spring3.0 MVC初步4-spring security REST
2012-11-21 13:29
246 查看
一、SpEl表达式
1、配置事务时用过一个AspectJ’s pointcut expression language:
<aop:config>
<aop:advisor
pointcut="execution(* *..IUserService.*(..))"
advice-ref="txAdvice"/>
</aop:config>
2、配置安全时用SpEl表达式
<intercept-url pattern="/user/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
二、视图层安全元素
<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
欢迎您:<security:authentication property="principal.username" />
三、web请求权限控制
<intercept-url pattern="/user/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/role/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/unit/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/belong/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
四、视图层权限控制
<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
<security:authorize access="hasRole('ROLE_管理员')">
<a href="user/page/1">用户管理</a><br/>
<a href="role">角色管理</a><br/>
<a href="unit">单位管理</a><br/>
<a href="belong">数据归属管理</a>
</security:authorize>
五、方法层权限控制
@Secured("ROLE_SPITTER")
public void addSpittle(Spittle spittle) {
// ...
}
六、REST
1、涵义:Representational State Transfer (REST)
REST URL:http://t18:3000/s4/user/4
对照struts2的url:http://t18:3000/s4/LoadUserAction.action?user.userId=4
2、控制器能处理所有http请求,包括GET, PUT, DELETE, POST
3、@PathVariable注解使控制器能处理参数化URL
4、spring标签<sf:form method="PUT">与HeddenHttpMethodFilter过滤器共同协作,使通过普通浏览器就能支持PUT和DELETE方法。
web.xml增加
<filter>
<filter-name>httpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>httpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
a、取数据GET http://t18:3000/s4/user/4
@RequestMapping(value="{userId}", method=RequestMethod.GET)
public String get(@PathVariable("userId") Short userId, Model model){
User u = service.loadUser(userId);
model.addAttribute(u);
return "user/edit";
}
b、显示用来修改PUT
<sf:form method="PUT" modelAttribute="user">
登录名<sf:input path="logName" /><br/>
密码<sf:input path="password"/><br/>
真实姓名<sf:input path="userName"/><br/>
电话<sf:input path="phone" /><br/>
手机<sf:input path="mobilePhone"/><br/>
email<sf:input path="email"/><br/>
<input type="submit" value="保存" />
</sf:form>
c、修改PUT
@RequestMapping(value="{userId}", method=RequestMethod.PUT)
public String update(@PathVariable Integer userId, @Valid User user){
service.saveUser(user);
return "redirect:/user/page/1";
}
d、删除DELETE
<sf:form method="DELETE" action="user/${u.userId }">
<input type="submit" value="删除"/>
</sf:form>
@RequestMapping(value="{userId}", method=RequestMethod.DELETE)
public String delete(@PathVariable("userId") short userId){
User user = service.loadUser(userId);
service.deleteUser(user);
return "redirect:/user/page/1";
}
e、准备添加
@RequestMapping( method=RequestMethod.GET, params="new")
public String prepare(Model model){
model.addAttribute(new User());
return "user/edit";
}
f、添加页面用POST提交,控制器:
@RequestMapping(method=RequestMethod.POST)
public String add(@Valid User user, BindingResult result)
throws BindException{
if(result.hasErrors()){
throw new BindException(result);
}
service.addUser(user);
return "redirect:/user/page/1";
}
七、REST分页
http://t18:3000/s4/user/page/3
1、分页类
public class Page implements IPageUtil{
private int curPage=1,toPage=1,everyCount=15;
private long pageCount,count;
boolean hasNext,hasPrevious;
private List<?> data = new ArrayList();
public Page(){
}
public Page(int toPage, long count, int everyCount, List data){
this.toPage = toPage;
this.count = count;
this.everyCount = everyCount;
this.curPage = getCurPage(count, everyCount);
this.data = data;
}
public int getCurPage(long theCount){
}
public int getCurPage(long theCount,int n){
}
...
}
2、dao支持
public Page findPagedListObject(String hql, int toPage, long count, int everyCount){
Query query = getCurrentSession().createQuery(hql);
if (toPage <= 0) toPage = 1;
int first = (toPage-1) * everyCount;
int max = everyCount;
query.setFirstResult(first+1);
query.setMaxResults(first + max);
List l = query.list();
Page page = new Page(toPage, count, everyCount, l);
return page;
}
3、service支持
public Page listPagedUsers(int toPage, long count, int everyCount){
return dao.findPagedListObject("from User u", toPage, count, everyCount);
}
4、控制器
@RequestMapping(value="/page/{toPage}", method = RequestMethod.GET)
public String list(
@PathVariable("toPage") int toPage,
HttpServletRequest request,
Model model){
Page page = service.findPagedUsers(request, toPage, service.countUser(request),3);
model.addAttribute("page", page);
return "user/list";
}
5、页面显示数据时,取${page.data}即可,分页页面可共用
1、配置事务时用过一个AspectJ’s pointcut expression language:
<aop:config>
<aop:advisor
pointcut="execution(* *..IUserService.*(..))"
advice-ref="txAdvice"/>
</aop:config>
2、配置安全时用SpEl表达式
<intercept-url pattern="/user/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
二、视图层安全元素
<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
欢迎您:<security:authentication property="principal.username" />
三、web请求权限控制
<intercept-url pattern="/user/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/role/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/unit/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/belong/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
四、视图层权限控制
<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
<security:authorize access="hasRole('ROLE_管理员')">
<a href="user/page/1">用户管理</a><br/>
<a href="role">角色管理</a><br/>
<a href="unit">单位管理</a><br/>
<a href="belong">数据归属管理</a>
</security:authorize>
五、方法层权限控制
@Secured("ROLE_SPITTER")
public void addSpittle(Spittle spittle) {
// ...
