spring3.0 MVC初步4-spring security REST
一、SpEl表达式
1、配置事务时用过一个AspectJ’s pointcut expression language:
<aop:config>
<aop:advisor
pointcut="execution(* *..IUserService.*(..))"
advice-ref="txAdvice"/>
</aop:config>
2、配置安全时用SpEl表达式
<intercept-url pattern="/user/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
二、视图层安全元素
<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
欢迎您:<security:authentication property="principal.username" />
三、web请求权限控制
<intercept-url pattern="/user/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/role/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/unit/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/belong/**" access="hasRole('ROLE_管理员')"/>
<intercept-url pattern="/**" access="isAuthenticated()"/>
四、视图层权限控制
<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
<security:authorize access="hasRole('ROLE_管理员')">
<a href="user/page/1">用户管理</a><br/>
<a href="role">角色管理</a><br/>
<a href="unit">单位管理</a><br/>
<a href="belong">数据归属管理</a>
</security:authorize>
五、方法层权限控制
@Secured("ROLE_SPITTER")
public void addSpittle(Spittle spittle) {
// ...
}
六、REST
1、涵义:Representational State Transfer (REST)
REST URL:http://t18:3000/s4/user/4
对照struts2的url:http://t18:3000/s4/LoadUserAction.action?user.userId=4
2、控制器能处理所有http请求,包括GET, PUT, DELETE, POST
3、@PathVariable注解使控制器能处理参数化URL
4、spring标签<sf:form method="PUT">与HeddenHttpMethodFilter过滤器共同协作,使通过普通浏览器就能支持PUT和DELETE方法。
web.xml增加
<filter>
<filter-name>httpMethodFilter</filter-name>
<filter-class>org.springframework.web.filter.HiddenHttpMethodFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>httpMethodFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
a、取数据GET http://t18:3000/s4/user/4
@RequestMapping(value="{userId}", method=RequestMethod.GET)
public String get(@PathVariable("userId") Short userId, Model model){
User u = service.loadUser(userId);
model.addAttribute(u);
return "user/edit";
}
b、显示用来修改PUT
<sf:form method="PUT" modelAttribute="user">
登录名<sf:input path="logName" /><br/>
密码<sf:input path="password"/><br/>
真实姓名<sf:input path="userName"/><br/>
电话<sf:input path="phone" /><br/>
手机<sf:input path="mobilePhone"/><br/>
email<sf:input path="email"/><br/>
<input type="submit" value="保存" />
</sf:form>
c、修改PUT
@RequestMapping(value="{userId}", method=RequestMethod.PUT)
public String update(@PathVariable Integer userId, @Valid User user){
service.saveUser(user);
return "redirect:/user/page/1";
}
d、删除DELETE
<sf:form method="DELETE" action="user/${u.userId }">
<input type="submit" value="删除"/>
</sf:form>
@RequestMapping(value="{userId}", method=RequestMethod.DELETE)
public String delete(@PathVariable("userId") short userId){
User user = service.loadUser(userId);
service.deleteUser(user);
return "redirect:/user/page/1";
}
e、准备添加
@RequestMapping( method=RequestMethod.GET, params="new")
public String prepare(Model model){
model.addAttribute(new User());
return "user/edit";
}
f、添加页面用POST提交,控制器:
@RequestMapping(method=RequestMethod.POST)
public String add(@Valid User user, BindingResult result)
throws BindException{
if(result.hasErrors()){
throw new BindException(result);
}
service.addUser(user);
return "redirect:/user/page/1";
}
七、REST分页
1、分页类
public class Page implements IPageUtil{
private int curPage=1,toPage=1,everyCount=15;
private long pageCount,count;
boolean hasNext,hasPrevious;
private List<?> data = new ArrayList();
public Page(){
}
public Page(int toPage, long count, int everyCount, List data){
this.toPage = toPage;
this.count = count;
this.everyCount = everyCount;
this.curPage = getCurPage(count, everyCount);
this.data = data;
}
public int getCurPage(long theCount){
}
public int getCurPage(long theCount,int n){
}
...
}
2、dao支持
public Page findPagedListObject(String hql, int toPage, long count, int everyCount){
Query query = getCurrentSession().createQuery(hql);
if (toPage <= 0) toPage = 1;
int first = (toPage-1) * everyCount;
int max = everyCount;
query.setFirstResult(first+1);
query.setMaxResults(first + max);
List l = query.list();
Page page = new Page(toPage, count, everyCount, l);
return page;
}
3、service支持
public Page listPagedUsers(int toPage, long count, int everyCount){
&n
补充:软件开发 , Java ,