SpringSecurity小Demo

转载的这位老师的 http://blog.csdn.net/sz_bdqn/article/details/6661665

Demo下载地址:http://pan.baidu.com/s/1mihwt1Q
目录结构:
SpringSecurity小Demo_第1张图片

1.首先导入jar包
spring-2.5.6.jar
spring-security-acl-2.0.5.jar
spring-security-core-2.0.5.jar
spring-security-taglibs-2.0.5.jar

2.创建相应的实体类:用户、角色、资源

package com.zsw.entity;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.ManyToMany;
import javax.persistence.Transient;
import org.apache.commons.lang.StringUtils;
import org.hibernate.annotations.Cache;
import org.hibernate.annotations.CacheConcurrencyStrategy;

/**
 * 资源
 * Resource可能分成多种类型,比如MENU,URL,METHOD等等
 */
@Entity
@Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
public class Resource {

    @Id
    @GeneratedValue
    private Integer id; 
    private String type;    
    private String value;

    @ManyToMany(mappedBy = "resources", targetEntity = Role.class, fetch = FetchType.EAGER)
    @Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
    private Set roles;

    public Resource() {
    }

    /**
     * 获取资源中所有角色名称
     * @return
     */
    @Transient
    public String getRoleAuthorities() {
        List roleAuthorities = new ArrayList();
        for(Role role : roles) {
            roleAuthorities.add(role.getName());
        }
        return StringUtils.join(roleAuthorities, ",");
    }

    public Integer getId() {
        return id;
    }
    public String getType() {
        return type;
    }
    public String getValue() {
        return value;
    }
    public Set getRoles() {
        return roles;
    }
    public void setId(Integer id) {
        this.id = id;
    }
    public void setType(String type) {
        this.type = type;
    }
    public void setValue(String value) {
        this.value = value;
    }
    public void setRoles(Set roles) {
        this.roles = roles;
    }
}
package com.zsw.entity;
import java.util.Set;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;

import org.hibernate.annotations.Cache;
import org.hibernate.annotations.CacheConcurrencyStrategy;

/**
 * 角色
 * @author Administrator
 */
@Entity
@Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
public class Role {

    @Id
    @GeneratedValue
    private Integer id; 
    private String name;    
    private String description; 
    @ManyToMany(targetEntity = Resource.class, fetch = FetchType.EAGER)
    @JoinTable(name = "role_resource", joinColumns = @JoinColumn(name = "role_id"), inverseJoinColumns = @JoinColumn(name = "resource_id"))
    @Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
    private Set resources;

    public Role() {     
    }

    public Integer getId() {
        return id;
    }

    public String getName() {
        return name;
    }

    public String getDescription() {
        return description;
    }

    public Set getResources() {
        return resources;
    }

    public void setId(Integer id) {
        this.id = id;
    }

    public void setName(String name) {
        this.name = name;
    }

    public void setDescription(String description) {
        this.description = description;
    }

    public void setResources(Set resources) {
        this.resources = resources;
    }
}
package com.zsw.entity;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.persistence.Transient;

import org.apache.commons.lang.StringUtils;
import org.hibernate.annotations.Cache;
import org.hibernate.annotations.CacheConcurrencyStrategy;
import org.hibernate.annotations.Proxy;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.userdetails.UserDetails;

/**
 * 用户类
 * @author Administrator
 */
@Entity
@Proxy(lazy = false)
@Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
public class User implements UserDetails {

    private static final long serialVersionUID = 8026813053768023527L;

    /**
     * 编号ID
     */
    @Id
    @GeneratedValue
    private Integer id;

    private String name; //用户名

    private String password; //密码

    private boolean disabled; //是否关闭

    /**
     * 用户所有的角色
     */
    @ManyToMany(targetEntity = Role.class, fetch = FetchType.EAGER)
    @JoinTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"), inverseJoinColumns = @JoinColumn(name = "role_id"))
    @Cache(usage = CacheConcurrencyStrategy.READ_WRITE)
    private Set roles;

    @Transient
    private Map> roleResources;

