Article Directory
- Maven
- Tomcat
- Layered decoupling
- My shoe
- Restful style API
- properties configuration file
- Case implementation - login verification
- exception handling
- Spring transaction management
- AOP (Aspect Oriented Programming)
- Spring
- Principles of Spring Boot
- Summarize
Maven
Maven is a project management tool that includes a project object model (Project Object Model, pom file), a project life cycle (command), and a dependency management system (coordinates).
The benefits of using Maven:
1. It is convenient to build modules for the project, simplify the project structure, facilitate the development of division of labor, and improve development efficiency.
2. Maven can manage the dependencies of different systems in a unified way, and can transfer and inherit dependencies, which is convenient for project upgrades.
3. Maven also has many plug-ins, which are convenient for function expansion, such as maven-shade, which is used to package multiple jar packages into one jar package; maven-compiler-plugin, which is used to compile the source code of the project, etc.
Maven repository
The Maven warehouse is used to store resources and manage various jar packages.
Warehouses are divided into three types:
- Central warehouse: the only one in the world maintained by the Maven team
- Local warehouse: a directory on your own computer
- Remote warehouse: a private warehouse generally built by the company team
Maven coordinates
- groupId : Organization ID, which defines the name of the organization to which the current Maven project belongs (usually reversed domain name, for example: com.qjk)
- artifactId: Project ID, which defines the current Maven project name (usually the module name, such as order-service, goods-service)
- version : defines the current project version number
- packaging: Define the way the Maven project is packaged. If there is no packaging, the default is jar package.
- classifier : This element is used to help define some attachments to the build output. The subsidiary components correspond to the main components.
Why does Maven perform dependency management, but there are still dependency conflicts? What is the means of handling dependency conflicts?
Reasons for dependency conflicts:
- Transitive dependencies lead to conflicts between different versions of jar packages. Maven adopts the principle of proximity to exclude jar packages with long dependency paths, resulting in
ClassNotFound
such errors. - Different jar packages have the same classpath.
Solutions to jar package conflicts:
- idea can follow the Maven Helper plugin to help analyze conflicting jar packages.
- Use Ctrl + shift + alt + n to find the jar package where the classpath is located, and exclude the corresponding jar package from the pom.
Talk about scope dependency scope in detail
- compile: the default scope, which is valid during runtime and needs to be included in the package
- test: only valid in the test program and will not be included in the package
- provided: It is valid during compilation, and does not need to be provided during runtime, and will not be included in the package
- runtime: not needed during compilation, valid during runtime, and needs to be included in the package
Maven's life cycle
The life cycle of Maven is to abstract and unify the construction process of all Maven projects.
In the idea, we end up focusing on the following 5 stages (in order):
- clean: remove the files generated by the previous build
- compile: Compile the project source code
- test: use a suitable unit testing framework for testing, such as Junit
- package: Package the compiled file into a jar or war package
- install: install the project to the local warehouse
Note: In the same set of life cycle, when the later stage is run, the previous stage will be run.
Clicking a certain stage of the life cycle under lifecycle in the idea is actually completed by the corresponding Maven plug-in.
Maven Advanced
Sub-module design
The modular design facilitates the division of labor in development, the management, expansion and maintenance of later projects, and the integration of existing module functions in other projects. When integrating, you only need to introduce the corresponding Maven dependencies.
inherit
Different modules may need to introduce the same dependencies, so we can extract the public dependencies of the modules and build a parent project, and other sub-modules that need this dependency only need to inherit the dependencies of the parent project.
The inheritance of the Maven project is similar to the inheritance in Java, and multiple inheritance is not allowed, that is, a module project can only inherit one parent project
Tips: Summary of packaging methods:
Therefore, when we use Maven to implement the project inheritance relationship, we should use the pom method to package:
use the label <packaging> pom </packaging>
to specify, if not specified, the default is the jar package.
Inheritance relationship implementation:
version locking
In the parent project, the dependency version is managed uniformly through the tag < dependencyManagement >, so that the sub-project does not need to specify the version number. When the version needs to be changed, it only needs to be changed uniformly in the parent project.
The < dependencies > tag is a direct dependency. If the tag is configured in the parent project, the child project will inherit it directly.
