rudecrab / rude-java Goto Github PK
View Code? Open in Web Editor NEWJava Practice Projects(SSM、Spring Boot、Spring Security、MinIO、Vue). 以Java语言为主的各种项目实践,涵盖各个业务、各个功能,并附上高质量文章讲解,其中一些甚至可以单开一个仓库。让你再也不用寻找各种框架demo、项目脚手架。
License: Apache License 2.0
rude-java's Introduction
rude-java's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
findsunday beahyuk guchengcanyuan mmh1978 dxcui fsh1129173449 zhuxingsheng liushixin neaos orangeisnotapear qz01 sqshine ym-chen6 edisonhcg tanglhui nathan0529 nightmare199 lovepli chianliu vver xkx0717 surinhappy gushengwang zkcolins bing198333 eq361 litong-2020 morning-lc liangliangchibang chanvim zhoumoon zhaozhaol charberenl xlshlr tianyeguo xiongdudu liuteng1234 mapeihui liuscoding tplcys guliang123 r4b3rt loosergege defqx520 sekiru gitwyz qixuesong devhui mumuxieya zhangyacool bjcawanglu 1056215801 chux1995 xinyanggit hantichao drogba2011 young17 gougou1993 yuntin 15767959750 yinengmr winter13292 maxk222 xieweiqi1860 dldpdh hyqsz113 lijunze xianhaigithub liukailong qinzp123 zaureus muyunisawesome miuoko parallelworld hymanking starlightwanli stoutdada wuqingman terrencejang chenhuocan yangshenming yan1987 dreamxyyyy beeworkshop 1126045115 justinhuber qq1551466154 snevers letianfun w643080558 sorrow-zzt yuechengl rubyzhang lgqxgw cm9690 sunrisexdm vitimote cynszb by-sum 2321726371rude-java's Issues
出现 java.lang.ClassNotFoundException: javax.xml.bind.DatatypeConverter
主要是 因为 Spring Boot 版本过高了,需要我们给它指定「jaxb」的版本
<!-- https://mvnrepository.com/artifact/javax.xml.bind/jaxb-api -->
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.1</version>
</dependency>关于Security和rbac两个模块的Filter和Interceptor
拜读这两个模块的代码之后,发现Security的LoginFilter 和 AuthFilter 与 RBAC模块的LoginInterceptor 和 AuthInterceptor 所实现的功能其实是一样的。
如果我要做实际运用。是不是二取一即可啊?感觉Filter实现的认证和授权更好些。
新婚快乐~
新婚快乐~
springsecurity模块ApplicationStartup存在空指针风险
com.rudecrab.springsecurity.config.ApplicationStartup#getAuthResources()
方法中
String path = methods.toArray()[0] + ":" + info.getPatternsCondition().getPatterns().toArray()[0];
报空指针错误,是不是取错了对象,应该是info.getPathPatternsCondition()
前端代码本地运行不起来
前端代码拉到本地后,运行不起来;看了下好像是ts的版本问题。但是升级了,解决一部分,与router的使用语法又有冲突。后端代码里面集合的前端代码好像跟前端源码不同步?
Using predictable/constant cryptographic key when creating and verifing Json Web Token.
Hi, we are a research group to help developers build secure applications. We designed a cryptographic misuse detector on Java language(Our main concern is the secure implementation and use of Json Web Token). We found your great public repository (i.e.,
rude-java) from GitHub, and several security issues detected by our detector are shown in the following. The specific security issues we found are as follows:
(1) Location: Package: package com.rudecrab.loginjwt.util; Class: JwtUtil.class
Security issue: Using predictable/constant cryptographic key when creating and verifing Json Web Token.
Using a predictable/constant secret does not conform to the security implementation specification of JWT, which may bring security risks to your system. It is recommended to use a more secure way to store the secret used to generate the JWT and use a strong enough key to improve the security of the project. (For the hazards of predictable/constant secret, you can refer to CWE-321, NIST Special Publication 800-57).
We wish the above security issues cloud truly help you to build a secure application. If you have any concern or suggestion, please feel free to contact us, we are looking forward to your reply. Thanks.
SpringSecurity无法登陆
无法登陆,报400
返回数据:
{
"timestamp": "2021-06-18T08:16:34.451+00:00",
"status": 400,
"error": "Bad Request",
"message": "",
"path": "/API/login"
}日志
2021-06-18 16:19:41.795 [WARN ] [http-nio-8091-exec-1] [org.mybatis.logging.Logger] [44] No MyBatis mapper was found in '[com.rudecrab.springsecurity.mapper]' package. Please check your configuration.
