使用SpringSide 3.1.4.3開發(fā)Web項(xiàng)目的全過程(上)
使用SpringSide 3.1.4.3開發(fā)Web項(xiàng)目的全過程(中)
第八步、使用Spring Security保護(hù)Web資源。在SpringSide 3項(xiàng)目中,已經(jīng)整合進(jìn)了SpringSecurity,實(shí)現(xiàn)了符合RBAC規(guī)范的權(quán)限管理系統(tǒng),并把數(shù)據(jù)保存到了數(shù)據(jù)庫中。我以前的博文
SpringSide 3 中的安全框架中對SpringSecurity有一個(gè)初步的探討,我認(rèn)為我寫的東西對入門來說是很有幫助的,入門以后再深入就簡單了,在評論中我又補(bǔ)充了幾點(diǎn),其中就提到如果要把資源權(quán)限配置內(nèi)容放到數(shù)據(jù)庫中,就要從objectDefinitionSource著手。事實(shí)上,在最新的SpringSide 3版本中,就是通過定義一個(gè)databaseDefinitionSource來實(shí)現(xiàn)從數(shù)據(jù)庫中讀取資源和權(quán)限之間的關(guān)系,而databaseDefinitionSource引用resourceDetailService,而該Service調(diào)用personal.youxia.service.security.ResourceDetailServiceImpl。就是這樣一層套一層的關(guān)系,但是最終只需要用戶實(shí)現(xiàn)personal.youxia.service.security.ResourceDetailServiceImpl即可。在SpringSide 3項(xiàng)目中,實(shí)現(xiàn)該Service的工作都可以省略,因?yàn)榻习滓乱呀?jīng)做好了。而我們要做的,就是在他提供的基礎(chǔ)上進(jìn)行擴(kuò)展。
在項(xiàng)目中,已經(jīng)定義好了users、roles、authorities和resource,如果需要擴(kuò)展其中任意一項(xiàng),只需要向?qū)?yīng)的數(shù)據(jù)表添加記錄即可。預(yù)定義的role有“管理員”和“用戶”兩種,我認(rèn)為在該示例中已經(jīng)沒有增加角色的必要了,而authorities是肯定要增加的,我想讓只有“用戶”能夠添加文章,只有“管理員”能夠刪除文章,所以在authorities表中增加如下兩行:
insert into AUTHORITIES (NAME,DISPLAY_NAME) values('A_ADD_ARTICLE','添加文章');
insert into AUTHORITIES (NAME,DISPLAY_NAME) values('A_DELETE_ARTICLE','刪除文章');
建立authorities表和roles表的聯(lián)系,用戶可以添加文章,管理員當(dāng)然也能夠添加文章,而只有管理員能夠刪除文章,所以在數(shù)據(jù)庫中添加如下三行:
insert into ROLES_AUTHORITIES values(1,5);
insert into ROLES_AUTHORITIES values(1,6);
insert into ROLES_AUTHORITIES values(2,5);
再來看看需要保護(hù)的資源,它們應(yīng)該分別為article.action、article!input.action、article!save.action、article!delete.action,其中只有后面三個(gè)需要保護(hù),因此在數(shù)據(jù)庫中添加如下三行:
insert into RESOURCES (RESOURCE_TYPE,VALUE,ORDER_NUM) values('url','/article!input*',7.0);
insert into RESOURCES (RESOURCE_TYPE,VALUE,ORDER_NUM) values('url','/article!save*',8.0);
insert into RESOURCES (RESOURCE_TYPE,VALUE,ORDER_NUM) values('url','/article!delete*',9.0);
最后,需要建立授權(quán)和資源之間的聯(lián)系,如下:
insert into RESOURCES_AUTHORITIES values(5,7);
insert into RESOURCES_AUTHORITIES values(5,8);
insert into RESOURCES_AUTHORITIES values(6,9);
這時(shí),再運(yùn)行項(xiàng)目,會發(fā)現(xiàn)沒有登錄的用戶只能察看文章,而點(diǎn)擊增加文章或刪除文章的鏈接,就會跳到Login界面,或顯示你沒有訪問該頁面的權(quán)限。
對于項(xiàng)目中自帶的用戶、角色、授權(quán)和資源管理,我是這樣的看法:最開始接觸SpringSide 3項(xiàng)目的時(shí)候,我覺得該功能是個(gè)雞肋,甚至想過把這些功能刪除掉,弄一個(gè)干凈的項(xiàng)目從頭做;經(jīng)過一段時(shí)間的思考后,我的觀念變了,我覺得這個(gè)功能非常有用,是一個(gè)很好的基礎(chǔ),而我們自己的功能,都可以從這里進(jìn)行擴(kuò)展;這里的擴(kuò)展,大部分都只需要在數(shù)據(jù)庫中添加數(shù)行記錄即可,正如上面的演示,唯一不能達(dá)到要求的,可能是有的人覺得users表字段太少,而實(shí)際項(xiàng)目中我們要記錄用戶的信息遠(yuǎn)遠(yuǎn)不止這么少,其實(shí)這個(gè)問題也好解決,只需要創(chuàng)建一個(gè)user_details表即可,或者叫user_profiles,再按照之前的步驟創(chuàng)建針對user_details表的增刪查改功能;總之,盡量不要去更改江南白衣已經(jīng)實(shí)現(xiàn)了的數(shù)據(jù)庫結(jié)構(gòu)和程序代碼。