< dependencyManagement > is a unified dependency management version that does not directly depend on it. If the sub-project needs this dependency, it needs to be introduced in the pom file, but there is no need to specify the version number, and the version number specified in the parent project will be used.
However, in the parent project, the version numbers of each dependency are also scattered in the version tags of each dependency, in order to centrally manage the version tags. You can use the functions provided by Maven 自定义属性和引用属性
.
polymerization
The purpose of aggregation is to organize multiple modules into a whole, so that Maven's life cycle operations (such as clean compile test install package) can be executed with one click.
Similarities and differences between inheritance and aggregation in Maven
private server
The private server is the Maven dependency library that is managed uniformly within the company.
This process is similar to Github remote repository. . .
Step 1: Set the user name and password for private server access: use the server label
Step 2: Specify the configuration upload (publish) address.
Step 3: Set the address of the warehouse group that the private server depends on downloading
At the same time, it is set to allow downloading from private servers. (By default, the snapshots version cannot be downloaded from private servers.)
Tomcat
Tomcat is a lightweight web server, also known as web container, servlet container, web server encapsulates HTTP protocol operations, simplifies web program development, is used to deploy web projects, and provides online information browsing services.
servlet
Layered decoupling
Three-tier architecture
Based on the principle of single responsibility, a three-tier architecture is adopted to complete the back-end functions of business data access, logic processing and response.
- Controller: the control layer, which receives the request sent by the front end, processes the request, and responds to the data.
- Service: Business logic layer, which handles specific business logic.
- Dao: (data access object, data access object layer), responsible for data access operations, including adding, deleting, checking and modifying the database.
According to the idea of three-tier architecture, the front-end request first passes through the Controller layer, receives the request, and then performs logical processing through the Service layer. Objects logically processed by the Service layer need to obtain data objects through the Dao layer. After the business operation is completed, the Controller layer responds to the data to the front end.
IOC (Inversion of Control) and DI (Dependency Injection)
According to the code written in the three-tier architecture, the middle service layer is coupled with the upper Controller layer and the lower Dao layer respectively.
In order to achieve layered decoupling, Spring provides inversion of control (inversion of control, IOC) and dependency injection (dependency injection, DI) technology.
Inversion of control transfers objects to container management, and dependency injection injects objects where they need to be used.
- Inversion of Control (IOC): Control of object creation is transferred from the program to the outside (container).
- Dependency Injection (DI): The container provides the resources that the application depends on at runtime.
- The objects created and managed in the container are called
bean
The specific implementation process:
- Use
@Component
annotations to hand over the implementation classes of the service layer and the dao layer to the IOC container for management. - Where the controller layer needs to rely on the implementation class of the service layer and where the service layer needs to rely on the implementation class of the dao layer, use
@Autowired
annotations.
Detailed explanation of IOC
IOC is to hand over objects to container management. In actual development, in addition to the annotations used above, @Component
in fact, we use more annotations as @Controller
, @Service
, @Repository
, which correspond to the controller layer, service layer and dao layer respectively.
Looking at @Service
the annotation, you will find that it is @Component
composed of annotations and meta-annotations, so, in fact, it is a derived annotation of Component.
- Using annotations will declare a Java bean object in the container. When declaring a bean, you can specify the name of the bean through the value attribute. If not specified, the default is the first letter of the class name in lowercase.
- Beans can be declared using the above four annotations, but in springboot integrated web development, the bean declared controller can only be used.
@Controller
In addition, since the annotation@RestController
is a composite annotation integrated@Controller
with and@Requestbody
, it can also be used to declare the bean of the controller type object.
Bean component scanning
- The four major annotations of the declared bean need to be
@ComponentScan
scanned by component scanning annotations if they want to take effect. @ComponentScan
Although the annotation does not display the configuration, it is actually included in the startup class declaration annotation@SpringBootApplication
.The scope of the default scan is the package where the startup class is located and its subpackages.
If you want to scan bean components outside the package where the startup class is located, you need to use annotations at the startup class @ComponentScan
, and the parameter is the package name. Note that using annotations @ComponentScan
will invalidate the default annotations, so you need to re-specify the package where the startup class is located.