2021-06-18 16:19:41 JRebel: Reconfiguring bean 'mySecurityMetadataSource' [com.rudecrab.springsecurity.security.MySecurityMetadataSource]
2021-06-18 16:19:41.855 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.LoginFilter] [35] ---LoginFilter---
2021-06-18 16:19:41.855 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.AuthFilter] [42] ---AuthFilter---
filter invocation [POST /API/login?username=admin&password=12345]
2021-06-18 16:19:41.857 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.MySecurityMetadataSource] [32] ---MySecurityMetadataSource---
2021-06-18 16:19:41.858 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.AuthFilter] [42] ---AuthFilter---
filter invocation [POST /API/login?username=admin&password=12345]
2021-06-18 16:19:41.859 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.MySecurityMetadataSource] [32] ---MySecurityMetadataSource---
2021-06-18 16:19:41.863 [WARN ] [http-nio-8091-exec-1] [org.springframework.web.servlet.handler.AbstractHandlerExceptionResolver] [207] Resolved [org.springframework.http.converter.HttpMessageNotReadableException: Required request body is missing: public com.rudecrab.springsecurity.model.vo.UserVO com.rudecrab.springsecurity.controller.api.LoginController.login(com.rudecrab.springsecurity.model.param.LoginParam)]
2021-06-18 16:19:41.864 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.AuthFilter] [42] ---AuthFilter---
filter invocation [POST /error?username=admin&password=12345]
2021-06-18 16:19:41.865 [INFO ] [http-nio-8091-exec-1] [com.rudecrab.springsecurity.security.MySecurityMetadataSource] [32] ---MySecurityMetadataSource---
认证和统一异常处理的项目,返回结果为字符串,但是字符串对应的是页面路径情况;就是项目
认证和统一异常处理的项目,返回结果为字符串,但是字符串对应的是页面路径情况,就是项目同时包含restful接口和跳转页面的需求,怎么解决?
为什么不更新了?
为什么不更新了?
统一返回请求类中对于String的处理有些
接口代码:` @RequestMapping("/test")
public Object test(String dateMessage){
return "ssss";
}`
统一请求返回类中处理代码:
` @OverRide
public Object beforeBodyWrite(Object data, MethodParameter returnType, MediaType mediaType, Class> aClass, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
//String类型不能直接包装,所以要进行些特别的处理
if(returnType.getGenericParameterType().equals(String.class)){
ObjectMapper objectMapper = new ObjectMapper();
try {
// 将数据包装在ResultVO里后,再转换为json字符串响应给前端
return objectMapper.writeValueAsString(new APIResult<>(data));
} catch (JsonProcessingException e) {
throw new APIException("返回String类型错误");
}
}
// 将原本的数据包装在ResultVO里
return new APIResult<>(data);
}`
但是会报
`[dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.ClassCastException: com.zhuiyi.customerService.config.result.APIResult cannot be cast to java.lang.String] with root cause
java.lang.ClassCastException: com.zhuiyi.customerService.config.result.APIResult cannot be cast to java.lang.String`
是不是哪里处理的不对呢?
⚠️ 【后端接口异常处理】BindException无法获取参数的Class对象
RudeCrad:sparkles:,您好!
我使用BindException而不是MethodArgumentNotValidException是因为在【项目实践】SpringBoot三招组合拳,手把手教你打出优雅的后端接口的「Validator + 自动抛出异常」章节,控制台抛出的异常是 BindException ,使用 MethodArgumentNotValidException 无法处理异常,改动后可以顺利跑通。
但在【项目实践】后端接口统一规范的同时,如何优雅地扩展规范因为这个改动而遇到了一个问题:使用BindException如何才可以获取到参数的Class对象呢? 我debug之后发现class的具体位置是allErrors[0].source.rootBeanClass
以下是我的版本信息,期待您的解答!orz 谢谢! 💚
plugins {
id("org.springframework.boot") version "2.3.7.RELEASE"
id("io.spring.dependency-management") version "1.0.10.RELEASE"
kotlin("jvm") version "1.3.72"
kotlin("plugin.spring") version "1.3.72"
}// 控制器
@RestController
class HelloControl {
@GetMapping("addUser")
@ResponseBody
fun add(@Valid user: User):User {
return user
}
}
// 自定义异常处理
@RestControllerAdvice
class ExceptionControllerAdvice {
@ExceptionHandler(BindException::class)
fun bindExceptionHandler(e: BindException): ResultValue<ResultCode> {
val defaultMsg = e.bindingResult.allErrors[0].defaultMessage.toString()
// 错误字段
val field = e.bindingResult.fieldError?.field
// 获取参数的Class对象
val parameterClazz = // 这里QAQ 对应的操作应当如下:
// 参数的Class对象,等下好通过字段名称获取Field对象
// Class<?> parameterType = e.getParameter().getParameterType();
val annotation = parameterClazz.getAnnotation(ExceptionCode::class.java)
if (annotation != null) {
return ResultValue(annotation.value, annotation.message, ResultCode.VALIDATE_FAILED)
}
return ResultValue(ResultCode.VALIDATE_FAILED)
}
@ExceptionHandler(APIException::class)
fun apiExceptionHandler(e: APIException): ResultValue<String> {
return ResultValue(ResultCode.FAILED, e.message.toString())
}
}Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.