    /**
     * The default constructor
     */
    public User() {
    }

    /**
     * 根据User返回这个User所拥有的权限列表
     */
    public GrantedAuthority[] getAuthorities() {
        List grantedAuthorities = new ArrayList(roles.size());
        for(Role role : roles) {
            grantedAuthorities.add(new GrantedAuthorityImpl(role.getName()));
        }
        return grantedAuthorities.toArray(new GrantedAuthority[roles.size()]);
    }

    /**
     * Returns the authorites string
     * 
     * eg. 
     *    downpour --- ROLE_ADMIN,ROLE_USER
     *    robbin --- ROLE_ADMIN
     * 
     * @return
     */
    public String getAuthoritiesString() {
        List authorities = new ArrayList();
        for(GrantedAuthority authority : this.getAuthorities()) {
            authorities.add(authority.getAuthority());
        }
        return StringUtils.join(authorities, ",");
    }
    public String getPassword() {
        return password;
    }
    public String getUsername() {
        return name;
    }
    public boolean isAccountNonExpired() {
        return true;
    }
    public boolean isAccountNonLocked() {
        return true;
    }
    public boolean isCredentialsNonExpired() {
        return true;
    }
    public boolean isEnabled() {
        return !disabled;
    }
    public Integer getId() {
        return id;
    }
    public String getName() {
        return name;
    }
    public boolean isDisabled() {
        return disabled;
    }
    public Set getRoles() {
        return roles;
    }

    /**
     * 在User对象中设置一个缓存机制,在第一次取的时候,
     * 通过遍历User所有的Role,获取相应的Resource信息。
     * @return
     */
    public Map> getRoleResources() {
        // init roleResources for the first time
        if(this.roleResources == null) {

            this.roleResources = new HashMap>();

            for(Role role : this.roles) {
                String roleName = role.getName();
                Set resources = role.getResources();
                for(Resource resource : resources) {
                    String key = roleName + "_" + resource.getType();
                    if(!this.roleResources.containsKey(key)) {
                        this.roleResources.put(key, new ArrayList());
                    }
                    this.roleResources.get(key).add(resource);                  
                }
            }

        }
        return this.roleResources;
    }
    public void setId(Integer id) {
        this.id = id;
    }
    public void setName(String name) {
        this.name = name;
    }
    public void setPassword(String password) {
        this.password = password;
    }
    public void setDisabled(boolean disabled) {
        this.disabled = disabled;
    }
    public void setRoles(Set roles) {
        this.roles = roles;
    }

}

3.定义一个接口SecurityManager.java用于获取所有的资源信息

package com.zsw.security;
import java.util.Map;

/**
 * 安全管理
 * @author Administrator
 */
public interface SecurityManager {      
    public Map loadUrlAuthorities();        
}

实现类:

package com.zsw.security.support;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.hibernate.SessionFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import com.zsw.entity.Resource;
import com.zsw.entity.User;
import com.zsw.security.SecurityManager;

@Service("securityManager")
public class SecurityManagerSupport extends HibernateDaoSupport implements UserDetailsService, SecurityManager {

    @Autowired
    public void init(SessionFactory sessionFactory) {
        super.setSessionFactory(sessionFactory);
    }

    /**
     * 根据用户名获取用户对象
     * 实现了UserDetailsService接口中的loadUserByUsername方法
     */
    public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException, DataAccessException {
        List users = (List) getHibernateTemplate().find("FROM User user WHERE user.name = ? AND user.disabled = false", userName);
        if(users.isEmpty()) {
            throw new UsernameNotFoundException("User " + userName + " has no GrantedAuthority");
        }
        return users.get(0);
    }

    /**
     * 获取所有资源,对应所有的角色
     */
    public Map loadUrlAuthorities() {
        Map urlAuthorities = new HashMap();
        List urlResources = (List) getHibernateTemplate().find("FROM Resource resource WHERE resource.type = ?", "URL");
        for(Resource resource : urlResources) {
            urlAuthorities.put(resource.getValue(), resource.getRoleAuthorities());
        }
        return urlAuthorities;
    }
}

