这样当直接访问http://localhost/AcegiWeb/servlet/TestServlet的时候会发现不可访问控件台也不输出javafish当输入正确的用户名和密码之后便可以访问
这样它就对类的方法调用起了保护的作用这一点可以把Acegi应用到DWR上效果是很理想的
对于Acegi有很多的过滤器不用全写在webxml里acegi提供了一个特殊的过滤器我们可以写成这样在Webxml里
<filter>
<filtername>Acegi</filtername>
<filterclass>orgacegisecurityutilFilterToBeanProxy</filterclass>
<initparam>
<paramname>targetClass</paramname>
<paramvalue>orgacegisecurityutilFilterChainProxy</paramvalue>
</initparam>
</filter>
<filtermapping>
<filtername>Acegi</filtername>
<urlpattern>/*</urlpattern>
</filtermapping>
<contextparam>
<paramname>contextConfigLocation</paramname>
<paramvalue>
/WEBINF/applicationContextxml
</paramvalue>
</contextparam>
<listener>
<listenerclass>orgspringframeworkwebcontextContextLoaderListener</listenerclass>
</listener>
<listener>
<listenerclass>orgspringframeworkwebutilLogjConfigListener</listenerclass>
</listener>
<listener>
<listenerclass>orgacegisecurityuisessionHttpSessionEventPublisher</listenerclass>
</listener>
<servlet>
<servletname>TestServlet</servletname>
<servletclass>orgliservletTestServlet</servletclass>
</servlet>
<servletmapping>
<servletname>TestServlet</servletname>
<urlpattern>/servlet/TestServlet</urlpattern>
</servletmapping>
在Spring的配置文件里
<bean id=chainProxy class=orgacegisecurityutilFilterChainProxy>
<property name=filterInvocationDefinitionSource>
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/**=HttpSessionContextIntegrationFilterauthenticationProcessingFilterBasicProcessingFilteranonymousProcessingFilt
erexceptionTranslationFilterfilterSecurityInterceptor
</value>
</property>
</bean>
[] [] [] [] [] []
![浅谈Acegi配置-Spring-Java[6]](/UploadFiles/0.jpg)