非J2EE部署解决方案
根据交银施罗德真实环境已测试通过,此过程可以作为非J2EE部署的典型案例,主要是针对某些对安全性要求较高的解决方案:
基本的实现原理和部分代码如下:
1.客户端访问交银.net系统,由该系统发送请求,访问方式为:http://润乾报表服务器ip:9090/appsOnlineUms/index.jsp?token=b96335b0db0347bf9b98c4fb2a3fdb38
2.由index.jsp接收到传过来的token值(系统唯一值),
3.根据传过来的token值调用.net系统的定义的WebServices的http://portal.jysld.com/jyportalinterface/
reportrights.asmx方法,此方法里相关有用的信息
index.jsp部分代码:
<%
String token = request.getParameter(“token”);
System.out.println(“传过来的token:” + token);
ReportRightsClient client = new ReportRightsClient();
ReportRightsSoap service = client.getReportRightsSoap();
ReportRightResult reportResult=service.getRight(token);
String displayName= reportResult.getDisplayName();
String Account=reportResult.getAccount();
String raq= reportResult.getReportName();
boolean flag=reportResult.isRight();
session.setAttribute(“flag”, flag);
System.out.println(“别名:”+displayName);
System.out.println(“ACount:”+Account);
System.out.println(“报表名:”+raq);
System.out.println(“是否有权限:”+flag);
%>
4.对WebServices方法的处理两个基本java类:ReportRightsClient.java代码如下:
package com;
import java.net.MalformedURLException;
import java.util.Collection;
import java.util.HashMap;
import javax.xml.namespace.QName;
import org.codehaus.xfire.XFireRuntimeException;
import org.codehaus.xfire.aegis.AegisBindingProvider;
import org.codehaus.xfire.annotations.AnnotationServiceFactory;
import org.codehaus.xfire.annotations.jsr181.Jsr181WebAnnotations;
import org.codehaus.xfire.client.XFireProxyFactory;
import org.codehaus.xfire.jaxb2.JaxbTypeRegistry;
import org.codehaus.xfire.service.Endpoint;
import org.codehaus.xfire.service.Service;
import org.codehaus.xfire.soap.AbstractSoapBinding;
import org.codehaus.xfire.transport.TransportManager;
import org.tempuri.ReportRightResult;
public class ReportRightsClient {
private static XFireProxyFactory proxyFactory = new XFireProxyFactory();
private HashMap endpoints = new HashMap();
private Service service0;
public ReportRightsClient() {
create0();
Endpoint ReportRightsSoapLocalEndpointEP = service0 .addEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoapLocalEndpoint”), new QName(“http://tempuri.org/”, “ReportRightsSoapLocalBinding”), “xfire.local://ReportRights”);
endpoints.put(new QName(“http://tempuri.org/”, “ReportRightsSoapLocalEndpoint”), ReportRightsSoapLocalEndpointEP);
Endpoint ReportRightsSoapEP = service0 .addEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoap”), new QName(“http://tempuri.org/”, “ReportRightsSoap”), “http://portal.jysld.com/jyportalinterface/reportrights.asmx”);
endpoints.put(new QName(“http://tempuri.org/”, “ReportRightsSoap”), ReportRightsSoapEP);
public Object getEndpoint(Endpoint endpoint) {
try {
return proxyFactory.create((endpoint).getBinding(), (endpoint).getUrl());
} catch (MalformedURLException e) {
throw new XFireRuntimeException(“Invalid URL”, e);
public Object getEndpoint(QName name) {
Endpoint endpoint = ((Endpoint) endpoints.get((name)));
if ((endpoint) == null) {
throw new IllegalStateException(“No such endpoint!”);
return getEndpoint((endpoint));
public Collection getEndpoints() {
return endpoints.values();
private void create0() {
TransportManager tm = (org.codehaus.xfire.XFireFactory.newInstance().getXFire().getTransportManager());
HashMap props = new HashMap();
props.put(“annotations.allow.interface”, true);
AnnotationServiceFactory asf = new AnnotationServiceFactory(new Jsr181WebAnnotations(), tm, new AegisBindingProvider(new JaxbTypeRegistry()));
asf.setBindingCreationEnabled(false);
service0 = asf.create((com.ReportRightsSoap.class), props);
AbstractSoapBinding soapBinding = asf.createSoap11Binding(service0, new QName(“http://tempuri.org/”, “ReportRightsSoapLocalBinding”), “urn:xfire:transport:local”);
AbstractSoapBinding soapBinding = asf.createSoap11Binding(service0, new QName(“http://tempuri.org/”, “ReportRightsSoap”), “http://schemas.xmlsoap.org/soap/http”);
public ReportRightsSoap getReportRightsSoapLocalEndpoint() {
return ((ReportRightsSoap)(this).getEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoapLocalEndpoint”)));
public ReportRightsSoap getReportRightsSoapLocalEndpoint(String url) {
ReportRightsSoap var = getReportRightsSoapLocalEndpoint();
org.codehaus.xfire.client.Client.getInstance(var).setUrl(url);
return var;
public ReportRightsSoap getReportRightsSoap() {