4.创建一个监听器,在系统启动的时候,把所有的资源load到内存作为缓存

package com.zsw.web.loader;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import org.springframework.web.context.support.WebApplicationContextUtils;
import com.zsw.security.SecurityManager;

/**
 * ------------------------------------------------------------
 * 这是一个监听器
 * 主要有2个方法,一个是应用启动时执行,另一个是应用关闭时执行
 * 在系统启动的时候,把所有的资源load到内存作为缓存 
 * ------------------------------------------------------------
 * 监听器的使用实际上适用于取代那些响应用户请求的Servelt,
 * 所以Listener类中无须提供用户请求的方法,
 * Listener的作用是为整个WEB应用提供后台服务。
 * ------------------------------------------------------------
 * @author 周尚武
 */
public class ServletContextLoaderListener implements ServletContextListener {

    /**
     * 应用启动时,该方法调用
     * 将资源的存放在servletContext中
     */
    public void contextInitialized(ServletContextEvent servletContextEvent) {
        ServletContext servletContext = servletContextEvent.getServletContext();
        SecurityManager securityManager = this.getSecurityManager(servletContext);
        Map urlAuthorities = securityManager.loadUrlAuthorities();
        servletContext.setAttribute("urlAuthorities", urlAuthorities);
    }

    /**
     * 应用关闭时该方法调用
     */
    public void contextDestroyed(ServletContextEvent servletContextEvent) {
        servletContextEvent.getServletContext().removeAttribute("urlAuthorities");
    }

    protected SecurityManager getSecurityManager(ServletContext servletContext) {
        return (SecurityManager) WebApplicationContextUtils.getWebApplicationContext(servletContext).getBean("securityManager");
    }
}

5.获取当前用户

package com.zsw.security.support;

import org.springframework.security.context.SecurityContextHolder;
import com.zsw.entity.User;

/**
 * Spring Security提供了一个线程安全的对象:SecurityContextHolder,
 * 通过这个对象,我们可以访问当前的登录用户
 * @author Administrator
 */
public class SecurityUserHolder {

    /**
     * 获取当前用户
     * @return
     */
    public static User getCurrentUser() {
        return (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
    }
}

6.对资源进行认证

package com.zsw.security.interceptor;

import java.util.Collection;
import java.util.Iterator;
import java.util.Map;

import javax.servlet.ServletContext;

import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.ConfigAttributeEditor;
import org.springframework.security.intercept.web.FilterInvocation;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
import org.springframework.security.util.AntUrlPathMatcher;
import org.springframework.security.util.RegexUrlPathMatcher;
import org.springframework.security.util.UrlMatcher;

/**
 * 资源拦截器
 * 编写自己的FilterInvocationDefinitionSource实现类,对资源进行认证 
 */
public class SecureResourceFilterInvocationDefinitionSource implements FilterInvocationDefinitionSource, InitializingBean {

    private UrlMatcher urlMatcher;
    private boolean useAntPath = true;    
    private boolean lowercaseComparisons = true;


    public void setUseAntPath(boolean useAntPath) {
        this.useAntPath = useAntPath;
    }

    public void setLowercaseComparisons(boolean lowercaseComparisons) {
        this.lowercaseComparisons = lowercaseComparisons;
    }

    public void afterPropertiesSet() throws Exception {

        this.urlMatcher = new RegexUrlPathMatcher();        
        if (useAntPath) {
            this.urlMatcher = new AntUrlPathMatcher();
        }

        if ("true".equals(lowercaseComparisons)) {
            if (!this.useAntPath) {
                ((RegexUrlPathMatcher) this.urlMatcher).setRequiresLowerCaseUrl(true);
            }
        } else if ("false".equals(lowercaseComparisons)) {
            if (this.useAntPath) {
                ((AntUrlPathMatcher) this.urlMatcher).setRequiresLowerCaseUrl(false);
            }
        }        
    }

    public ConfigAttributeDefinition getAttributes(Object filter) throws IllegalArgumentException {