SpringSecurity針對資源的保護(hù),不僅僅是只能在數(shù)據(jù)庫中配置,其實(shí)SpringSecurity更提供了一些有用的標(biāo)簽,可以在視圖文件中靈活使用。具體內(nèi)容,大家請參考SpringSecurity文檔。
第九步、將項(xiàng)目遷移到多數(shù)據(jù)庫環(huán)境。其實(shí)只要了解前面的八步,簡單的項(xiàng)目就可以搞定了,但是對于致力于高并發(fā)高負(fù)載的分布式應(yīng)用,則離不開多數(shù)據(jù)源和分布式事務(wù)管理,Web Service和AJAX的跨域訪問也是做分布式應(yīng)用的有力武器。在我前面的博文中,我已經(jīng)探討過了多數(shù)據(jù)源配置的各種問題:
SpringSide 3 中的多數(shù)據(jù)源配置的問題
在SpringSide 3 中使用多個(gè)數(shù)據(jù)庫的方法
在這里,我選擇了第三種方法,就是在Spring中整合Atomikos。下載Atomikos 3.5.5版,把如下transactions-essentials-alljar文件和jta.properties文件拷入到項(xiàng)目的WEB-INF/lib目錄下。
創(chuàng)建第二個(gè)數(shù)據(jù)庫,名稱為MultiDatasourceExampleIndex,其中包含一個(gè)Article表,如下:
創(chuàng)建Entity類ArticleIndex.java,創(chuàng)建Dao類ArticleIndexDao.java,創(chuàng)建Manager類ArticleIndexManager.java,這幾個(gè)過程和前面的過程沒有什么區(qū)別,所以我就不列代碼出來了。為了減少編寫Action的工作,我將添加ActionIndex的動作放到了ArticleAction中,即在添加Article的同時(shí)添加ArticleIndex。
修改applicationContext.xml文件,配置雙份的dataSource、雙份的sessionFactory,并使用JTATransactionManager,如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jee="http://www.springframework.org/schema/jee" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee-2.5.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd"
default-lazy-init="true">
<description>Spring公共配置文件 </description>
<!-- 定義受環(huán)境影響易變的變量 -->
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="systemPropertiesModeName" value="SYSTEM_PROPERTIES_MODE_OVERRIDE" />
<property name="ignoreResourceNotFound" value="true" />
<property name="locations">
<list>
<!-- 標(biāo)準(zhǔn)配置 -->
<value>classpath*:/application.properties</value>
<!-- 本地開發(fā)環(huán)境配置 -->
<value>classpath*:/application.local.properties</value>
<!-- 服務(wù)器生產(chǎn)環(huán)境配置 -->
<!-- <value>file:/var/myapp/application.server.properties</value> -->
</list>
</property>
</bean>
<!-- 使用annotation 自動注冊bean,并保證@Required,@Autowired的屬性被注入 -->
<context:component-scan base-package="personal.youxia" />
<bean id="dataSourceContent" class="com.atomikos.jdbc.AtomikosDataSourceBean" init-method="init" destroy-method="close">
<property name="uniqueResourceName">
<value>jdbc/dataSourceContent</value>
</property>
<property name="xaDataSourceClassName">
<value>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</value>
</property>
<property name="xaProperties">
<props>
<prop key="serverName">localhost</prop>
<prop key="portNumber">3306</prop>
<prop key="databaseName">MultiDatasourceExample</prop>
<prop key="user">youxia</prop>
<prop key="password">******</prop>
</props>
</property>
<property name="poolSize">
<value>3</value>
</property>
</bean>
<bean id="dataSourceIndex" class="com.atomikos.jdbc.AtomikosDataSourceBean" init-method="init" destroy-method="close">
<property name="uniqueResourceName">
<value>jdbc/dataSourceIndex</value>
</property>
<property name="xaDataSourceClassName">
<value>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</value>
</property>
<property name="xaProperties">
<props>
<prop key="serverName">localhost</prop>
<prop key="portNumber">3306</prop>
<prop key="databaseName">MultiDatasourceExample</prop>
<prop key="user">youxia</prop>
<prop key="password">******</prop>
</props>
</property>
<property name="poolSize">
<value>3</value>
</property>
</bean>
<!-- Hibernate配置 -->
<bean id="sessionFactoryContent" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="dataSource" ref="dataSourceContent" />
<property name="namingStrategy">
<bean class="org.hibernate.cfg.ImprovedNamingStrategy" />
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.MySQL5InnoDBDialect</prop>
<prop key="hibernate.show_sql">${hibernate.show_sql}</prop>
<prop key="hibernate.format_sql">${hibernate.format_sql}</prop>
<prop key="hibernate.cache.provider_class">org.hibernate.cache.EhCacheProvider
</prop>
<prop key="hibernate.cache.provider_configuration_file_resource_path">${hibernate.ehcache_config_file}</prop>
</props>
</property>
<property name="packagesToScan" value="personal.youxia.entity.*" />
</bean>
<bean id="sessionFactoryIndex" class="org.springframework.orm.hibernate3.annotation.AnnotationSessionFactoryBean">
<property name="dataSource" ref="dataSourceIndex" />
<property name="namingStrategy">
<bean class="org.hibernate.cfg.ImprovedNamingStrategy" />
</property>
<property name="hibernateProperties">
<props>
<prop key="hibernate.dialect">org.hibernate.dialect.MySQL5InnoDBDialect</prop>
<prop key="hibernate.show_sql">${hibernate.show_sql}</prop>
<prop key="hibernate.format_sql">${hibernate.format_sql}</prop>
<prop key="hibernate.cache.provider_class">org.hibernate.cache.EhCacheProvider
</prop>
<prop key="hibernate.cache.provider_configuration_file_resource_path">${hibernate.ehcache_config_file}</prop>
</props>
</property>
<property name="packagesToScan" value="personal.youxia.entity.*" />
</bean>
<!-- 事務(wù)管理器配置,多數(shù)據(jù)源JTA事務(wù)-->
<bean id="atomikosTransactionManager" class="com.atomikos.icatch.jta.UserTransactionManager" init-method="init" destroy-method="close">
<property name="forceShutdown"><value>true</value></property>
</bean>
<bean id="atomikosUserTransaction" class="com.atomikos.icatch.jta.UserTransactionImp">
<property name="transactionTimeout" value="300"/>
</bean>
<bean id="transactionManager" class="org.springframework.transaction.jta.JtaTransactionManager">
<property name="transactionManager" ref="atomikosTransactionManager" />
<property name="userTransaction" ref="atomikosUserTransaction"/>
</bean>
<!-- 使用annotation定義事務(wù) -->
<tx:annotation-driven transaction-manager="transactionManager" />
</beans>
修改web.xml,配置雙份的OpenSessionInViewFilter,如下: 1321
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>MultiDatasourceExample</display-name>
<!-- Spring ApplicationContext配置文件的路徑,可使用通配符,多個(gè)路徑用,號分隔
此參數(shù)用于后面的Spring Context Loader -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath*:/applicationContext*.xml</param-value>
</context-param>
<!-- Character Encoding filter -->
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<!-- SpringSide's Hibernate Open Session In View filter-->
<filter>
<filter-name>hibernateOpenSessionInViewFilterContent</filter-name>
<filter-class>org.springside.modules.orm.hibernate.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>excludeSuffixs</param-name>
<param-value>js,css,jpg,gif</param-value>
</init-param>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactoryContent</param-value>
</init-param>
</filter>
<filter>
<filter-name>hibernateOpenSessionInViewFilterIndex</filter-name>
<filter-class>org.springside.modules.orm.hibernate.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>excludeSuffixs</param-name>
<param-value>js,css,jpg,gif</param-value>
</init-param>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactoryIndex</param-value>
</init-param>
</filter>
<!-- SpringSecurity filter-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!-- Struts2 filter -->
<filter>
<filter-name>struts2Filter</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>hibernateOpenSessionInViewFilterContent</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>hibernateOpenSessionInViewFilterIndex</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>struts2Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--Spring的ApplicationContext 載入 -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- Spring 刷新Introspector防止內(nèi)存泄露 -->
<listener>
<listener-class>org.springframework.web.util.IntrospectorCleanupListener</listener-class>
</listener>
<!-- session超時(shí)定義,單位為分鐘 -->
<session-config>
<session-timeout>20</session-timeout>
</session-config>
<!-- 出錯頁面定義 -->
<error-page>
<exception-type>java.lang.Throwable</exception-type>
<location>/common/500.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/common/500.jsp</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/common/404.jsp</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/common/403.jsp</location>
</error-page>
</web-app>
在每一個(gè)Dao類里面使用@Resource注解指定使用哪一個(gè)SessionFactory。代碼我就不列出來了,運(yùn)行項(xiàng)目進(jìn)行測試,成功。
到此,我們的征途圓滿結(jié)束。但是SpringSide 3包含的特性遠(yuǎn)遠(yuǎn)不止這些,在showcase中,江南白衣不斷在演示一些新的技術(shù),這些技術(shù)如果用得恰當(dāng),會有效提高我們項(xiàng)目的開發(fā)速度和項(xiàng)目的運(yùn)行效率,在以后的日子里,我會逐步為大家揭開這些神秘的面紗。
這里是該示例項(xiàng)目的源代碼
MultiDatasourceExample.rar,歡迎大家點(diǎn)擊下載,使用Eclipse 3.4導(dǎo)入后,即可以編輯和運(yùn)行。 由于jar文件太占空間,這個(gè)源代碼里面是不提供jar文件的,幸好我只給項(xiàng)目增加了mysql-connector.5.0.18.jar、transaction-essential-all.jar兩個(gè)和jta.properties一個(gè),其余的都是標(biāo)準(zhǔn)的,大家可以從別的項(xiàng)目中拷貝過來。在運(yùn)行項(xiàng)目之前,大家一定要記得手動創(chuàng)建數(shù)據(jù)庫,并修改配置文件里面的數(shù)據(jù)庫名和密碼。