0
我使用Spring Security進行登錄,並與多個用戶 與不同的輥我已設置兩個UERS進入電影的 admin和DBA的DBA URL註銷,但我訪問的URL如何在spring xml中使用spring security來定義ROLE_USER,ROLE_ADMIN一起用於一個spefic url?
http://localhost:8080/secu_fin_ano/dba
它重定向到默認春天登錄表單輸入管理員的 管理員uername和密碼後,它重定向頁面到 /拒絕訪問,我在security.xml文件中定義
對於security.xml文件代碼:
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-4.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-4.0.xsd">
<http auto-config="true" >
<intercept-url pattern="/" access="permitAll" />
<intercept-url pattern="/home" access="permitAll" />
<intercept-url pattern="/admin**" access="hasRole('ADMIN')" />
<intercept-url pattern="/dba**" access="hasRole('ADMIN') and hasRole('DBA')" />
<access-denied-handler error-page="/Access_Denied" />
<form-login authentication-failure-url="/Access_Denied" />
</http>
<authentication-manager >
<authentication-provider>
<user-service>
<user name="bill" password="abc123" authorities="ROLE_USER" />
<user name="admin" password="root123" authorities="ROLE_ADMIN" />
<user name="dba" password="root123" authorities="ROLE_ADMIN,ROLE_DBA" />
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>