Spring in Practical notes: Spring in the Web

I. Building a spring Web application

User request processing in 1.Spring MVC

Shows all of the sites that the request is experiencing with spring MVC.

1: When the request leaves the browser, it will have all the requested content information, at least the requested URL will be included.

Requests are sent to the spring MVC controller by the spring's Dispatcherservlet front-end controller.

2: Dispatcherservlet queries one or more processor mappings (handler mapping) to determine where the next station is requested.

The processor map makes decisions based on the URL information that is carried by the request.

3: Once the appropriate controller is selected, Dispatcherservlet sends the request to the selected controller.

To the controller, the request unloads the submitted information and waits for the controller to process the information.

4: When the controller finishes processing, it will produce some information as model. The controller packages the model data and marks the name of the view used to render the output. The request is then sent back to Dispatcherservlet, along with the model and view name.

5: Dispatcherservlet uses the view resolve to match the logical view name to a specific view implementation.

6: Implementation of the view, delivery of model data.

7: The view will render the output using the model data, which is passed to the client through the response object.

2. Basic controller

@Controller: Declared as a controller;

@RequestMapping: Declare the request that they want to process:

@RequestMapping (vaule= "/", Method=get): When an HTTP GET request to "/" is received, the method of the annotation is called home ().

@RequestParam: Receives the request input, takes the request as the query parameter;

@PathVariable: Use a placeholder to make the request part of the path;

The difference : When using @requestparam, the URL is this:http://host:port/path? parameter name = argument value

when using @pathvariable, the URL is this: thehttp://host:port/path/parameter value

@RequestMapping (value= "/user", Method = requestmethod.get)      public @ Responsebody     user printuser (@RequestParam (value =  "id",  required = false, defaultvalue =  "0")      int id)   {      user user = new user ();          user = userservice.getuserbyid (ID);          return user;     }            @RequestMapping (value= "/user/{id:\\d+}", Method = requestmethod.get)       public  @ResponseBody      user printuser2 (@PathVariable  int id)  {         user user = new  user ();   &nbsP;      user = userservice.getuserbyid (ID);          return user;     }

@Valid: Tell spring that you need to ensure that this object meets the checksum limit.

Validation annotations provided by the Java Validation API:

Annotations	Describe
@AssertFalse	The annotated element must be of type Boolean and the value is False
@AssertTrue	The annotated element must be of type Boolean and a value of true
@DecimalMax	The annotated element must be a number, and the value is less than or equal to the given bigdecimalstring value
@DecimalMin	The annotated element must be a number, and the value is greater than or equal to the given bigdecimalstring
@Digits	The annotated element must be a number, and its value must have a specified number of digits
@Future	The value of the annotated element must be a future date
@Max	The annotated element must be a number, and its value is greater than or equal to the given value
@Min	The annotated element must be a number, and its value is less than or equal to the given value
@NotNull	The value of the annotated element must not be null
@Null	The value of the annotated element must be null
@Past	The value of the annotated element must be a date that has passed
@Parttern	The value of the annotated element must match the given regular expression
@Size	The value of the annotated element must be a string, a collection, or an array, and its length conforms to the given range

@Controller @requestmapping (Detailcontroller.view_prefix) public class detailcontroller extends  AjaxBaseController {public static final String VIEW_PREFIX =  "/ajax/ Detail ";p ublic static final string get_detail = "/getdetaillist ";p ublic  static final string find =  "/find"; @Autowiredprivate  JobDetailService  jobdetailservice;/***  Find */@ResponseBody @requestmapping (value = find, method =  Requestmethod.get) Public ajaxpackvo<detailvo> find (@RequestParam ("id")  long id) { Ajaxpackvo<detailvo> packvo = new ajaxpackvo<> ();D etailvo dr =  JOBDETAILSERVICE.FINDVO (ID);p ackvo.setvo (DR); Return packvo;} @ResponseBody @requestmapping (value = get_detail, method = requestmethod.post) public  ajaxpackvo<detailvo> getdetail (@RequestBody  detailso detailso) {ajaxpackvo<detailvo> detailvoajaxpackvo = new ajaxpackvo<> (); Pagelist<detailvo> detailvopagelist = jobdetailservice.getpagelist (DetailSo); Detailvoajaxpackvo.setpagelist (detailvopagelist); return detailvoajaxpackvo;}

@ResponseStatus: Add annotations to an exception to map it to an HTTP status code;

@ResponseStatus (Value=httpstatus.not_found, reason= "spittle not FOUND")//Map exception to HTTP status 404

@ExceptionHandler: Add annotations to the method to handle exceptions;

Two. Protect your web App

Use spring security to provide security for your web apps and protect the information in your app.

Spring Security provides a complete security solution to handle identity authentication and authorization at the Web request level and at the method invocation level. Take advantage of dependency injection and aspect-oriented technology.

Spring security addresses safety issues from two perspectives:

(1) Use the filter in the Servlet specification to secure Web requests and restrict URL-level access;

(2) Spring security can also use the Spring AOP protection method invocation-with the help of object proxies and use notifications. To ensure that only users with the appropriate permissions can access the security method.

Spring security is divided into 11 modules:

Module	Describe
Acl	Support for providing security for domain objects through access control lists (ACLs)
Facets (aspects)	A very small module that uses ASPECTJ-based facets when using spring security annotations instead of using standard spring AOP
CAS Client	Provides integrated functionality with Jasig's central authentication Service (centrally authentication Service,cas)
Configuration (config)	Includes feature support for configuring spring security through XML and Java
Cores (CORE)	Provides the spring security base Library
Encryption (cryptography)	Provides encryption and password-encoding capabilities
Ldap	Support for LDAP-based authentication
Openid	Support for centralized authentication using OpenID
Remoting	Provides support for spring remoting
Tag libraries (Tag library)	Spring Security's JSP tag library
Web	Provides spring security filter-based Web security support

@EnableWebSecurity: This annotation will enable the Web security feature, which must be configured in a bean that implements Websecurityconfigure;

@EnableWebMvcSecurity: If your app is developed using spring MVC, you should consider using that annotation instead of @enablewebsecurity;

@Configuration @enablewebmvcsecuritypublic class Securityconfig extends websecurityconfigureradapter{}

Spring in Practical notes: Spring in the Web