Detailed explanation of DI
The DI dependency injection @Autowired
annotation is to obtain the corresponding bean object according to the type from the container. If there are multiple beans of the same type, an error will be reported: solve it
through the following solutions;
- @Primary: When there are multiple annotations of the same type, the bean object declared with this annotation is injected first.
- @Qualifier: Use this annotation with the @autowired annotation to specify the name of the bean.
- @Resource: Use this annotation alone to specify the bean name.
@Autowired
Differences from @Resource
annotations:
@Autowired
It is the annotation provided by the spring framework,@Resource
but the annotation provided by JDK@Autowired
The default is to inject by type,@Resource
but to inject by name by default
My shoe
- MyBatis is an excellent persistence layer framework
- MyBatis avoids almost all JDBC (Java Database Connect) code and the process of manually setting parameters and obtaining result sets
- MyBatis can use simple XML or annotations to configure and map native information, and map interfaces and Java entity classes [Plain Old Java Objects, ordinary Java objects] into records in the database.
- MyBatis was originally an open source project of apache, ibatis. In 2010, this project was migrated from apache to google code and renamed MyBatis.
- Mybatis official document: http://www.mybatis.org/mybatis-3/zh/index.html
- GitHub : https://github.com/mybatis/mybatis-3
configuration process
@Mapper
The annotation will manage the implementation class of the interface in the container, so when we want to use the implementation class object of the interface, we only need to declare an implementation class object, and use the annotation to automatically inject, and we will get the object declared by @Autowired
the Mapper
annotation .
JDBC(Java DataBase Connectivity)
Traditional jdbc operations have many repetitive code blocks, such as encapsulation when fetching data, establishing connection to the database, etc., and the role of Mybatis is to help programmers store data in the database and fetch data from the database based on the framework.
database connection pool
lombok toolkit
@Data
Simplify entity class writing through annotations .
Basic operation of Mybatis
There are two ways to configure SQL statements in Mybatis:
- annotation based
- XML based mapping file
delete
precompiled SQL
- Precompiled SQL has better performance. For example, for the same SQL, only the parameters are different. Using precompiled SQL can cache the SQL, apply the cache to replace the parameters, and execute it directly. Using cache can skip SQL syntax parsing check, SQL optimization and SQL compilation, so the performance is higher.
- Prevent SQL injection, more secure.SQL injection is a method of modifying the pre-defined SQL statement by manipulating the input data to execute the code to attack the server
Case of SQL injection attack:
Enter in login: account name is arbitrary, password is 'or '1' = '1'
when verifying in the background:
you can see that ==or '1' = '1'== is always established, then naturally you can always log in successfully!
In addition to using #
parameter placeholders, you can also use $
placeholders, the differences are as follows:
Add
Primary key return:
Use @Options
annotations, useGeneratedKeys = true, assign the primary key to the id attribute.
Revise
Inquire
Data encapsulation:
When the attribute name of the entity class is inconsistent with the field name, the field value cannot be automatically encapsulated into the attribute value of the class.
The solution is as follows:
- Solution 1: Alias the field so that the alias is consistent with the attribute of the entity class.
- Solution 2: Manually map and encapsulate through the @Result annotation
- Solution 3: In the spring configuration file (
application.properties
), enable the automatic mapping switch of mybatis hump namingmybatis.configuration.map-underscore-to-camel-case =true
When using %
wildcards in fuzzy queries, you need to use single quotation marks splicing, and #
the wildcards used cannot exist in quotation marks. In order to continue to use the #
provided SQL precompilation function, use concat
the character splicing method.
XML mapping file
XML mapping files can also be used to configure SQL.
The XML file written according to the specification can be normally located and the SQL statement in it can be executed.
The use of mybatis annotations is mainly to complete some simple functions of addition, deletion, modification and query. If you need to implement complex SQL functions, it is recommended to use XML to configure SQL statements.
Mybatis dynamic SQL
SQL statements that change with user input or changes in external conditions are called dynamic SQL.
Writing dynamic SQL mainly relies on some label statements:
- < if >: Used to judge whether the condition is true, use the test attribute to judge the condition, if the condition is true, splicing SQL.
- < where > : The where element will only insert the where clause when the child element has content, and will automatically remove the and or or at the beginning of the clause.
