hansonwang99 / spring-boot-in-action Goto Github PK

View Code? Open in Web Editor NEW

4.7K 137.0 1.5K 15.46 MB

Spring Boot 系列实战合集

Home Page: https://www.codesheep.cn

Kotlin 1.68% Java 98.09% TSQL 0.23%

java spring-boot springboot springframework mybatis spring-security-jwt jwt spring-security spring springcloud

spring-boot-in-action's Introduction

本项目为《Spring Boot实战合集》的系列文章，代码已开源，并持续保持更新。如果您觉得该项目对您有用，欢迎点击右上方的 Star按钮支持一波！！

个人博客：https://www.codesheep.cn
GitHub：https://github.com/hansonwang99

另外所有内容都在我的个人微信公众号 CodeSheep 最先推出，大家可以关注一下，可长按或扫描下面的 小心心 来获取更多 务实、能看懂、可复现的 原创文。除此之外 提问/进群交流 也可以扫码进行！！！

数据库/缓存相关

日志相关

Spring Boot日志框架实践

应用监控相关

内部机制相关

认证和权限相关

实战经验相关

【持续更新中......】

spring-boot-in-action's People

Contributors

Stargazers

Watchers

Forkers

changgong0513 406971727 zxiter ji-xiaoqiang loszhang dyb10101 louisliaoxh1989 929359291 casson skyformat99 syhp1982 magic-coder dtl0308 uathongb machuan1986 zhangq0904 rechal-liu yuhonglie bossding asd229000509 zeng08 jly123 yangcofi bojanzhang linxiao37 wulugeng yyzworker yueyemisi herofire a-amazing henuudigplayer makeclan dengkuanchina wentaochang zhhui yq1501362754 qiaozhiyong firedrgon victoryzq vagrantbottle lishidetainan durenyuan one-meter-sunlight gerrygithub1 javaygq vvvquan ningdi1994 zhouboxi themistwoods aparaboy codesheep999 xiaodin1 jy19921020 leoleelwl lyc88 amcraftzyk maxchen299 kingdomyc zhangkandao zhedassr justlikehu onlick123 quanzudexiwang zorozh xchleoit shadowwyy topzhou jaxyoun yangri pandaria75 xiaorisu rapidoy wangyr45 pacraswill jianghao1997 a1623603371 zxzxzxygithub dengqiang1900 sweetpikachu idgubbug lzgblog vacual harrytsz mirac1ezzzjl cuiqyu clientsfromhell yuanxingkefou medalli purez dracozilong daohaoyi yhankq tapakkur sjl421 soma1224 yeyunxuan 976335061 aimwli atongliyagetong lordofsky

spring-boot-in-action's Issues

怎么id-spring-boot-starter在maven库没了？

添加不上依赖

id-spring-boot-starter

springboot-sso-jwt统一登出

由于项目只使用了几个简单的注解就实现了单点登录的效果，不清楚过程是啥样，所以怎么实现单点登录的统一登出？

测试 @

基于Tomcat版本造成的java.lang.IllegalStateException

部分情况会出现java.lang.IllegalStateException:Calling [asyncError()] is not valid for a request with Async state。
解决方法：排除Tomcat依赖，使用Jetty代替。

org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-tomcat

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-jetty</artifactId>
    </dependency>

如何获取带水印的图片？

您好 postman 返回
{
"imageUrl": "static/images//yogan.png",
"logoImageUrl": "static/images//watermark_yogan.png"
}
请问如何获取带水印的图片吗？

springsecurity-sso

集成sso项目中，sso-client项目如何自定义权限校验呀，只能通过在方法上加注解吗，自己尝试了下rbac的方式，发现登录也会被拦截，不能重定向到sso-server的登录页面了，楼主知道的话，还望能够提供一些思路，谢谢，邮箱：[email protected]

Using predictable/constant cryptographic key when creating and verifing Json Web Token.

Hi, we are a research group to help developers build secure applications. We designed a cryptographic misuse detector on Java language(Our main concern is the secure implementation and use of Json Web Token). We found your great public repository (i.e.,
Spring-Boot-In-Action) from Github, and several security issues detected by our detector are shown in the following. The specific security issues we found are as follows:
(1) Location: Package: cn.codesheep.springbt_security_jwt.controller; Class: JwtAuthController.class
and Package cn.codesheep.springbt_security_jwt.comm; Class:Const.class
Security issue: Using predictable/constant cryptographic key when creating and verifing Json Web Token.