return ((ReportRightsSoap)(this).getEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoap”)));
public ReportRightsSoap getReportRightsSoap(String url) {
ReportRightsSoap var = getReportRightsSoap();
org.codehaus.xfire.client.Client.getInstance(var).setUrl(url);
return var;
public static void main(String[] args) {
ReportRightsClient client = new ReportRightsClient();
//create a default service endpoint
ReportRightsSoap service = client.getReportRightsSoap();
//TODO: Add custom client code here
//
//service.yourServiceOperationHere();
ReportRightResult reportResult=service.getRight(“b96335b0db0347bf9b98c4fb2a3fdb38″);
String displayName= reportResult.getDisplayName();
String Account=reportResult.getAccount();
String reportName= reportResult.getReportName();
boolean flag=reportResult.isRight();
System.out.println(“别名:”+displayName);
System.out.println(“ACount:”+Account);
System.out.println(“报表名:”+reportName);
System.out.println(“是否有权限:”+flag);
//测试:
//http://localhost:9090/appsOnlineUms/index.jsp?token=b96335b0db0347bf9b98c4fb2a3fdb38
//http://localhost:9090/appsOnlineUms/index.jsp?token=b96335b0db0347bf9b98c4fb2a3fdb36
System.exit(0);
ReportRightsSoap.java代码如下:
package com;
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import org.tempuri.ReportRightResult;
@WebService(name = “ReportRightsSoap”, targetNamespace = “http://tempuri.org/”)
@SOAPBinding(use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
public interface ReportRightsSoap {
@WebMethod(operationName = “GetRight”, action = “http://tempuri.org/GetRight”)
@WebResult(name = “GetRightResult”, targetNamespace = “http://tempuri.org/”)
public ReportRightResult getRight(
@WebParam(name = “token”, targetNamespace = “http://tempuri.org/”)
String token);
5.根据调用的WebServices对其返回的ReportRightResult结果集得到相关的信息
ReportRightResult reportResult=service.getRight(token);
String displayName= reportResult.getDisplayName();//别名
String Account=reportResult.getAccount();//ACount
String raq= reportResult.getReportName();//报表名
boolean flag=reportResult.isRight();//是否有权限
session.setAttribute(“flag”, flag);
6.由返回的权限判断通过Filter进行页面和数据的过滤
OnlineFilter.java的代码:
package filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.*;
public class OnlineFilter extends HttpServlet implements Filter {
private static final long serialVersionUID = 1L;
// private String loginUrl = “”;
public void init(FilterConfig filterConfig) throws ServletException {
// loginUrl = filterConfig.getInitParameter(“exceptUrl”);
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException,
NullPointerException {
RequestDispatcher dispatcher = request
.getRequestDispatcher(“myErrorPage.jsp”);
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
// 从session里取的权限判断信息
boolean flag = (Boolean) session.getAttribute(“flag”);
System.out.println(“flag:” + flag);
if (!flag) {
// 跳转到登陆页面
dispatcher.forward(request, response);
res.setHeader(“Cache-Control”, “no-store”);
res.setDateHeader(“Expires”, 0);
res.setHeader(“Pragma”, “no-cache”);
System.out.println(“用户没有登陆,不允许操作”);
return;
} else {
chain.doFilter(request, response);
System.out.println(“用户已经登陆,允许操作”);
public void destroy() {
過濾器在web.xml配置如下:
<filter>
<filter-name>onlineFilter</filter-name>
<filter-class>filter.OnlineFilter</filter-class>
<!–
<init-param>
<param-name>exceptUrl</param-name>
<param-value>index.jsp</param-value>
</init-param>
–>
</filter>
<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>/reportJsp/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>/jsp/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>/reportServlet</url-pattern>
</filter-mapping>
7.通过获取的权限最终达到数据的完整交互 index.jsp部分代码:
<%
String realPath = “http://”
+ request.getServerName()
+ “:”
+ request.getServerPort()
+ request.getContextPath()
+ request.getServletPath().substring(0,
request.getServletPath().lastIndexOf(“/”) + 1);
String fullfilePath = realPath + “reportJsp/showReport.jsp?raq=”
+ raq;
System.out.println(“fullfilePath:” + fullfilePath);
response.sendRedirect(fullfilePath);
%>
优点:1.权限安全系数更高,只保证当前用户有权限操作,防止了部分通过新开IE记住URL的方式访问,包括
想通过查看源文件里对servlet的处理等,
2.权限的配置,操作完全交给.net系统处理,对报表的应用只要告诉我有没有权限执行当前的操作,要用的报
表,当前的用户信息即可,通用性好,耦合度低,易于集成
缺点:由于是跨语言,跨服务器集成操作,多多少少网络可能会阻止一些访问效率和响应时间等
难点:对WebServices代码的操作过程…
非J2EE部署解决方案相关推荐
- linux重启was控制台报错,Linux非WAS部署,启动报错Cannot run program \lsb_release\
Linux非WAS部署,启动报错Cannot run program "lsb_release" 已确认 tools.jar 文件是当前 linux 中的 jdk 下的 jar 文 ...