}
六、REST
1、涵义:Representational State Transfer (REST)
REST URL:http://t18:3000/s4/user/4
对照struts2的url:http://t18:3000/s4/LoadUserAction.action?user.userId=4
2、控制器能处理所有http请求,包括GET, PUT, DELETE, POST
3、@PathVariable注解使控制器能处理参数化URL
4、spring标签<sf:form method="PUT">与HeddenHttpMethodFilter过滤器共同协作,使通过普通浏览器就能支持PUT和DELETE方法。
web.xml增加
<filter>
<filter-name>httpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>httpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
a、取数据GET http://t18:3000/s4/user/4
@RequestMapping(value="{userId}", method=RequestMethod.GET)
public String get(@PathVariable("userId") Short userId, Model model){
User u = service.loadUser(userId);
model.addAttribute(u);
return "user/edit";
}
b、显示用来修改PUT
<sf:form method="PUT" modelAttribute="user">
登录名<sf:input path="logName" /><br/>
密码<sf:input path="password"/><br/>
真实姓名<sf:input path="userName"/><br/>
电话<sf:input path="phone" /><br/>
手机<sf:input path="mobilePhone"/><br/>
email<sf:input path="email"/><br/>
<input type="submit" value="保存" />
</sf:form>
c、修改PUT
@RequestMapping(value="{userId}", method=RequestMethod.PUT)
public String update(@PathVariable Integer userId, @Valid User user){
service.saveUser(user);
return "redirect:/user/page/1";
}
d、删除DELETE
<sf:form method="DELETE" action="user/${u.userId }">
<input type="submit" value="删除"/>
</sf:form>
@RequestMapping(value="{userId}", method=RequestMethod.DELETE)
public String delete(@PathVariable("userId") short userId){
User user = service.loadUser(userId);
service.deleteUser(user);
return "redirect:/user/page/1";
}
e、准备添加
@RequestMapping( method=RequestMethod.GET, params="new")
public String prepare(Model model){
model.addAttribute(new User());
return "user/edit";
}
f、添加页面用POST提交,控制器:
@RequestMapping(method=RequestMethod.POST)
public String add(@Valid User user, BindingResult result)
throws BindException{
if(result.hasErrors()){
throw new BindException(result);
}
service.addUser(user);
return "redirect:/user/page/1";
}
七、REST分页
http://t18:3000/s4/user/page/3
1、分页类
public class Page implements IPageUtil{
private int curPage=1,toPage=1,everyCount=15;
private long pageCount,count;
boolean hasNext,hasPrevious;
private List<?> data = new ArrayList();
public Page(){
}
public Page(int toPage, long count, int everyCount, List data){
this.toPage = toPage;
this.count = count;
this.everyCount = everyCount;
this.curPage = getCurPage(count, everyCount);
this.data = data;
}
public int getCurPage(long theCount){
}
public int getCurPage(long theCount,int n){
}
...
}
2、dao支持
public Page findPagedListObject(String hql, int toPage, long count, int everyCount){
Query query = getCurrentSession().createQuery(hql);
if (toPage <= 0) toPage = 1;
int first = (toPage-1) * everyCount;
int max = everyCount;
query.setFirstResult(first+1);
query.setMaxResults(first + max);
List l = query.list();
Page page = new Page(toPage, count, everyCount, l);
return page;
}
3、service支持
public Page listPagedUsers(int toPage, long count, int everyCount){
return dao.findPagedListObject("from User u", toPage, count, everyCount);
}
4、控制器
@RequestMapping(value="/page/{toPage}", method = RequestMethod.GET)
public String list(
@PathVariable("toPage") int toPage,
HttpServletRequest request,
Model model){
Page page = service.findPagedUsers(request, toPage, service.countUser(request),3);
model.addAttribute("page", page);
return "user/list";
}
5、页面显示数据时,取${page.data}即可,分页页面可共用
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- spring3.0 mvc和rest风格的小例子配置demo代码教程
- spring3.0 MVC初步4
- Apache CXF Rest与Spring 3.0 mvc 的异常处理框架总结
- SpringSecurity+SpringMVC +Mybatis3.0实现的web小框架
- SpringSecurity+SpringMVC +Mybatis3.0实现的web小框架
- spring3.0 MVC初步5-利用拦截器防止SQL注入
- GOOD_spring3.0 mvc和rest风格小例子
- 基于Spring MVC+Hibernate+Spring Security+Mysql 的B/S应用系统平台设计与实现
- Spring3.0 mvc --@RequestParam/@PathVariable区别
- spring rest mvc使用RestTemplate调用
- spring MVC之返回JSON数据(Spring3.0 MVC+Jackson+AJAX)
- myeclipse 实现框架 spring+springmvc+springsecurity+myibatis+mysql用户认证和人员增删改查
- 权限控制:spring 3.0 security配置例子
- NHibernate+spring.net+jquery打造UI控件库(mvc+webform两种实现) accordion控件的初步实现(附代码下载)
- spring-security for spring mvc
- springmvc+hibernate+security整合笔记
- Spring 3 MVC: Create Hello World Application In Spring 3.0 MVC(reprint)
- Springmvc RestTemplate 使用 && json xml rest 配置
- 5分钟构建spring web mvc REST风格HelloWorld
- MongoDB SpringMVC整合mongodb 3.0驱动的异常解决