- < set > : dynamically inserts the set keyword at the beginning of the line, and removes the extra comma. (used in update statement)
- < foreach >:
- collection: the collection to traverse
- item: elements traversed
- separator: separator
- open: SQL fragment spliced before traversal starts
- close: SQL fragment spliced after traversal.
This tag is mainly used in scenarios that require batch operations, such as the following example of fatigue deletion:
- <sql> and <include>: For a large number of repeated use of SQL fragments, you can use the <sql> tag to extract high-frequency repeated tags and set the id name. Where it needs to be used, use the <include> tag and set refid to id Name, reference replacement.
Restful style API
Representation State Transfer, representational state transition, a software architectural style.
Use URLs to locate resources, and HTTP verbs (request methods) to describe operations:
- Query: Get
- Added: Post
- Modification: Put
- Delete: Delete
properties configuration file
parameter configuration
Set the configuration information attribute values in the application.properties file, and @Value
inject the attribute values of the external configuration file through annotations in the Java file.
yml configuration file
Using configuration files in yml or yaml format is more concise and the hierarchical structure is clearer.
ConfigurationProperties
Using @Value
injected configuration properties is tedious, is there any possibility to simplify this step?
Through @ConfigurationProperties
annotations, the property values in the configuration file are injected into the object.
Dependencies can be added to Maven:
Case implementation - login verification
When the server receives the request, it checks whether it is in the login state. If it is, it processes the request normally. If not, it intercepts it.
The server generally adopts unified interception for the realization of the login verification function, and marks it if it is logged in.
conversational technology
cookie
Cookie: client session tracking technology, technology supported by http protocol. After successful login, the server responds with set-cookie and sends the cookie to the browser. The browser caches the cookie locally, and the subsequent request headers carry the cookie. Verify login status.
Disadvantages of cookies:
- Mobile APP is not available
- Not secure, user can disable cookies
- Cookies cannot cross domains
- Cross-domain is divided into three dimensions, protocol, IP, port
session
Session is a server-side session tracking technology. The session is stored on the server side, and its bottom layer is still based on cookies.
The principle of session tracking:
The browser login request gives JSESSION, that is, the session id, the server sets the session id through set-cookie, and saves it on the server, and then checks the session id in the cookie carried by the browser when sending the request Whether it is consistent with the one saved by the server can determine whether it is a session.
Disadvantages of session:
Because the session is stored on the server, the session cannot be used in the server cluster.
token technology
After the browser logs in successfully, the server generates a token for the client, and the client saves the token, which is carried in subsequent requests. If information needs to be shared in the same session, the information is stored in the token.
advantage:
- The token token can be stored in a cookie or locally on the client side, so it supports PC and mobile terminals.
- It can solve the authentication problem in the cluster environment.
Disadvantage: token token needs to be implemented by yourself
JWT token
JWT (Json Web Token), json network token, defines a concise] self-contained format for securely transmitting information in json data format between two communicating parties. Due to the existence of digital signatures, these messages are reliable.
A JWT token mainly consists of three parts, .
connected by two points:
- header (header), record token type, signature algorithm
- payload (payload), carrying some custom information, default information.
- signature (signature), to prevent the token from being tampered with, to ensure security, add the header and payload to the specified secret key, and calculate it through the specified signature algorithm.
JWT is originally a json, how is it converted into a string?
Through base64 encoding, the so-called base64 encoding is an encoding method consisting of 64 characters (0-9, az, AZ, +, /). Any data encoded by base64 will be converted into a string of 64 characters.
The base64 encoding and decoding of jwt tokens can be performed on the following website:
https://jwt.io/
Generate JWT based on Java code:
the payload part is stored in a hash table and constructed in the constructor mode.
The generated JWT can be parsed by the secret key within the expiration time:
if the token expires or is tampered with, it will be wrong!
Filter
Filter: Filter, which intercepts requests for resources to achieve some special functions. Filters generally complete some common operations, such as: login verification, Unicode processing, sensitive character processing, etc.
Steps to build interception:
- Define Filter: Define the Filter class to implement the Filter interface and rewrite all its methods.