- 像淘宝、京东这样的大型电商网站服务器构架完全部署解决方案
像淘宝.京东这样的大型电商网站服务器构架完全部署解决方案 参考文章: (1)像淘宝.京东这样的大型电商网站服务器构架完全部署解决方案 (2)https://www.cnblogs.com/lazb/p ...
- MiniDao Framework 1.3.0 发布,J2EE持久化解决方案
MiniDao简介及特征 MiniDao是J2EE持久化解决方案,摆脱了hibernate笨重和Mybatis的繁琐,同时具备了实体维护和SQL分离的两大优点,拟补了mybatis和hibernat ...
- 深度解析大型分布式电商网站演变过程以及构架部署解决方案
前言: 本文是学习大型分布式网站架构的技术总结.对架构一个高性能,高可用,可伸缩,可扩展的分布式网站进行了概要性描述,并给出一个架构参考.一部分为读书笔记,一部分是个人经验总结.对大型分布式网站架构有 ...
- Nginx + uWSGI + flask + socketio 部署解决方案
Nginx + uWSGI + flask + socketio 部署解决方案 参考文章: (1)Nginx + uWSGI + flask + socketio 部署解决方案 (2)https:// ...
- 百度开放云·网站及部署解决方案
百度世界大会·开放云论坛上,百度开放云共对外发布10套解决方案,覆盖建站部署.视频.图像.存储分发.大数据分析.移动APP以及数字营销.在线教育.物联网.政企等领域. 首先来剖析网站及部署解决方案! ...
- 前后端分离Nginx部署解决方案
前后端分离Nginx部署解决方案 转自:https://www.yuque.com/dukang-hfttn/mo27v1/po8zc3 一.获取前端代码编译发布步骤 获取FE前端源码 安装Nodej ...
- 设置安全或非安全部署
您可以选择设置安全或非安全部署.安全部署涉及通过SSL / TLS进行RESTful API调用并在分发服务器和Receiver Server之间传递路径数据.您可以使用现有的钱包和证书,也可以创建新 ...
- quartz集群分布式(并发)部署解决方案-Spring - 推酷
quartz集群分布式(并发)部署解决方案-Spring - 推酷 quartz集群分布式(并发)部署解决方案-Spring - 推酷 posted on 2015-09-05 16:03 lexus ...
最新文章
- step如何打开服务器项目,STEP7项目打开及删除
- side menu待研究
- 光伏电站清扫机器人_光伏智能清扫机器人
- 事件映射 消息映射_映射幻影收费站
- 以jieba为首的主流分词工具总结
- 【java机器学习】贝叶斯分类
- 静态内部类----Java
- 机器学习基石--学习笔记02--Hard Dual SVM
- 射线检测(Summary)
- 由System.getProperty(user.dir)引发的联想
- 不用找,你想要的家具贴图素材都在这里
- Android如何进行反编译
- 八年级计算机考试试题奥运会,八年级信息技术考试试题及答案
- 数据链路层协议 ——— 以太网协议
- Windows 7个性化配置,关闭Win7动画效果,设置窗口背景为“ 豆绿色”,移动“我的文档”...
- PHP关闭Notice错误提示
- Spring基础(持续更新)
- Floorplan基本概念合集
- 美团商家的数据指标体系是怎么做的?
- 用Java实现猜数游戏:在程序中预设一个0-9之间的整数,让用户通过键盘输入所猜的数,如果大于预设的数,显示“遗憾,太大了” ;小于预设的数,显示“遗憾,太小了” ,如此循环,直至猜中该数,
热门文章
- 物联网中的“网”正在经历一次“脱胎换骨”,不仅洞察人性,还将修炼成精...
- vue.js 基础学习 11天 -- 转载 某培训机构 学习资料 (转载链接未找到-暂定原创 - 非原创)
- Excel函数--SUM计算累计销量
- java alter session_java程序里面可以执行alter session之类的语句?
- 功放IC音频芯片双声道D类3W ESOP-8封装
- 游戏运营数据解读之----ARPU[国外称之为ARPPU]
- python智能语音识别_Python 智能语音识别-Speech搭建和使用
- 读书笔记第一篇:知乎高赞回答
- Processor Microarchitecture(Mark D.Hill ):Cache
- git与repo区别?