Java 實戰項目錘煉之在線購書商城系統的實現流程
一、項目簡述
功能:一個基於JavaWeb的網上書店的設計與實現,歸納 出瞭幾個模塊,首先是登錄註冊模塊,圖書查找模塊,購 物車模塊,訂單模塊,個人中心模塊,用戶管理模塊,圖 書管理模塊等。 該項目是javaJeb技術的實戰操作,采用瞭MVC設計模 式,包括基本的entity, jscript, servlet,以及ajax異步請 求,查詢分頁,持久化層方法的封裝等等,對javaweb技 術的鞏固很有幫助,為J2EE的學習打下基礎,適用於課程 設計,畢業設計。
二、項目運行
環境配置: Jdk1.8 + Tomcat8.5 + mysql + Eclispe (IntelliJ IDEA,Eclispe,MyEclispe,Sts都支持)。
項目技術: JSP + Entity+ Servlert + html+ css + JavaScript + JQuery + Ajax + Fileupload 等等。
書信息管理代碼:
書信息管理:
@Controller
@RequestMapping("/book")
public class BookInfoController {
@Autowired
private IBookInfoService bookInfoService;
@Autowired
private BookDescMapper bookDescMapper;
/**
* 查詢某一本書籍詳情
*
* @param bookId
* @param model
* @return
*/
@RequestMapping("/info/{bookId}")
public String bookInfo(@PathVariable("bookId") Integer bookId, Model model) throws BSException {
//查詢書籍
BookInfo bookInfo = bookInfoService.findById(bookId);
//查詢書籍推薦列表
List<BookInfo> recommendBookList = bookInfoService.findBookListByCateId(bookInfo.getBookCategoryId(), 1, 5);
//查詢書籍詳情
BookDesc bookDesc = bookDescMapper.selectByPrimaryKey(bookId);
//增加訪問量
bookInfoService.addLookMount(bookInfo);
Collections.shuffle(recommendBookList);
model.addAttribute("bookInfo", bookInfo);
model.addAttribute("bookDesc", bookDesc);
model.addAttribute("recommendBookList", recommendBookList);
return "book_info";
}
/**
* 通過關鍵字和書籍分類搜索書籍列表
*
* @param keywords
* @return
*/
@RequestMapping("/list")
public String bookSearchList(@RequestParam(defaultValue = "", required = false) String keywords,
@RequestParam(defaultValue = "0", required = false) int cateId,//分類Id,默認為0,即不按照分類Id查
@RequestParam(defaultValue = "1", required = false) int page,
@RequestParam(defaultValue = "6", required = false) int pageSize,
Model model) {
keywords = keywords.trim();
PageInfo<BookInfo> bookPageInfo = bookInfoService.findBookListByCondition(keywords, cateId, page, pageSize,0);//storeId為0,不按照商店Id查詢
model.addAttribute("bookPageInfo", bookPageInfo);
model.addAttribute("keywords", keywords);
model.addAttribute("cateId", cateId);
return "book_list";
}
}
shiro安全框架配置代碼:
@Configuration
/**
* shiro安全框架
*/
public class ShiroConfig {
@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public SecurityManager securityManager(EhCacheManager ehCacheManager) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(myShiroRealm());
//securityManager.setRememberMeManager(rememberMeManager());
securityManager.setCacheManager(ehCacheManager);
return securityManager;
}
@Bean
public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
//攔截器
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
filterChainDefinitionMap.put("/static/**", "anon");
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/book/**", "anon");
filterChainDefinitionMap.put("/upload/**", "anon");
filterChainDefinitionMap.put("/page/**", "anon");
filterChainDefinitionMap.put("/user/info", "user");
filterChainDefinitionMap.put("/user/**", "anon");//用戶登錄註冊不需要權限
filterChainDefinitionMap.put("/index/**", "anon");//首頁放行
filterChainDefinitionMap.put("/", "anon");
//配置退出 過濾器,其中的具體的退出代碼Shiro已經替我們實現瞭
filterChainDefinitionMap.put("/user/logout", "logout");
//<!-- 過濾鏈定義,從上向下順序執行,一般將/**放在最為下邊 -->:這是一個坑呢,一不小心代碼就不好使瞭;
//<!-- authc:所有url都必須認證通過才可以訪問; anon:所有url都都可以匿名訪問-->
//filterChainDefinitionMap.put("/admin/**", "roles[admin]");//perms[system]
filterChainDefinitionMap.put("/**", "authc");
// 如果不設置默認會自動尋找Web工程根目錄下的"/login.jsp"頁面
shiroFilterFactoryBean.setLoginUrl("/page/login");
// 登錄成功後要跳轉的鏈接
shiroFilterFactoryBean.setSuccessUrl("/index");
//未授權界面;
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public MyShiroRealm myShiroRealm() {
MyShiroRealm myShiroRealm = new MyShiroRealm();
myShiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());
myShiroRealm.setCachingEnabled(true);
//啟用身份驗證緩存,即緩存AuthenticationInfo信息,默認false
myShiroRealm.setAuthenticationCachingEnabled(true);
//緩存AuthenticationInfo信息的緩存名稱 在ehcache.xml中有對應緩存的配置
myShiroRealm.setAuthenticationCacheName("authenticationCache");
//啟用授權緩存,即緩存AuthorizationInfo信息,默認false
myShiroRealm.setAuthorizationCachingEnabled(true);
//緩存AuthorizationInfo信息的緩存名稱 在ehcache.xml中有對應緩存的配置
myShiroRealm.setAuthorizationCacheName("authorizationCache");
return myShiroRealm;
}
/**
* 開啟shiro aop註解支持.
