Spring in action第四版向spring 5修正

最新推荐文章于 2021-04-01 08:20:12 发布

原创最新推荐文章于 2021-04-01 08:20:12 发布 · 650 阅读

0 ·

CC 4.0 BY-SA版权

坑们专栏收录该内容

2 篇文章

订阅专栏

使用WebMvcConfigurationSupport配置

原有的WebMvcConfigurerAdapter不可用

不要加@EnableWebMvc注解

否则addResourceHandlers不会运行，不能加载静态资源

properties文件

可以使用setDefaultEncoding保证UTF-8编码，防止国际化信息乱码

	@Bean
	public MessageSource messageSource() {
		ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
		messageSource.setBasename("file:///D:/EclipseApp/Spittr/src/messages");
		messageSource.setCacheSeconds(10);
		messageSource.setDefaultEncoding("UTF-8");
		return messageSource;
	}

<spring:message>标签

	@Bean
	public MessageSource validationSource() {
		ReloadableResourceBundleMessageSource messageSource = new ReloadableResourceBundleMessageSource();
		messageSource.setBasename("file:///D:/EclipseApp/Spittr/src/ValidationMessages");
		messageSource.setCacheSeconds(10);
		messageSource.setDefaultEncoding("UTF-8");
		return messageSource;
	}

	@Bean
	public LocalValidatorFactoryBean getValidator() {
		LocalValidatorFactoryBean bean = new LocalValidatorFactoryBean();
		bean.setValidationMessageSource(validationSource());
		return bean;
	}

Thymeleaf的配置

使用ServletContextTemplateResolver来指定项目相对位置的模板文件，构造器参数是this.getServletContext()。

	@Bean
	public ViewResolver viewResolver(SpringTemplateEngine templateEngine) {
		ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
		viewResolver.setTemplateEngine(templateEngine);
		return viewResolver;
	}
	
	@Bean
	public SpringTemplateEngine templateEngine(ServletContextTemplateResolver templateResolver) {
		SpringTemplateEngine templateEngine = new SpringTemplateEngine();
		templateEngine.setTemplateResolver(templateResolver);
		return templateEngine;
	}
	
	@Bean
	public ServletContextTemplateResolver templateResolver() {
		ServletContextTemplateResolver templateResolver = new ServletContextTemplateResolver(this.getServletContext());
		templateResolver.setPrefix("/WEB-INF/templates/");
		templateResolver.setSuffix(".html");
		templateResolver.setTemplateMode("HTML5");
		return templateResolver;
	}

加入库的时候别把source和doc加进去，否则会报错。

Thymeleaf的编码


	@Bean
	public ViewResolver viewResolver(SpringTemplateEngine templateEngine) {
		ThymeleafViewResolver viewResolver = new ThymeleafViewResolver();
		viewResolver.setTemplateEngine(templateEngine);
		viewResolver.setCharacterEncoding(StandardCharsets.UTF_8.name());
		return viewResolver;
	}
	
	@Bean
	public SpringTemplateEngine templateEngine(ServletContextTemplateResolver templateResolver) {
		SpringTemplateEngine templateEngine = new SpringTemplateEngine();
		templateEngine.setTemplateResolver(templateResolver);
		return templateEngine;
	}
	
	@Bean
	public ServletContextTemplateResolver templateResolver() {
		ServletContextTemplateResolver templateResolver = new ServletContextTemplateResolver(this.getServletContext());
		templateResolver.setPrefix("/WEB-INF/templates/");
		templateResolver.setSuffix(".html");
		templateResolver.setTemplateMode("HTML5");
		templateResolver.setCharacterEncoding(StandardCharsets.UTF_8.name());
		return templateResolver;
	}

Spring Security相关

conf目录在Eclipse工程列表Servers下的容器列表中，不是在原始的安装目录。
server.xml文件中配置了https端口
server.xml中配置的从http端口到https端口的重定向不起作用，应该在Spring Security的java配置中如下配置

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests().antMatchers(HttpMethod.POST, "/spittles").hasRole("SPITTER")
		.anyRequest().permitAll()
		.and()
		.requiresChannel()
		.antMatchers("/spitter/register").requiresSecure();
		http.portMapper().http(80).mapsTo(8443);
	}
}

Spring Security会自动打开CSRF防护，因此所有表单要加token，否则403！！！！！！！！！
自定义的登录页面

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>Spittr</title>
</head>
<body>
<h1>Welcome to Spittr</h1>
<form name='f' th:action='@{/login}' method='POST'>
	<table>
		<tr><td>User:</td><td><input type='text' name='username' value='' /></td></tr>
		<tr><td>Password:</td><td><input type='password' name='password' value='' /></td></tr>
		<tr><td colspan='2'><input type='submit' name='submit' value='Login' /></td></tr>
	</table>
</form>
</body>
</html>

	@Override
	protected void configure(HttpSecurity http) throws Exception {
//		http.csrf().disable();
		http.authorizeRequests()
		.antMatchers("/spittles").hasRole("USER")
		.anyRequest().permitAll()
//		.and()
//		.requiresChannel()
//		.antMatchers("/spitter/register").requiresSecure()
		.and().formLogin()
		.loginPage("/login").permitAll()
		;
//		http.portMapper().http(8080).mapsTo(8443);
	}