[英]spring security filter chain patterns
使用Spring Security時,您將一系列過濾器映射到URL模式,以指定如何保護這些URL。 這些模式可以包含通配符,例如
/foo/*/bar
/foo/**/bar
我找不到這些通配符的任何文檔,但是我的猜測是第一個模式會匹配
/foo/baz/bar
但不是
/foo/baz/baz/bar
而第二個模式( /foo/**/bar
)將匹配這兩個
也許這段代碼會有所幫助:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:security="http://www.springframework.org/schema/security"
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<security:http auto-config="true">
<security:intercept-url pattern="/login.do"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/logout.do"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/fail2login.do"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/json/*.do"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/*" access="ROLE_ADMIN" />
<security:form-login login-page="/login.do"
default-target-url="/home.do" authentication-failure-url="/fail2login.do" />
<security:session-management>
<security:concurrency-control
max-sessions="1" />
</security:session-management>
<security:logout logout-success-url="/logout.do"
delete-cookies="JSESSIONID" invalidate-session="true" />
</security:http>
<security:authentication-manager>
<security:authentication-provider>
<security:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="select userName, password, status from User where userName=?"
authorities-by-username-query="select us.userName, ur.userRoleName from User us, UserRole ur
where ur.userName =? " />
</security:authentication-provider>
</security:authentication-manager>
</beans>
您的假設是正確的。 單個通配符*匹配url樹的特定級別中的任何內容,而雙通配符**匹配任何字符串模式。
所以
/foo/*/bar
會匹配
/foo/abc/bar and /foo/xyz/bar but not /foo/abc/xyz/bar
鑒於
/foo/**/bar
將符合以上所有條件。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.