0
我正在开发一个使用SS进行角色管理的webapp。当我尝试以管理员身份登录时,它的工作正常,但问题是当我想以用户身份登录时,我也不想这样做。任何想法PLZSpring Security
这是我的安全cpntext.xml
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- We will be defining all security related configurations in this file -->
<http pattern="/login" security="none" />
<http use-expressions="true" >
<intercept-url pattern="/login" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<intercept-url pattern="/login" access="permitAll" />
<intercept-url pattern="/index" access="hasRole('Admin')"/>
<form-login login-page="/login" default-target-url="/index" authentication-failure-url="/login"/> <!-- We will just use the built-in form login page in Spring -->
<access-denied-handler error-page="/login" />
<!-- <intercept-url pattern="/**" access="isAuthenticated()"/> --><!-- this means all URL in this app will be checked if user is authenticated -->
<logout logout-url="/logout" logout-success-url="/index"/> <!-- the logout url we will use in JSP -->
</http>
<beans:bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<beans:property name="userDetailsService" ref="userDetailsService" ></beans:property>
</beans:bean>
<beans:bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<beans:property name="providers">
<beans:list>
<beans:ref local="daoAuthenticationProvider"/>
</beans:list>
</beans:property>
</beans:bean>
<authentication-manager>
<authentication-provider user-service-ref="userDetailsService">
<password-encoder hash="md5"></password-encoder>
</authentication-provider>
</authentication-manager>