摘要
分析了基于Spring的Acegi的构架,并讨论了如何利用Acegi进行Web资源的认证和授权。通过一个实例阐述了Acegi7项重要组件的作用,并详细说明了Acegi安全框架认证与授权的过程。透过上述分析,可以了解Acegi安全系统机制运行步骤与原理。由于在运行期间用户可能会提出动态改变权限分配的需求,Acegi默认的配置文件策略略显不足。对此总结出一种基于数据库的策略,来对Acegi资源配置进行动态扩展。
Acegi framework on spring are analysed and, how to authenticate and authorize by Acegi framework for web resource is discussed. A instance enunciates functions of Acegi's seven importance discretenesses, and instructs elaborately the course of Acegi's authentication and authorization. By analyses above, the principle and process of mechanism run of Acegi security system is understood. Because during the course of run, user can bring forward the requirement of dynamic alteration popedom distribution. Configuration files of Acegi's acquiescence seem deficient. Therefore a strategy on database are summarized, which can extend Acegi's configuration files dynamicly.
出处
《计算机工程与设计》
CSCD
北大核心
2007年第6期1313-1316,共4页
Computer Engineering and Design
关键词
认证
授权
认证管理器
访问决定管理器
扩展
authentication
authorization
authenticationmanager
accessdecissiorunanager
extension