        FilterInvocation filterInvocation = (FilterInvocation) filter;
        String requestURI = filterInvocation.getRequestUrl();
        Map urlAuthorities = this.getUrlAuthorities(filterInvocation);        
        String grantedAuthorities = null;
        for(Iterator> iter = urlAuthorities.entrySet().iterator(); iter.hasNext();) {
            Map.Entry entry = iter.next();
            String url = entry.getKey();

            if(urlMatcher.pathMatchesUrl(url, requestURI)) {
                grantedAuthorities = entry.getValue();
                break;
            }            
        }

        if(grantedAuthorities != null) {
            ConfigAttributeEditor configAttrEditor = new ConfigAttributeEditor();
            configAttrEditor.setAsText(grantedAuthorities);
            return (ConfigAttributeDefinition) configAttrEditor.getValue();
        }        
        return null;
    }

    @SuppressWarnings("unchecked")
    public Collection getConfigAttributeDefinitions() {
        return null;
    }

    @SuppressWarnings("unchecked")
    public boolean supports(Class clazz) {
        return true;
    }

    @SuppressWarnings("unchecked")
    private Map getUrlAuthorities(FilterInvocation filterInvocation) {
        ServletContext servletContext = filterInvocation.getHttpRequest().getSession().getServletContext();
        return (Map)servletContext.getAttribute("urlAuthorities");
    }
}

7.创建登陆login页面及登陆成功后的index页面:
login.jsp

<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>

<html xmlns="http://www.w3.org/1999/xhtml" lang="zh-CN">
<head>
    <title>Spring Securitytitle>
head>
<body>
    <form method="post" id="loginForm" action="${pageContext.request.contextPath}/j_spring_security_check">
        <p>User Name:p>
        <p><input type="text" name="j_username" id="j_username" />p>
        <p>Password:p>     
        <p><input type="password" name="j_password" id="j_password" />p>
        <p><input type="submit" value="submit" />p>
    form>      
body>
html> 

index.jsp


<p>
    <a href="${pageContext.request.contextPath}/j_spring_security_logout">logouta>
p>

<p>Hello ${currentUser.name}, your role is: ${currentUser.authoritiesString}p>

8.配置文件:


<web-app id="Yoda" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
    <display-name>Yodadisplay-name>

    
    <context-param>
        <param-name>contextConfigLocationparam-name>
        <param-value>/WEB-INF/classes/applicationContext-*.xmlparam-value>
    context-param>

    
    <filter>
      <filter-name>springSecurityFilterChainfilter-name>
      <filter-class>org.springframework.web.filter.DelegatingFilterProxyfilter-class>
    filter>
    <filter-mapping>
      <filter-name>springSecurityFilterChainfilter-name>
      <url-pattern>/*url-pattern>
    filter-mapping>

    <servlet>
        <servlet-name>indexservlet-name>
        <servlet-class>com.zsw.web.servlet.Indexservlet-class>
    servlet>  
    <servlet-mapping>
        <servlet-name>indexservlet-name>
        <url-pattern>/indexurl-pattern>
    servlet-mapping>

    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListenerlistener-class>
    listener>    
    <listener>
        <listener-class>com.zsw.web.loader.ServletContextLoaderListenerlistener-class>
    listener>

web-app>

applicationContext-configuration.xml


<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/context
    http://www.springframework.org/schema/context/spring-context-2.5.xsd">


    
    <bean id="annotationPropertyConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" lazy-init="true">
        <property name="locations">
            <list>
                <value>classpath:jdbc.propertiesvalue>
            list>
        property>
    bean>

    <context:component-scan base-package="com.zsw"/>
    <context:annotation-config />

beans>

applicationContext-dataAccess.xml


<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
    http://www.springframework.org/schema/context
    http://www.springframework.org/schema/context/spring-context-2.5.xsd">