- Configure Filter: Add @WebFilter annotation to the Filter class, configure the interception resource path, and add @ServletComponentScan to the boot class (where the main function is located) to enable Servlet component support.
Add attributes to the @WebFilter annotation urlPatterns
to configure the intercepted request path.
Detailed explanation of Filter execution process
The Filter interface requires us to rewrite three methods:
- init: initialization, only executed once
- doFilter: Called after intercepting the request, it can be called multiple times, and the release request can be executed here
chain.doFilter()
. - destroy: The destruction method is called only once.
filter chain
The execution order priority of the filter chain is according to the natural ordering of the filter class name (string)
Login Verification Filter Process
interceptor
An interceptor is a mechanism similar to a filter, but the interceptor is provided by the Spring framework.
Using interceptors in Java:
- Define the interceptor class to implement the HandlerInterceptor interface and override the method. Since the interceptor is provided by the Spring framework,
@Component
annotations can be used directly to hand over the class to the container for management. - Register interceptor: use @Configutation annotation to declare a configuration class, implement the
WebMvcConfigurer
interface in this configuration class, inject the above interceptor class using annotationAutoWired
, and then add interception path mode to the interceptor class in the addInterceptors method.
Interceptor mode:
The difference between filters and interceptors
- The interface specification is different: the filter implements the Filter interface, and the interceptor implements the HandlerInterceptor interface
- The scope of interception is different: the filter filter will intercept all resources, and the interceptor will only intercept resources in the Spring environment. If there are both filters and interceptors in the project, the filter filter will be executed first.
exception handling
In the spring framework, if an exception occurs, it will have an impact between layers. It is recommended to use a global exception handler to handle exceptions uniformly.
global exception handler
Use @RestControllerAdvice annotation.
Spring transaction management
Application case: When deleting a department, all employees under the department should be deleted at the same time.
Implementation method: using annotations. @Transactional
The annotations are placed on the methods, classes, and interfaces of the business layer (Service) layer.
Function: Hand over the current method to spring for transaction management. Before the method is executed, start the transaction. After successful execution, submit the transaction. If an exception occurs, roll back the transaction.
Enable log configuration for transaction management:
Advanced business
In the above case, we directly use the @Transactional annotation on the delete method to start a transaction.
By default, the exception is rolled back only when a runtime exception occurs. Specifying attributes in @Transactional rollbackFor
can be used to control what type of exception occurs and roll back the transaction.
In addition to rollbackFor
attributes, the transaction annotation @Transactional can also specify propagation behavior propagation
attributes.
The default transaction propagation behavior is to add the method to the existing transaction if there is a transaction, and create a new transaction if there is no transaction.
What's the problem?
Consider the following requirements:
because the operation log is required regardless of the success or failure of the transaction, then we should put the method of the operation log into the final in try-catch-finally to achieve it.
However, in the actual execution process, if the transaction execution fails, causing a rollback, the method of executing the operation log in the finally code block will also be rolled back!
The solution is:
the transaction annotation of the method of inserting the operation into the log, and specify the propagation mode as propagation = Propgation.REQUEST_NEW
.
In this way, the method of operating the log will start a new transaction and will not be affected by the rollback of the failed transaction.
AOP (Aspect Oriented Programming)
AOP (Aspect Oriented Programming, Aspect-Oriented Programming) is actually method-oriented programming, which can be an enhancement of the original method or an adaptation of the original method.
AOP aspect-oriented programming is realized through the dynamic proxy mode.
AOP core concept
- Connection point: JoinPoint, a method that can be controlled by AOP (implies relevant information when the method is executed)
- Notification: Advice, which refers to the repeated logic, that is, the common function (finally embodied as a method)
- Pointcut: PointCut, matching the condition of the join point, the advice will only be applied when the pointcut method is executed. Usually pointcut expressions are used to match the cut-in method.
- Aspect: Aspect, describing the corresponding relationship between notification and entry point (notification + entry point)
- Target object: Target, the object to which the notification applies.
Advanced AOP
notification type
@Pointcut
Pointcut expressions can be extracted via annotations . Then reuse where needed:
notification order
pointcut expression
execution
Match according to the return value, package name, class name, method name, method parameters and other information of the method, and use the execution
entry point expression wildcard:
annotation
An annotation is used to match methods identified with a specific annotation.
