<security:http auto-config="true">
<!--指定登录页面-->
<security:form-login login-page="/login.jsp"/>
<!--对登录页面不进行拦截-->
<security:intercept-url pattern="/login.jsp*" filters="none"/><security:intercept-url pattern="/**" access="ROLE_USER"/>
<!--access定义了请求匹配了指定模式时的需求-->
</security:http><!-- 配置认证管理器 -->
<security:authentication-manager>
<security:authentication-provider>
<!-- 采用md5的方式加密 -->
<security:password-encoder hash="md5"></security:password-encoder>
<security:user-service><security:user name="user" password="user" authorities="ROLE_USER"/>
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<!-- 定义上下文返回的消息的国际化 -->
<bean id="messageSource"
class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="basename"
value="classpath:message"/>
</bean>
国际化的输出,在jsp页面的输出方式是 ${sessionScope.SPRING_SECURITY_LAST_EXCEPTION.message}