There are several sample web applications that are available with the project. To avoid an overly large download, only the "tutorial" and "contacts" samples are included in the distribution zip file. The others can be built directly from the source which you can obtain as described in the introduction

. It’s easy to build the project yourself and there’s more information on the project web site at http://spring.io/spring-security/. All paths referred to in this chapter are relative to the project source directory.

專案提供了幾個示例Web應用程式。為避免過大的下載，分發zip檔案中僅包含“教程”和“聯絡人”示例。其他可以直接從您可以獲得的源構建，如介紹中所述。自己構建專案很容易，有關專案網站的更多資訊，請訪問http://spring.io/spring-security/。本章中提到的所有路徑都與專案源目錄相關。  

7.1 Tutorial Sample（教程示例）

The tutorial sample is a nice basic example to get you started. It uses simple namespace configuration throughout. The compiled application is included in the distribution zip file, ready to be deployed into your web container (spring-security-samples-tutorial-3.1.x.war). The form-based authentication mechanism is used in combination with the commonly-used 

remember-me authentication provider to automatically remember the login using cookies.

教程示例是一個很好的基本示例，可幫助您入門。它始終使用簡單的名稱空間配置已編譯的應用程式包含在分發zip檔案中，可以部署到您的Web容器中（spring-security-samples-tutorial-3.1.x.war）。基於表單的身份驗證機制與常用的記住我身份驗證提供程式結合使用，以使用cookie自動記住登入。   We recommend you start with the tutorial sample, as the XML is minimal and easy to follow. Most importantly, you can easily add this one XML file (and its corresponding  web.xml entries) to your existing application. Only when this basic integration is achieved do we suggest you attempt adding in method authorization or domain object security. 我們建議您從教程示例開始，因為XML很小且易於遵循。最重要的是，您可以輕鬆地將這一個XML檔案（及其相應的web.xml條目）新增到現有應用程式中。只有在實現此基本整合時，我們才建議您嘗試新增方法授權或域物件安全性。

7.2 Contacts

The Contacts Sample is an advanced example in that it illustrates the more powerful features of domain object access control lists (ACLs) in addition to basic application security. The application provides an interface with which the users are able to administer a simple database of contacts (the domain objects).

Contacts Sample是一個高階示例，它說明了除基本應用程式安全性之外的域物件訪問控制列表（ACL）的更強大功能。該應用程式提供了一個介面，使用者可以使用該介面管理簡單的聯絡人資料庫（域物件）。   To deploy, simply copy the WAR file from Spring Security distribution into your container’s  webapps directory. The war should be called  spring-security-samples-contacts-3.1.x.war (the appended version number will vary depending on what release you are using). 要部署，只需將WAR檔案從Spring Security發行版複製到容器的webapps目錄中。該戰爭應該被稱為spring-security-samples-contacts-3.1.x.war（附加的版本號將根據您使用的版本而有所不同）。   After starting your container, check the application can load. Visit  http://localhost:8080/contacts (or whichever URL is appropriate for your web container and the WAR you deployed). 啟動容器後，檢查應用程式是否可以載入。訪問http：// localhost：8080 / contacts（或適用於您的Web容器和您部署的WAR的URL）。   Next, click "Debug". You will be prompted to authenticate, and a series of usernames and passwords are suggested on that page. Simply authenticate with any of these and view the resulting page. It should contain a success message similar to the following: 接下來，單擊“除錯”。系統將提示您進行身份驗證，並在該頁面上建議一系列使用者名稱和密碼。只需使用其中任何一個進行身份驗證即可檢視生成的頁面。它應包含類似於以下內容的成功訊息：  

Security Debug Information

Authentication object is of type:
org.springframework.security.authentication.UsernamePasswordAuthenticationToken

Authentication object as a String:

org.springframew[email protected]1f127853:
Principal: [email protected]: Username: rod; \
Password: [PROTECTED]; Enabled: true; AccountNonExpired: true;
credentialsNonExpired: true; AccountNonLocked: true; \
Granted Authorities: ROLE_SUPERVISOR, ROLE_USER; \
Password: [PROTECTED]; Authenticated: true; \
Details: org.sprin[email protected]0: \
RemoteIpAddress: 127.0.0.1; SessionId: 8fkp8t83ohar; \
Granted Authorities: ROLE_SUPERVISOR, ROLE_USER

Authentication object holds the following granted authorities:

ROLE_SUPERVISOR (getAuthority(): ROLE_SUPERVISOR)
ROLE_USER (getAuthority(): ROLE_USER)

Success! Your web filters appear to be properly configured!

Once you successfully receive the above message, return to the sample application’s home page and click "Manage". You can then try out the application. Notice that only the contacts available to the currently logged on user are displayed, and only users with ROLE_SUPERVISOR are granted access to delete their contacts. Behind the scenes, the MethodSecurityInterceptor is securing the business objects.

