1, <login-config>
<auth-method>BASIC</auth-method>
</login-config>
=========================================================
四種認證類型:
BASIC:HTTP規範,Base64
<web-app>
......
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
......
</web-app>
DIGEST:HTTP規範,資料完整性強一些,但不是SSL
<web-app>
......
<login-config>
<auth-method>DIGEST</auth-method>
</login-config>
......
</web-app>
CLIENT-CERT:J2EE規範,資料完整性很強,公共鑰匙(PKC)
<web-app>
......
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
......
</web-app>
FORM:J2EE規範,資料完整性非常弱,沒有加密,允許有定制的登陸界面。
<web-app>
......
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
......
</web-app>
這裡的 FORM 方式需要說明的是 登入頁面的固定的元素:login.html
<form name="loginform" method="post" action="j_security_check">
<INPUT name="j_username" type="text">
<INPUT name="j_password" TYPE="password">
<input type="submit" value="登 錄" >
</form>
form 的action 必須是j_security_check, method="post", 使用者名 name="j_username" , 密碼name="j_password" 這些都是固定的元素
2,log4j的配置
=========================================================
<!-- #log4j的配置相關# -->
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>classpath:log4j.properties</param-value>
</context-param>
<context-param>
<param-name>log4jRefreshInterval</param-name>
<param-value>60000</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.util.Log4jConfigListener
</listener-class>
</listener>
<!-- end#log4j的配置相關# -->
3,過濾器的配置
======================================================================
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>*.jsp</url-pattern>
</filter-mapping>
======================================================================
先這些,以後再補充