Spring+BlazeDS+Flex+SpringSecurity配置


最近一个项目用到了Spring +BlazeDS+Flex+SpringSecurity的配置,在这里记录一下此种框架的配置方法,仅作备忘。

web.xml

<!– 初始化spring关联配置,比如SpringSecurity, Hibernate等等 –>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring/*.xml
</param-value>
</context-param>

<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!– 日志服务监听器 –>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/classes/log4j.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!– flexhttp请求监听器 –>
<listener>
<listener-class>flex.messaging.HttpFlexSession</listener-class>
</listener>
<!– SpringSecurity HTTP访问过滤器,实现HTTP请求拦截 –>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<!– 编码过滤器,经过测试,flex在进行数据传输的时候,不需要此过滤器也能正确传输中文,此处主要是为了非flex类型的请求配置 –>
<filter>
<filter-name>encoding-filter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encoding-filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!– SpringMVC REST服务需要,因为浏览器的HTTP不支持PUT,DELETE METHOD,通过这个过滤器可以使用POST伪装PUT,DELETE METHOD实现 –>
<filter>
<filter-name>httpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>httpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!– Hibenate 过滤器,保证一个HTTP请求使用同一个Session,并且提供了flushMode,使程序员在开发的时候不必关心缓存刷新的问题 –>
<filter>
<filter-name>hibernateFilter</filter-name>
<filter-class>org.springframework.orm.hibernate3.support.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>singleSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>flushMode</param-name>
<param-value>AUTO</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>hibernateFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<!–
Flex Controller
–>
<servlet>
<servlet-name>flex</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>flex</servlet-name>
<url-pattern>/messagebroker/*</url-pattern>
</servlet-mapping>

<!– RDS服务,用于Flex Builder 连接远程对象生成ActionScript代码 –>

<servlet>
<servlet-name>RDSDispatchServlet</servlet-name>
<servlet-class>flex.rds.server.servlet.FrontEndServlet</servlet-class>
<init-param>
<param-name>messageBrokerId</param-name>
<param-value>_messageBroker</param-value>
</init-param>
<init-param>
<param-name>useAppserverSecurity</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>10</load-on-startup>
</servlet>

<servlet-mapping id=”RDS_DISPATCH_MAPPING”>
<servlet-name>RDSDispatchServlet</servlet-name>
<url-pattern>/CFIDE/main/ide.cfm</url-pattern>
</servlet-mapping>

flex-servlet.xml (根据web.xml配置文件中的servlet-name自动查找WEB-INF目录下的flex-servlet.xml文件)

<!– 指定远程对象默认绑定到那个通道 –>
<flex:message-broker>
<flex:remoting-service default-channels=”my-amf”/>
</flex:message-broker>

<!– 增加SpringSecurity全局方法安全访问控制 –>
<security:global-method-security pre-post-annotations=”enabled”>
<security:protect-pointcut expression=”execution(* com.leo.service.**.*.save*(..))” access=”hasRole(‘ROLE_ADMIN’)”/>
</security:global-method-security>

<!– 扫描远程服务对象 –>
<context:component-scan base-package=”com.leo.service” />

flex/services-config.xml(由于flex-servlet.xml中配置了<flex:message-broker>,所以工程在启动的时候会自动查找/WEB-INF/flex目录下的services-config.xml文件)

<channels>
<channel-definition id=”my-amf” class=”mx.message.channels.AMFChannel”>
<endpoint url=”http://{server.name}:{server.port}/{context.root}/messagebroker/amf” class=”flex.message.endpoints.AMFEndpoint”/>
</channel-definition>
</channels>

spring/security-config.xml

<http auto-config=”true”>
<intercept-url pattern=”/**” access=”hasRole(‘ROLE_USERS’)”/>
</http>

Advertisements

发表评论

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / 更改 )

Twitter picture

You are commenting using your Twitter account. Log Out / 更改 )

Facebook photo

You are commenting using your Facebook account. Log Out / 更改 )

Google+ photo

You are commenting using your Google+ account. Log Out / 更改 )

Connecting to %s