize" value="${proxool.initialPoolSize}">property>
 41         
 42         <property name="maxIdleTime" value="${proxool.maxIdleTime}">property> 
 43     bean>
 44         
 45     
 46     <bean id="sessionFactory"
 47         class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
 48         <property name="dataSource">
 49             <ref bean="dataSource" />
 50         property>
 51         <property name="hibernateProperties">
 52             <props>
 53             
 54                 <prop key="hibernate.dialect">
 55                     org.hibernate.dialect.MySQL5Dialect
 56                 prop>
 57                 
 58                 <prop key="hibernate.hbm2ddl.auto">updateprop>
 59                 
 60                 <prop key="hibernate.show_sql">trueprop>
 61                 
 62                 <prop key="hibernate.format_sql">trueprop>
 63                 
 64                 
 65                 
 66                 
 67             props>
 68         property>
 69         
 70         <property name="mappingResources">
 71             <list>                
 72             <value>cn/com/sengis/bean/Student.hbm.xmlvalue>
 73                 <value>cn/com/sengis/bean/Resources.hbm.xmlvalue>
 74                 <value>cn/com/sengis/bean/Roles.hbm.xmlvalue>
 75                 <value>cn/com/sengis/bean/Users.hbm.xmlvalue>
 76             list>
 77         property>
 78     bean>
 79     <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
 80         <property name="sessionFactory">
 81             <ref local="sessionFactory"/>
 82         property>
 83     bean>
 84     <tx:annotation-driven transaction-manager="transactionManager" /> 
 85     
 86     <tx:advice id="txAdvice" transaction-manager="transactionManager">
 87         
 88         <tx:attributes>
 89             
 90             <tx:method name="get*" read-only="true"/>
 91             
 92             <tx:method name="*" rollback-for="java.lang.Exception" propagation="REQUIRED"/>
 93         tx:attributes>
 94     tx:advice>
 95     
 96     
 97     <aop:config>
 98         
100         <aop:pointcut id="pointcut"
101             expression="execution(* cn.com.sengis.service.*.*(..))"/>
102         
103         <aop:advisor advice-ref="txAdvice" 
104             pointcut-ref="pointcut"/>
105     aop:config>
106             
107     <bean id="myServiceBean" class="cn.com.sengis.service.ServiceBean">bean>
108     <bean id="myAction" class="cn.com.sengis.action.MyAction">
109         <property name="serviceBean">
110             <ref bean="myServiceBean"/>
111         property>
112     bean>        
113     
114     
115     
116     
117     
118 
119 
120 
121 
122        
123 
124 
125 
126 
127 
128 
129 
130 
131 
132 
133 
134 
135 
136 
137        
138        
139        
140           <dwr:configuration>
141         <dwr:convert type="bean" class="cn.com.sengis.service.User" />
142         <dwr:convert type="bean" class="org.directwebremoting.ScriptSession" />
143     dwr:configuration>
144        <dwr:annotation-scan base-package="cn.com.sengis" scanDataTransferObject="true" scanRemoteProxy="true" />
145        
146        
147        
148        
149        
150 beans>

dao.xml

xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:p="http://www.springframework.org/schema/p"
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd" default-lazy-init="true">
    
    <bean id="daoTemplate" abstract="true" 
          p:sessionFactory-ref="sessionFactory"/>
    
    <bean id="hibernateDao" class="cn.com.sengis.dao.impl.HibernateDaoImpl" parent="daoTemplate">bean>
    <bean id="usersDao" class="cn.com.sengis.dao.impl.UsersDaoImpl" parent="daoTemplate">bean>
    <bean id="resourcesDao" class="cn.com.sengis.dao.impl.ResourcesDaoImpl" parent="daoTemplate">bean>
    <bean id="rolesDao" class="cn.com.sengis.dao.impl.RolesDaoImpl" parent="daoTemplate">bean>

beans>

applicationContext-security.xml

xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
                        
    <debug/> 

















    
    
    <http pattern="/**/*.js" security="none"/>
    <http pattern="/**/*.css" security="none"/>
    <http pattern="/**/*.gif**" security="none">http>
    <http pattern="/**/*.jpg" security="none"/>
    <http pattern="/login.jsp" security="none"/>
    <http use-expressions="true" entry-point-ref="authenticationProcessingFilterEntryPoint" access-denied-page="/a.jsp">
        
        <logout invalidate-session="false" logout-success-url="/login.jsp" logout-url="/j_spring_security_logout"/>
        
        
        
        <remember-me />
        
       
         
               
        <session-management invalid-session-url="/timeout.jsp">
            <concurrency-control  max-sessions="1" error-if-maximum-exceeded="true" expired-url="/login.jsp">concurrency-control>
        session-management>
        
           <custom-filter ref="loginFilter" position="FORM_LOGIN_FILTER"  />
        <custom-filter ref="securityFilter" before="FILTER_SECURITY_INTERCEPTOR"/>
        
        
    http>
    
    
    <beans:bean id="loginFilter"
        class="cn.com.sengis.security.MyUsernamePasswordAuthenticationFilter">
        
        <beans:property name="filterProcessesUrl" value="/j_spring_security_check">beans:property>
        <beans:property name="authenticationSuccessHandler" ref="loginLogAuthenticationSuccessHandler">beans:property>
        <beans:property name="authenticationFailureHandler" ref="simpleUrlAuthenticationFailureHandler">beans:property>
        <beans:property name="authenticationManager" ref="myAuthenticationManager">beans:property>
        <beans:property name="usersDao" ref="usersDao">beans:property>
    beans:bean>
    <beans:bean id="loginLogAuthenticationSuccessHandler"
        class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
        