成功收到上述訊息後，返回示例應用程式的主頁並單擊“管理”。然後，您可以試用該應用程式。請注意，僅顯示當前登入使用者可用的聯絡人，並且只有具有ROLE_SUPERVISOR的使用者才有權刪除其聯絡人。在幕後，MethodSecurityInterceptor正在保護業務物件。   The application allows you to modify the access control lists associated with different contacts. Be sure to give this a try and understand how it works by reviewing the application context XML files. 該應用程式允許您修改與不同聯絡人關聯的訪問控制列表。請務必通過檢視應用程式上下文XML檔案來嘗試並瞭解其工作原理。  

7.3 LDAP Sample

The LDAP sample application provides a basic configuration and sets up both a namespace configuration and an equivalent configuration using traditional beans, both in the same application context file. This means there are actually two identical authentication providers configured in this application.

LDAP示例應用程式提供基本配置，並使用傳統bean在同一應用程式上下文檔案中設定名稱空間配置和等效配置。這意味著在此應用程式中實際配置了兩個相同的身份驗證提供程

7.4 OpenID Sample

The OpenID sample demonstrates how to use the namespace to configure OpenID and how to set up attribute exchange configurations for Google, Yahoo and MyOpenID identity providers (you can experiment with adding others if you wish). It uses the JQuery-based openid-selector project to provide a user-friendly login page which allows the user to easily select a provider, rather than typing in the full OpenID identifier.

OpenID示例演示瞭如何使用名稱空間配置OpenID以及如何為Google，Yahoo和MyOpenID身份提供程式設定屬性交換配置（如果願意，可以嘗試新增其他配置）。它使用基於JQuery的openid-selector專案來提供使用者友好的登入頁面，允許使用者輕鬆選擇提供者，而不是鍵入完整的OpenID識別符號。   The application differs from normal authentication scenarios in that it allows any user to access the site (provided their OpenID authentication is successful). The first time you login, you will get a "Welcome [your name]"" message. If you logout and log back in (with the same OpenID identity) then this should change to "Welcome Back". This is achieved by using a custom  UserDetailsService which assigns a standard role to any user and stores the identities internally in a map. Obviously a real application would use a database instead. Have a look at the source form more information. This class also takes into account the fact that different attributes may be returned from different providers and builds the name with which it addresses the user accordingly. 該應用程式與普通身份驗證方案的不同之處在於，它允許任何使用者訪問該站點（前提是他們的OpenID身份驗證成功）。第一次登入時，您將收到“歡迎[您的姓名]”訊息。如果您登出並重新登入（具有相同的OpenID身份），則應更改為“歡迎回來”。這是通過使用自定義UserDetailsS​​ervice，它為任何使用者分配標準角色，並在內部將身份儲存在地圖中。顯然，真正的應用程式會使用資料庫。請檢視源表單中的更多資訊。此類還考慮了不同屬性的事實可以從不同的提供者返回，並相應地構建用於向用戶傳送的名稱。

7.5 CAS Sample

The CAS sample requires that you run both a CAS server and CAS client. It isn’t included in the distribution so you should check out the project code as described in the introduction. You’ll find the relevant files under the sample/cas directory. There’s also a Readme.txt file in there which explains how to run both the server and the client directly from the source tree, complete with SSL support.

CAS示例要求您同時執行CAS伺服器和CAS客戶端。它不包含在發行版中，因此您應該按照簡介中的說明檢視專案程式碼。您將在sample / cas目錄下找到相關檔案。還有一個Readme.txt檔案，其中解釋瞭如何直接從原始碼樹執行伺服器和客戶端，完成SSL支援。  

7.6 JAAS Sample

The JAAS sample is very simple example of how to use a JAAS LoginModule with Spring Security. The provided LoginModule will successfully authenticate a user if the username equals the password otherwise a LoginException is thrown. The AuthorityGranter used in this example always grants the role ROLE_USER. The sample application also demonstrates how to run as the JAAS Subject returned by the LoginModule by setting jaas-api-provision equal to "true".

JAAS示例是如何在Spring Security中使用JAAS LoginModule的非常簡單的示例。如果使用者名稱等於密碼，則提供的LoginModule將成功驗證使用者，否則丟擲LoginException。本示例中使用的AuthorityGranter始終授予角色ROLE_USER。示例應用程式還演示瞭如何通過將jaas-api-provision設定為“true”來作為LoginModule返回的JAAS主題執行。  

7.7 Pre-Authentication Sample

This sample application demonstrates how to wire up beans from the pre-authentication framework to make use of login information from a Java EE container. The user name and roles are those setup by the container.

The code is in samples/preauth.

此示例應用程式演示瞭如何從預身份驗證框架中連線Bean以使用來自Java EE容器的登入資訊。使用者名稱和角色是容器設定的使用者名稱和角色。 程式碼在樣本/ preauth中。