    
    <bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close">
        <property name="driverClass" value="${connection.driver_class}"/>
        <property name="jdbcUrl" value="${jdbc.connection.url}"/>
        <property name="idleConnectionTestPeriod" value="${jdbc.pool.c3p0.idle_connection_test_period}" />
        <property name="preferredTestQuery" value="${jdbc.pool.c3p0.preferred_test_query}" />
        <property name="maxIdleTime" value="${jdbc.pool.c3p0.max_idle_time}" />
        <property name="properties">
            <props>
                <prop key="user">${jdbc.connection.username}prop>
                <prop key="password">${jdbc.connection.password}prop>
                <prop key="c3p0.acquire_increment">${jdbc.pool.c3p0.acquire_increment}prop>
                <prop key="c3p0.max_size">${jdbc.pool.c3p0.max_size}prop>
                <prop key="c3p0.min_size">${jdbc.pool.c3p0.min_size}prop>
            props>
        property>
    bean>

    
    
    <bean id="sessionFactory" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
        <property name="dataSource" ref="dataSource"/>
        <property name="packagesToScan" value="com/zsw/entity/" />
    bean>


    
    <bean id="transactionManager" class="org.springframework.orm.hibernate3.HibernateTransactionManager">
        <property name="sessionFactory" ref="sessionFactory" />
    bean>

    
    <bean id="transactionInterceptor" class="org.springframework.transaction.interceptor.TransactionInterceptor">
         <property name="transactionManager" ref="transactionManager" />
         <property name="transactionAttributes">
              <props>
                   <prop key="*">PROPAGATION_REQUIREDprop>
              props>
         property>
    bean>

    
    <bean class="org.springframework.aop.framework.autoproxy.BeanNameAutoProxyCreator">
         <property name="beanNames">
              <list>
                   <value>*Servicevalue>
              list>
         property>
         <property name="interceptorNames">
              <list>
                   <value>transactionInterceptorvalue>
              list>
         property>
     bean>

beans>

applicationContext-security.xml



<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd">

    <beans:bean id="loggerListener" class="org.springframework.security.event.authentication.LoggerListener" />

    <http access-denied-page="/403.jsp" >
        <intercept-url pattern="/static/**" filters="none" />
        <intercept-url pattern="/template/**" filters="none" />
        <intercept-url pattern="/" filters="none" />
        <intercept-url pattern="/login.jsp" filters="none" />
        
        <form-login login-page="/login.jsp" authentication-failure-url="/login.jsp?error=true" default-target-url="/index" />
        
        <logout logout-success-url="/login.jsp"/>
        
        <http-basic />
    http>

    <authentication-manager alias="authenticationManager"/>

    
    <authentication-provider user-service-ref="securityManager">
        <password-encoder hash="md5"/>
    authentication-provider>

    <beans:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
        <beans:property name="allowIfAllAbstainDecisions" value="false"/>
        <beans:property name="decisionVoters">
            <beans:list>
                <beans:bean class="org.springframework.security.vote.RoleVoter"/>
                <beans:bean class="org.springframework.security.vote.AuthenticatedVoter"/>
            beans:list>
        beans:property>
    beans:bean>

    
    <beans:bean id="resourceSecurityInterceptor" class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
        <beans:property name="authenticationManager" ref="authenticationManager"/>
        <beans:property name="accessDecisionManager" ref="accessDecisionManager"/>
        <beans:property name="objectDefinitionSource" ref="secureResourceFilterInvocationDefinitionSource" />
        <beans:property name="observeOncePerRequest" value="false" />
        <custom-filter after="LAST" />
    beans:bean>

    <beans:bean id="secureResourceFilterInvocationDefinitionSource" class="com.zsw.security.interceptor.SecureResourceFilterInvocationDefinitionSource" />

beans:beans>

hibernate.properties

######################
### Query Language ###
######################

## define query language constants / function names
hibernate.query.substitutions true 1, false 0, yes 'Y', no 'N'

## select the classic query parser

#hibernate.query.factory_class org.hibernate.hql.classic.ClassicQueryTranslatorFactory

## For WebLogic it will have some problems
#hibernate.query.factory_class org.hibernate.hql.classic.ClassicQueryTranslatorFactory