* 使用代理方式;所以需要開啟代碼支持;
* @param securityManager
* @return
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
@Bean
public DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator daap = new DefaultAdvisorAutoProxyCreator();
daap.setProxyTargetClass(true);
return daap;
}
/**
* 憑證匹配器
* (由於我們的密碼校驗交給Shiro的SimpleAuthenticationInfo進行處理瞭
* )
*
* @return
*/
@Bean
public HashedCredentialsMatcher hashedCredentialsMatcher() {
HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
hashedCredentialsMatcher.setHashAlgorithmName("md5");//散列算法:這裡使用MD5算法;
hashedCredentialsMatcher.setHashIterations(1);//散列的次數,比如散列兩次,相當於 md5(md5(""));
return hashedCredentialsMatcher;
}
/**
* cookie對象;
* rememberMeCookie()方法是設置Cookie的生成模版,比如cookie的name,cookie的有效時間等等。
* @return
*/
/*@Bean
public SimpleCookie rememberMeCookie(){
//這個參數是cookie的名稱,對應前端的checkbox的name = rememberMe
SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
//如果httyOnly設置為true,則客戶端不會暴露給客戶端腳本代碼,使用HttpOnly cookie有助於減少某些類型的跨站點腳本攻擊;
simpleCookie.setHttpOnly(true);
//記住我cookie生效時間,默認30天 ,單位秒:60 * 60 * 24 * 30
//<!-- 記住我cookie生效時間30天 ,單位秒;-->
simpleCookie.setMaxAge(1800);
return simpleCookie;
}*/
/**
* cookie管理對象;
* rememberMeManager()方法是生成rememberMe管理器,而且要將這個rememberMe管理器設置到securityManager中
* @return
*/
/*@Bean
public CookieRememberMeManager rememberMeManager(){
//System.out.println("ShiroConfiguration.rememberMeManager()");
CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
cookieRememberMeManager.setCookie(rememberMeCookie());
//rememberMe cookie加密的密鑰 建議每個項目都不一樣 默認AES算法 密鑰長度(128 256 512 位)
cookieRememberMeManager.setCipherKey(Base64.decode("2AvVhdsgUs0FSA3SDFAdag=="));
return cookieRememberMeManager;
}*/
/**
* shiro session的管理
*/
/*@Bean
public DefaultWebSessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
sessionManager.setGlobalSessionTimeout(tomcatTimeout*1000);
//設置sessionDao對session查詢,在查詢在線用戶service中用到瞭
sessionManager.setSessionDAO(sessionDAO());
//配置session的監聽
Collection<SessionListener> listeners = new ArrayList<SessionListener>();
listeners.add(new BDSessionListener());
sessionManager.setSessionListeners(listeners);
//設置在cookie中的sessionId名稱
sessionManager.setSessionIdCookie(simpleCookie());
return sessionManager;
}*/
@Bean
@DependsOn("lifecycleBeanPostProcessor")
public EhCacheManager ehCacheManager(CacheManager cacheManager) {
EhCacheManager em = new EhCacheManager();
//將ehcacheManager轉換成shiro包裝後的ehcacheManager對象
em.setCacheManager(cacheManager);
em.setCacheManagerConfigFile("classpath:ehcache.xml");
return em;
}
}
到此這篇關於Java 實戰項目錘煉之在線購書商城系統的實現流程的文章就介紹到這瞭,更多相關Java 在線購書商城系統內容請搜索WalkonNet以前的文章或繼續瀏覽下面的相關文章希望大傢以後多多支持WalkonNet!
推薦閱讀:
- shrio中hashedCredentialsMatcher密碼匹配示例詳解
- Spring Boot+Shiro實現一個Http請求的Basic認證
- SpringBoot 整合 Shiro 密碼登錄與郵件驗證碼登錄功能(多 Realm 認證)
- SpringBoot 整合 Shiro 密碼登錄的實現代碼
- SpringBoot配置shiro安全框架的實現