Springboot System Integration

It is said that Captain Jack was hacked to pieces, it seems that information security is still a long way to go, this article as a primer, to introduce the spring boot for system integration support.

Spring Security provides a security framework for implementing security features through IOC and AOP, which involves two key concepts, certifications & authorizations. In spring, its application only needs to annotate @enablewebsecurity on one configuration class and inherit from Websecurityconfigureadapter.

User authentication: Memory authentication, JDBC authentication, providing default database structure, universal User (recommended), implement Userdetailsservice.

Request authorization: Common security handling methods include anyrequest matching all request paths (support Antmatchers, and regular regexmachers), Anonymous () anonymous accessible, Access (String) Parameter El expression result not true when accessible, hasanyauthority () any permission accessible, hasanyrole any role accessible, hasipaddress any IP accessible, hasrole role accessible, Permitall () The user is free to access, RememberMe allows REM login, authenticated user can access after login.

1 spring.activemq.broker-url=tcp://localhost:616162 spring.activemq.user=3 spring.activemq.password=4 spring.activemq.in-memory=true5 Spring.activemq.pool.enabled=false6 7 Maven:8         <Dependency>9             <groupId>Org.springframework</groupId>Ten             <Artifactid>Spring-jms</Artifactid> One         </Dependency> A         <Dependency> -             <groupId>Org.apache.activemq</groupId> -             <Artifactid>Activemq-client</Artifactid> the         </Dependency>

View Code

The default configuration provided by Springboot includes automatic configuration of a memory user, ignoring interception of static files such as/css/**, automatic configuration of securityfilterchainregistration beans, and good support for oauth2.

1 Security.user.name=user2 security.user.password=3 Security.user.role=user4 Security.require-ssl=false5 Security.enable-csrf=false6 security.basic.enabled=true7 security.basic.realm=spring8 security.basic.path=9 security.basic.authorize-mode=authenticatedTen security.filter-order=0 One Security.headers.xss=false A Security.headers.cache=false - Security.headers.frame=false - Security.headers.content-type=false the Security.headers.hsts=all - security.sessions=stateless - security.ignored= -  + Maven: -         <Dependency> +             <groupId>Org.springframework.boot</groupId> A             <Artifactid>Spring-boot-starter-security</Artifactid> at         </Dependency>

View Code

In practice, you need to extend the user you build, such as creating a Userwrapper class that implements the Userdetails interface (about password and passwordhash,salt), Then provide a class that implements the Userdetailsservice, and register to Sercurityconfig.

TIP:

HTTP Session Hijacking: http://www.cnblogs.com/baibaomen/p/http-session-hijack.html

The primary purpose of asynchronous messaging is communication between systems, which involves two important concepts, message broker and destination destination, when the message sender sends a message, the message is taken over by the message agent, and the message agent guarantees that the message is delivered to the specified destination. Asynchronous messages consist primarily of two forms of destination, queue queues (for Point-to-point communication), and Subject topic (for Publish/Subscribe message communication).

Point-to-point : The sender sends a message, the agent gets the message and puts it into the queue, and when the receiver receives it, the message is taken out, which is the message to leave.

Publish/Subscribe : The sender sends a message to the subject, and multiple message receivers listen to the topic.

The JMS(Java Message Service), the Java messaging Services, is based on the specification of the JVM message agent, ActiveMQ, HORNETQ is the implementation of JMS.

AMQP(Advance message Queuing Protocol) is also a message specification. But it is not only compatible with JMS, but also supports other platforms, mainly implemented by RABBITMQ.

ActiveMQ

1 spring.activemq.broker-url=tcp://localhost:616162 spring.activemq.user=3 spring.activemq.password=4 spring.activemq.in-memory=true5 Spring.activemq.pool.enabled=false6 Maven:7         <Dependency>8             <groupId>Org.springframework</groupId>9             <Artifactid>Spring-jms</Artifactid>Ten         </Dependency> One         <Dependency> A             <groupId>Org.apache.activemq</groupId> -             <Artifactid>Activemq-client</Artifactid> -         </Dependency>

View Code

TIP:

Docker Boot: Docker run-d-P 61616:61616-p 8161:8161--name activemq1 cloudesire/activemq

Where 61616 is the port of the message agent and 8161 is the port of the ACTIVEMQ administration page

RabbitMQ

1 Spring.rabbitmq.host=localhost2 spring.rabbitmq.port=56723 Spring.rabbitmq.username=admin4 Spring.rabbitmq.password=admin5 6 Maven:7         <Dependency>8             <groupId>Org.springframework.boot</groupId>9             <Artifactid>Spring-boot-starter-amqp</Artifactid>Ten         </Dependency>

View Code

TIP:

Docker Boot: Docker run-d-P 5672:5672-p 15672:15672--name rabbitmq1 rabbitmq:3-management

Where 5672 is the port of the message agent and 15672 is the port of the ACTIVEMQ Administration page (you can log in with guest:guest)

Spring integration provides an EIP for the local spring (Enterprise integration Patterns Business Integration model , ESB? ), to solve the problem of interaction between different systems, through asynchronous message-driven to achieve loose coupling between the system, Spring integration mainly by the message, Channel, message endpoint composition, you can see, in addition to the channel, Other knowledge points are the same as the message part.

message: Consists of the body payload and the header header, the message body can be any data type, such as Xml,json,java object.

Channel: Messagechannel top-level interface, Pollablechannel with polling to get messages, Subscribablechannel send messages to subscribers subscribed to MessageHandler, Publishsubscribechannel broadcast messages to all Subscribers, Queuechannel saves the message with a queue that can be set to a size, Prioritychannel stores the data to the queue by priority, Rendezvouschannel ensures that each recipient receives a message and then sends a message, Directchannel the default message channel, allows the message to be sent to a subscriber, and then blocks the send to know that the message is accepted. The Executorchannel can be bound to a multithreaded taskexecutor. In addition, Channelinterceptor is provided to process the message.

Messageendpoint: is a component that handles messages, can control channel routing, the available message endpoints include Channeladapter, is unidirectional, inbound channels only accept messages, outbound channels only output messages, support various types of protocols The gateway provides two-way request/return; the Service activator invokes the bean to process the message, and the router determines the transmission channel of the message based on the message body type, the value of the message header, and the defined receive table as criteria; filter-like routing Because the decision message can be passed, splitter the message, aggregator merge message, Enricher Enhancer, transformer converter, bridge bridging two message channels.

1 Maven:2         <Dependency>3             <groupId>Org.springframework.boot</groupId>4             <Artifactid>Spring-boot-starter-integration</Artifactid>5         </Dependency>6         <Dependency>7             <groupId>Org.springframework.boot</groupId>8             <Artifactid>Spring-boot-starter-mail</Artifactid>9         </Dependency>Ten         <Dependency> One             <groupId>Org.springframework.integration</groupId> A             <Artifactid>Spring-integration-feed</Artifactid> -         </Dependency> -         <Dependency> the             <groupId>Org.springframework.integration</groupId> -             <Artifactid>Spring-integration-mail</Artifactid> -         </Dependency>

View Code

Tip: This part of the experiment encountered some problems, temporary release.

Resources

1. Wang Yunfei . Spring Boot combat [M]. Beijing : Electronic Industry Publishing house ,.

Springboot System Integration