Define an annotation:
Add this annotation to the method that needs to be notified:
Junction
Used to get information about the actual running method.
Spring
configuration priority
Sping attribute configuration:
Bean management
Get Bean
Actual steps:
- The applicationContext of the IOC container object is obtained by injection (using the annotation @Autowired).
- The API provided by the applicationContext object gets the bean.
bean scope
The obtained bean object created by the default scope is a singleton, and you can use the @Scope annotation to configure the scope.
third-party beans
Third-party dependencies can also generate beans. Need to use @Bean annotation.
Principles of Spring Boot
SpringBoot simplifies the Spring Framework. The main principle is that the bottom layer provides starting dependencies and automatic configuration.
The principle of starting dependencies is Maven's dependency transfer.
Principle of automatic configuration
The startup class of the spring project will add annotations to the startup class by default @ComponentScan
, scan the annotations under the package where the startup class is located Component
, and add the class with the annotation to the IOC container.
Then, if the configuration class of the third-party library wants to realize automatic assembly, the first solution is to use annotation @ComponentScan
component scanning.
But the disadvantage of this solution is that every time an annotation is declared @ComponentScan
, all files under a package need to be scanned, which is cumbersome to use and has low performance.
Option 2: Use the @Import annotation.
- @Import can be declared on a normal class or on a configuration class annotated by @Configuration. can be directly imported into the IOC container.
- Create an import class and implement the ImportSelecter interface. The methods provided by this interface need to be rewritten to return the full class name string array that needs to be imported into the IOC container.
- In the above method, we need to know exactly which classes need to be imported into the IOC container. Third-party dependencies are actually the clearest which classes need to be imported into the IOC container. Therefore, third-party dependencies can provide annotations
@EnableXxxx
, which encapsulate@Import
annotations. When we use it, we only need to add annotations to the startup class@EnableXxxx
.
@SpringBootConfiguration
@SpringBootConfiguration annotation:
- The @ComponentScan annotation is integrated, so all classes containing the @Component annotation in the package where the startup class resides and subpackages are scanned.
- Integrate the @Configuration annotation, therefore, you can also configure @Bean for third-party dependency declarations in the startup class, which is also a configuration annotation.
- The most important thing: it contains the EnableAutoConfiguration annotation, which implements the return of the two files under the spring-boot-autoconfigure package in the form of a string list, and the records in these two files need to be imported into IOC The fully qualified class name of the container's class.
@Conditional
Judging according to certain conditions, the bean object will be registered in Spring's IOC container only after the given conditions are met.
- ConditionalOnClass: Determine whether the bytecode file exists in the environment, and then add the Bean to the IOC container.
- ConditionalOnMissingBean: Determine whether the bean exists in the environment, and if not, the bean will be registered in the IOC container.Generally used for default Bean declaration
- ConditionalOnProperty: Whether there are corresponding properties and values in the configuration file, the Bean is registered in the IOC container.
custom starter
Naming convention:
Spring-boot-starter-function is the name of the startup dependency package officially provided by Spring.
The startup dependent package name provided by other technologies will put the function name first: function-spring-boot-starter
A custom starter needs to complete two packages: startup dependencies and automatic configuration, which respectively complete the dependency management function and automatic configuration function.
Case: Customizing the Alibaba Cloud OSS launcher
Step 1: Create two modules, Enabler and Autoconfig.
The launcher is dependent on auto-configuration:
Step 2: Complete the implementation of Alibaba Cloud OSS logic functions.
First import dependencies, including spring-web and Alibaba Cloud oss dependencies:
realize the writing of the AliOSSUtills class, which needs to pass configuration information when using it.
Configuration information also needs to customize a class object, and its attribute values @ConfigurationProperties
refer to the object attributes prefixed with "aliyun.oss" in the configuration file through annotations.
Step 3: Build the auto-configuration class.
Use the @EnableConfigurationProperties annotation to follow the automatic configuration path of spring, create a configuration file, and list the class names that need to be registered in the container: Step 4: Test use The
test
module only needs to introduce the starter module dependency just now.
In the configuration file, configure the configuration properties of Alibaba Cloud oss:
then it can be injected directly when using it!
Summarize