        <beans:property name="defaultTargetUrl" value="/index.jsp">beans:property>
    beans:bean>
    <beans:bean id="simpleUrlAuthenticationFailureHandler"
        class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
        <beans:property name="defaultFailureUrl" value="/login.jsp">beans:property>
    beans:bean>
    
    
    <beans:bean id="securityFilter" class="cn.com.sengis.security.MySecurityFilter">
        
        <beans:property name="authenticationManager" ref="myAuthenticationManager" />
        
        <beans:property name="accessDecisionManager" ref="myAccessDecisionManager" />
        
        <beans:property name="securityMetadataSource" ref="mySecurityMetadataSource" />
    beans:bean>
    
    <authentication-manager alias="myAuthenticationManager">
        <authentication-provider user-service-ref="myUserDetailServiceImpl">



        authentication-provider>
    authentication-manager>
    
    <beans:bean id="myAccessDecisionManager" class="cn.com.sengis.security.MyAccessDecisionManager">beans:bean>
    <beans:bean id="mySecurityMetadataSource" class="cn.com.sengis.security.MySecurityMetadataSource">
        <beans:constructor-arg name="resourcesDao" ref="resourcesDao">beans:constructor-arg>
    beans:bean>
    <beans:bean id="myUserDetailServiceImpl" class="cn.com.sengis.security.MyUserDetailServiceImpl">
        <beans:property name="usersDao" ref="usersDao">beans:property>
    beans:bean>
    
    
    <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
        <beans:property name="loginFormUrl" value="/login.jsp">beans:property>
    beans:bean>
beans:beans>

jdbc.properties

connection.driver_class=com.mysql.jdbc.Driver
connection.url=jdbc:mysql://localhost:3306/spring_security?useUnicode=true&characterEncoding=UTF-8
connection.username=root
connection.password=1234

proxool.maximum.connection.count=100
proxool.minimum.connection.count=5
proxool.initialPoolSize=1
proxool.maxIdleTime=200

log4j.properties

# For JBoss: Avoid to setup Log4J outside $JBOSS_HOME/server/default/deploy/log4j.xml!
# For all other servers: Comment out the Log4J listener in web.xml to activate Log4J.
log4j.rootLogger=INFO, stdout, logfile

log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d %p [%c] - %m%n

log4j.appender.logfile=org.apache.log4j.RollingFileAppender
log4j.appender.logfile.File=${petstore.root}/WEB-INF/petstore.log
log4j.appender.logfile.MaxFileSize=512KB
# Keep three backup files.
log4j.appender.logfile.MaxBackupIndex=3
# Pattern to output: date priority [category] - message
log4j.appender.logfile.layout=org.apache.log4j.PatternLayout
log4j.appender.logfile.layout.ConversionPattern=%d %p [%c] - %m%n

struts.xml

xml version="1.0" encoding="UTF-8" ?>
DOCTYPE struts PUBLIC
    "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
    "http://struts.apache.org/dtds/struts-2.3.dtd">

<struts>

    
    <constant name="struts.i18n.encoding" value="utf-8"/>
    
    <constant name="struts.action.extension" value="action"/>
    
    <constant name="struts.serve.static.browserCache" value="false"/>
    
    <constant name="struts.configuration.xml.reload" value="true"/>
    
    <constant name="struts.devMode" value="true" />
    
    <constant name="struts.objectFactory" value="spring" />
    
    <package name="stu" namespace="/stu" extends="struts-default">
        <action name="mystu" class="cn.com.sengis.action.MyAction">
            <result name="success">/success.jspresult>
        action>
    package>
    
        <package name="test" namespace="" extends="struts-default">
        
        <action name="notice" class="cn.com.sengis.action.noticeAction">
            <result>/noticeList.jspresult>
            <result name="input">/noticeList.jspresult>
        action>
        <action name="test" class="cn.com.sengis.action.TestAction">
            <result>result>
        action>
    package>
struts>

sql:

CREATE TABLE `users` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `enable` int(11) DEFAULT NULL,
  `password` varchar(255) DEFAULT NULL,
  `account` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=3 DEFAULT CHARSET=utf8;

CREATE TABLE `roles` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `enable` int(11) DEFAULT NULL,
  `name` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;

CREATE TABLE `resources` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `url` varchar(255) DEFAULT NULL,
  `priority` int(11) DEFAULT NULL,
  `type` int(11) DEFAULT NULL,
  `name` varchar(255) DEFAULT NULL,
  `memo` varchar(255) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;

CREATE TABLE `roles_resources` (
  `rsid` int(11) NOT NULL,
  `rid` int(11) NOT NULL,
  PRIMARY KEY (`rsid`,`rid`),
  KEY `FKAF06BF234B9B2DA4` (`rid`),
  KEY `FKAF06BF23B726B61B` (`rsid`),
  CONSTRAINT `FKAF06BF234B9B2DA4` FOREIGN KEY (`rid`) REFERENCES `roles` (`id`),
  CONSTRAINT `FKAF06BF23B726B61B` FOREIGN KEY (`rsid`) REFERENCES `resources` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

CREATE TABLE `users_roles` (
  `rid` int(11) NOT NULL,
  `uid` int(11) NOT NULL,
  PRIMARY KEY (`uid`,`rid`),
  KEY `FKF6CCD9C64BC73832` (`uid`),
  KEY `FKF6CCD9C64B9B2DA4` (`rid`),
  CONSTRAINT `FKF6CCD9C64B9B2DA4` FOREIGN KEY (`rid`) REFERENCES `roles` (`id`),
  CONSTRAINT `FKF6CCD9C64BC73832` FOREIGN KEY (`uid`) REFERENCES `users` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

 

演示截图