Using a predictable/constant secret does not conform to the security implementation specification of JWT, which may bring security risks to your system. It is recommended to use a more secure way to store the secret used to generate the JWT and use a strong enough key to improve the security of the project. （For the hazards of predictable/constant secret, you can refer to CWE-321, NIST Special Publication 800-57).

We wish the above security issues cloud truly help you to build a secure application. If you have any concern or suggestion, please feel free to contact us, we are looking forwart to your reply. Thanks.

springbt_security_jwt项目@Autowired出错

/springbt_security_jwt项目中，JWTFilter类中，
private UserDetailsService userDetailsService;使用@Autowired注解报错，
可以用@resource 代替

大佬，随便上传一下sql啊，还是上传了我没有找到？

这里是不是没有处理登录失败的场景，为什么要把Authentication放入上下文？

Spring-Boot-In-Action/springbt_security_jwt/src/main/java/cn/codesheep/springbt_security_jwt/service/impl/AuthServiceImpl.java

Line 45 in 440e464

数据库/缓存相关方面的建议

hi,hansonwang99.
我关注了你的这个项目，写的很不错，对我这个初级开发的帮助很大，这里先谢谢你啦！
但是我个人觉得在数据库/缓存相关这栏中，可以增加多数据源配置，springboot 集成 Jpa，springboot 集成 redis 这些内容，让你这个项目更加丰富。

springbt_security_jwt调用注册方法时jpa返回user数据序列化的时候提示空指针异常

异常信息如下

Resolved [org.springframework.http.converter.HttpMessageNotWritableException: Could not write JSON: (was java.lang.NullPointerException); nested exception is com.fasterxml.jackson.databind.JsonMappingException: (was java.lang.NullPointerException) (through reference chain: cn.codesheep.springbt_security_jwt.model.entity.User["authorities"])]

我自建一个模块不使用springbt security测试注册方法就是正常望羊哥有空帮忙看看谢谢

被你坑了你文档少贴了一个类我就奇怪了你注入了进来却没有看到实现琢磨半天才发现你源码有文档没写

SSO + JWT 认证服务客户端启动失败！

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtTokenEnhancer' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/resource/ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:627) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:456) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1321) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1160) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:515) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:320) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:222) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:318) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:199) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.resolveBeanReference(ConfigurationClassEnhancer.java:394) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:366) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.jwtTokenEnhancer() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.jwtTokenStore(ResourceServerTokenServicesConfiguration.java:275) ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.CGLIB$jwtTokenStore$1() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce$$FastClassBySpringCGLIB$$816bda61.invoke() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.jwtTokenStore() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_211]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_211]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_211]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_211]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 71 common frames omitted
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter]: Factory method 'jwtTokenEnhancer' threw exception; nested exception is org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:622) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 94 common frames omitted
Caused by: org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 null
at org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:81) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:122) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:102) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:778) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:736) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:670) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:579) ~[spring-web-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.getKeyFromServer(ResourceServerTokenServicesConfiguration.java:319) ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration.jwtTokenEnhancer(ResourceServerTokenServicesConfiguration.java:284) ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.CGLIB$jwtTokenEnhancer$2() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce$$FastClassBySpringCGLIB$$816bda61.invoke() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) ~[spring-core-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:363) ~[spring-context-5.1.9.RELEASE.jar:5.1.9.RELEASE]
at org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration$JwtTokenServicesConfiguration$$EnhancerBySpringCGLIB$$4186f2ce.jwtTokenEnhancer() ~[spring-security-oauth2-autoconfigure-2.1.8.RELEASE.jar:2.1.8.RELEASE]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_211]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_211]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_211]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_211]
at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) ~[spring-beans-5.1.9.RELEASE.jar:5.1.9.RELEASE]
... 95 common frames omitted

springbt_security_jwt 交流学习

建议权限认证一块增加Shiro部分的内容

从B站来的，老哥能增加shiro权限认证的使用案例不咯

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.