<!-- 该路径下的资源不用过滤 -->
<http pattern="/resources/**" security="none" />
<http pattern="/" security="none" />
<http pattern="/register/*" security="none" />
<http pattern="/gettn" security="none" />
<http pattern="/static/**" security="none" />
<http pattern="/favicon.ico" security="none" />
<http pattern="/upload/**" security="none" />
<!--
<http pattern="/userinfo/**" security="none" /> -->
<!--
<http pattern="/selectMerchant" security="none" /> -->
<http auto-config="true" use-expressions="true">
<form-login login-page="/"
login-processing-url="/signon"
authentication-success-handler-ref="myAuthenticationSuccessHandler"
authentication-failure-url="/"/>
<logout delete-cookies="JSESSIONID"
logout-url="/signoff"
logout-success-url="/"/>
<intercept-url pattern="/user/**" access="isAuthenticated()" />
<remember-me />
<!--
删除 不启动 -->
<!--
<session-management invalid-session-url="/"> -->
<!--
<concurrency-control max-sessions="10" -->
<!--
error-if-maximum-exceeded="true" /> -->
<!--
</session-management> -->
</http>
<beans:bean id="myAuthenticationSuccessHandler" class="com.leyidai.web.security.LoginSuccessHandler"/>
