|
|||||
|
|
| Spring Acegi的安全应用与扩展 | |
| 引用本文: | 范玉涛,苏桂平,王永涛.Spring Acegi的安全应用与扩展[J].计算机应用与软件,2008,25(12). |
| 作者姓名: | 范玉涛 苏桂平 王永涛 |
| 作者单位: | 1. 中国科学院研究生院工程教育学院,北京,100049;华北科技学院计算机系,北京,101601 2. 中国科学院研究生院信息科学与工程学院,北京,100049 3. 华友时代通信技术,北京,有限公司软件产品部,北京,100027 |
| 基金项目: | 国家高科技发展计划(863)项目 |
| 摘 要: | Spring框架作为一个优秀的多层J2EE系统框架,本身没有提供对系统的安全性支持。Acegi是基于Spring基于IoC(Inversion of Control)和AOP(Aspect Oriented Programming)机制实现的一个安全框架。主要说明了如何在Spring Acegi框架下对资源进行认证和授权,进一步通过对Acegi的扩展,实现了直接从数据库读取权限,增强控制资源的灵活性。 |
| 关 键 词: | 认证 授权 过滤器 |
APPLICATION AND EXTENSION OF SPRING ACEGI IN SYSTEM SECURITY |
|
| Fan Yutao,Su Guiping,Wang Yongtao.APPLICATION AND EXTENSION OF SPRING ACEGI IN SYSTEM SECURITY[J].Computer Applications and Software,2008,25(12). | |
| Authors: | Fan Yutao Su Guiping Wang Yongtao |
| Affiliation: | Fan Yutao1,2 Su Guiping3 Wang Yongtao41(College of Engineering,Graduate University of the Chinese Academy , Sciences,Beijing 100049,China)2(Department of Computer Science,North China Institute of Science , Technology,Beijing 101601,China)3(School of Information Science , Engineering,China) 4(Hurray Times Communications Department of Software Development Beijing,Beijing 100027,China) |
| Abstract: | Being an excellent multi-player J2EE framework,Spring does not provide support to security of application systems.Acegi is a security framework based on Spring IoC(invention of control) and AOP(aspect oriented programming) mechanisms.This paper mainly specifies how to implement authentication and authorization on resources under the Spring Acegi.The extension of Acegi makes it possible to obtain direct authorization from database and to increase the flexibility in controlling system resources. |
| Keywords: | Spring Acegi MD5 |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |