一.SpringSecurity的模块 At the least, you’ll want to include the Core and Configuration modules in your application’s classpath. Spring Security is often used to secure web applications, and that’s certainly the case with the Spittr application, so you’l…

1.把包含敏感信息的请求转为https请求,则较为安全,但如何只把有需要安全的请求转为https,而不是不加分辩就把所有请求都转为https呢?可以用requiresChannel() @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/spitter/me").hasRole("SPITTER&quo…

一. What if you wanted to restrict access to certain roles only on Tuesday? Using the access() method, you can also use SpEL as a means for declaring access requirements. For example, here’s how you could use a SpEL expression to require ROLE_SPITTER…

一. 1.定义接口 Suppose that you need to authenticate against users in a non-relational database suchas Mongo or Neo4j. In that case, you’ll need to implement a custom implementationof the UserDetailsService interface. public interface UserDetailsService {…

一.LDAP server在哪 By default, Spring Security’s LDAP authentication assumes that the LDAP server is listening on port 33389 on localhost. But if your LDAP server is on another machine,you can use the contextSource() method to configure the location: @O…

一. 1.Focusing on the authentication query, you can see that user passwords are expected to be stored in the database. The only problem with that is that if the passwords are stored in plain text, they’re subject to the prying eyes of a hacker. But if…

一. 1.It’s quite common for user data to be stored in a relational database, accessed via JDBC . To configure Spring Security to authenticate against a JDBC -backed user store,you can use the jdbcAuthentication() method. The minimal configuration requ…

Spring Security is extremely flexible and is capable of authenticating users against virtually any data store. Several common user store situations—such as in-memory, relational database, and LDAP —are provided out of the box. But you can also create…

一. 对特定的请求拦截 For example, consider the requests served by the Spittr application. Certainly, thehome page is public and doesn’t need to be secured. Likewise, since all Spittleobjects are essentially public, the pages that display Spittle s don’t requi…

一. The default strategy for authenticating against LDAP is to perform a bind operation,authenticating the user directly to the LDAP server. Another option is to perform a comparison operation. This involves sending the entered password to the LDAP di…

一. 1.This method is the  LDAP analog to  jdbcAuthentication() @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth .ldapAuthentication() .userSearchFilter("(uid={0})") .groupSearchFilter("member={0}&…

1. package soundsystem; import org.springframework.beans.factory.annotation.Autowired; public class CDPlayer implements MediaPlayer { private CompactDisc cd; @Autowired public CDPlayer(CompactDisc cd) { this.cd = cd; } public void play() { cd.play();…

一.当构造函数有集合时,只能用<CONSTRUCTOR-ARG>,不能用C-NAMESPACE 二. 1. package soundsystem.collections; import java.util.List; import soundsystem.CompactDisc; public class BlankDisc implements CompactDisc { private String title; private String artist; private List&l…

spring的bean默认是单例,加载容器是会被化,spring会拦截其他再次请求bean的操作,返回spring已经创建好的bean. It appears that the CompactDisc is provided by calling sgtPeppers , but that’s notexactly true. Because the sgtPeppers() method is annotated with @Bean , Spring willintercept any ca…

1. package soundsystem; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class CDPlayerConfig { @Bean public CompactDisc compactDisc() { return new SgtPeppers(); }…

一. 1. As you can see, a bean factory performs several setup steps before a bean is ready touse. Let’s break down figure 1.5 in more detail:1 Spring instantiates the bean.2 Spring injects values and bean references into the bean’s properties.3 If the…

一.目标 要在BraveKnight调用embarkOnQuest()前后各做一些处理(调用Minstrel的方法) 二. 1.minstrel.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XM…

1.Spring’s fundamental mission: Spring simplifies Java development. 2.To back up its attack on Java complexity, Spring employs four key strategies:  Lightweight and minimally invasive development with POJO s Loose coupling through DI and interface…

一.在xml中引入xml,用<import> <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:c="http://www.…

一.注入简单属性 package soundsystem.properties; import org.springframework.beans.factory.annotation.Autowired; import soundsystem.CompactDisc; import soundsystem.MediaPlayer; public class CDPlayer implements MediaPlayer { private CompactDisc compactDisc; @A…

1. package soundsystem; public class SgtPeppers implements CompactDisc { private String title = "Sgt. Pepper's Lonely Hearts Club Band"; private String artist = "The Beatles"; public void play() { System.out.println("Playing "…

一.@ComponentScan 1. @Configuration //说明此类是配置文件 @ComponentScan //开启扫描,会扫描当前类的包及其子包 public class CDPlayerConfig { } 2. @ComponentScan(basePackages={"soundsystem", "video"})//扫描多个包 public class CDPlayerConfig { } 3. @ComponentScan(basePac…

1. package soundsystem; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; @Configuration //说明此类是配置文件 //@ComponentScan //开启扫描,会扫描当前类的包及其子包 //@ComponentScan(basePackages={"soundsys…

一. 1. package chapter01.sia.knights.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import chapter01.sia.knights.BraveKnight; import chapter01.sia.knights.Knight; import chapter…

一. 1.knight.xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sp…

一. 1. 2. 3.customer-flow.xml 自己定义customer,最后output <?xml version="1.0" encoding="UTF-8"?> <flow xmlns="http://www.springframework.org/schema/webflow" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xs…

一. 1. 2.pizza-flow.xml <?xml version="1.0" encoding="UTF-8"?> <flow xmlns="http://www.springframework.org/schema/webflow" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http:…

一. In Spring Web Flow, a flow is defined by three primary elements: states, transitions,and flow data.如果把webflow当做是一次旅行,则state是旅途中每个景点,而transitions是连接景点的路径,data是在每个景点中购买的纪念品. 1.state (1)支持的状态 (2)view-state View states are used to display information…

一. 1.Spring MVC provides several ways that a client can pass data into a controller’s handler method. These include  Query parameters Form parameters Path variables 二.以query parameters的形式给action传参数 1.传参数 @Test public void shouldShowPagedSpittles()…

一.JpaRepository 1.要使Spring自动生成实现类的步骤 (1)配置文件xml <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:…