#################
### Platforms ###
#################

## MySQL

hibernate.dialect org.hibernate.dialect.MySQLInnoDBDialect

## Oracle

#hibernate.dialect org.hibernate.dialect.OracleDialect


#######################
### Transaction API ###
#######################

## the Transaction API abstracts application code from the underlying JTA or JDBC transactions

#hibernate.transaction.factory_class org.hibernate.transaction.JTATransactionFactory
hibernate.transaction.factory_class org.hibernate.transaction.JDBCTransactionFactory

##############################
### Miscellaneous Settings ###
##############################

## print all generated SQL to the console
hibernate.show_sql true

## auto schema export
#hibernate.hbm2ddl.auto update


## set the default batch size for batch fetching
hibernate.max_fetch_depth 1

hibernate.default_batch_fetch_size 30


## rollback generated identifier values of deleted entities to default values
hibernate.use_identifer_rollback true


## enable CGLIB reflection optimizer (enabled by default)
#hibernate.cglib.use_reflection_optimizer false



#####################
### JDBC Settings ###
#####################


## set the JDBC fetch size
hibernate.jdbc.fetch_size 25


## set the maximum JDBC 2 batch size (a nonzero value enables batching)
hibernate.jdbc.batch_size 30

## enable use of JDBC 2 scrollable ResultSets (specifying a Dialect will cause Hibernate to use a sensible default)
#hibernate.jdbc.use_scrollable_resultset true

## use streams when writing binary types to / from JDBC
hibernate.jdbc.use_streams_for_binary true


##########################
### Second-level Cache ###
##########################

## optimize chache for minimal "puts" instead of minimal "gets" (good for clustered cache)

#hibernate.cache.use_minimal_puts true


## set a prefix for cache region names

#hibernate.cache.region_prefix hibernate.test


## disable the second-level cache
hibernate.cache.use_second_level_cache true


## enable the query cache

#hibernate.cache.use_query_cache true

## choose a cache implementation

hibernate.cache.provider_class org.hibernate.cache.EhCacheProvider
#hibernate.cache.provider_class org.hibernate.cache.OSCacheProvider
#hibernate.cache.provider_class com.googlecode.hibernate.memcached.MemcachedCacheProvider

#hibernate.memcached.memcacheClientFactory com.googlecode.hibernate.memcached.dangamemcached.DangaMemcacheClientFactory
#hibernate.memcached.cacheTimeSeconds 3000
#hibernate.memcached.poolName memcached


jdbc.properties

connection.driver_class=com.mysql.jdbc.Driver

jdbc.connection.url=jdbc:mysql://localhost:3306/right?useUnicode=true&autoReconnect=true&characterEncoding=UTF-8
jdbc.connection.username=root
jdbc.connection.password=111111

jdbc.pool.c3p0.acquire_increment=2
jdbc.pool.c3p0.max_size=20
jdbc.pool.c3p0.min_size=2
jdbc.pool.c3p0.preferred_test_query='SELECT 1'
jdbc.pool.c3p0.idle_connection_test_period=18000
jdbc.pool.c3p0.max_idle_time=25000

log4j.properties

### direct log messages to stdout ###
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

### direct messages to file hibernate.log ###
#log4j.appender.fileout=org.apache.log4j.RollingFileAppender
#log4j.appender.fileout.File=suremanager.log
#log4j.appender.fileout.MaxFileSize=10000KB
#log4j.appender.fileout.layout=org.apache.log4j.PatternLayout
#log4j.appender.fileout.layout.ConversionPattern=%d{ABSOLUTE} %5p %c{1}:%L - %m%n

### set log levels - for more verbose logging change 'info' to 'debug' ###
log4j.rootLogger=INFO, stdout

### add more debug levels here ###
#log4j.logger.org.hibernate=debug
#log4j.logger.org.springframework=debug
#log4j.logger.com.demo2do.lighturl=DEBUG


你可能感兴趣的:(SpringSecurity小Demo)