根据交银施罗德真实环境已测试通过,此过程可以作为非J2EE部署的典型案例,主要是针对某些对安全性要求较高的解决方案:
基本的实现原理和部分代码如下:
1.客户端访问交银.net系统,由该系统发送请求,访问方式为:http://润乾报表服务器ip:9090/appsOnlineUms/index.jsp?token=b96335b0db0347bf9b98c4fb2a3fdb38
2.由index.jsp接收到传过来的token值(系统唯一值),
3.根据传过来的token值调用.net系统的定义的WebServices的http://portal.jysld.com/jyportalinterface/
reportrights.asmx方法,此方法里相关有用的信息
index.jsp部分代码:
<%

String token = request.getParameter(“token”);
System.out.println(“传过来的token:” + token);
ReportRightsClient client = new ReportRightsClient();
ReportRightsSoap service = client.getReportRightsSoap();
ReportRightResult reportResult=service.getRight(token);
String displayName= reportResult.getDisplayName();
String Account=reportResult.getAccount();
String raq= reportResult.getReportName();
boolean flag=reportResult.isRight();
session.setAttribute(“flag”, flag);
System.out.println(“别名:”+displayName);
System.out.println(“ACount:”+Account);
System.out.println(“报表名:”+raq);
System.out.println(“是否有权限:”+flag);
%>
4.对WebServices方法的处理两个基本java类:ReportRightsClient.java代码如下:

package com;
import java.net.MalformedURLException;
import java.util.Collection;
import java.util.HashMap;
import javax.xml.namespace.QName;
import org.codehaus.xfire.XFireRuntimeException;
import org.codehaus.xfire.aegis.AegisBindingProvider;
import org.codehaus.xfire.annotations.AnnotationServiceFactory;
import org.codehaus.xfire.annotations.jsr181.Jsr181WebAnnotations;
import org.codehaus.xfire.client.XFireProxyFactory;
import org.codehaus.xfire.jaxb2.JaxbTypeRegistry;
import org.codehaus.xfire.service.Endpoint;
import org.codehaus.xfire.service.Service;
import org.codehaus.xfire.soap.AbstractSoapBinding;
import org.codehaus.xfire.transport.TransportManager;
import org.tempuri.ReportRightResult;

public class ReportRightsClient {

private static XFireProxyFactory proxyFactory = new XFireProxyFactory();
private HashMap endpoints = new HashMap();
private Service service0;

public ReportRightsClient() {
create0();
Endpoint ReportRightsSoapLocalEndpointEP = service0 .addEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoapLocalEndpoint”), new QName(“http://tempuri.org/”, “ReportRightsSoapLocalBinding”), “xfire.local://ReportRights”);
endpoints.put(new QName(“http://tempuri.org/”, “ReportRightsSoapLocalEndpoint”), ReportRightsSoapLocalEndpointEP);
Endpoint ReportRightsSoapEP = service0 .addEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoap”), new QName(“http://tempuri.org/”, “ReportRightsSoap”), “http://portal.jysld.com/jyportalinterface/reportrights.asmx”);
endpoints.put(new QName(“http://tempuri.org/”, “ReportRightsSoap”), ReportRightsSoapEP);

public Object getEndpoint(Endpoint endpoint) {
try {
return proxyFactory.create((endpoint).getBinding(), (endpoint).getUrl());
} catch (MalformedURLException e) {
throw new XFireRuntimeException(“Invalid URL”, e);

public Object getEndpoint(QName name) {
Endpoint endpoint = ((Endpoint) endpoints.get((name)));
if ((endpoint) == null) {
throw new IllegalStateException(“No such endpoint!”);

return getEndpoint((endpoint));

public Collection getEndpoints() {
return endpoints.values();

private void create0() {
TransportManager tm = (org.codehaus.xfire.XFireFactory.newInstance().getXFire().getTransportManager());
HashMap props = new HashMap();
props.put(“annotations.allow.interface”, true);
AnnotationServiceFactory asf = new AnnotationServiceFactory(new Jsr181WebAnnotations(), tm, new AegisBindingProvider(new JaxbTypeRegistry()));
asf.setBindingCreationEnabled(false);
service0 = asf.create((com.ReportRightsSoap.class), props);

AbstractSoapBinding soapBinding = asf.createSoap11Binding(service0, new QName(“http://tempuri.org/”, “ReportRightsSoapLocalBinding”), “urn:xfire:transport:local”);

AbstractSoapBinding soapBinding = asf.createSoap11Binding(service0, new QName(“http://tempuri.org/”, “ReportRightsSoap”), “http://schemas.xmlsoap.org/soap/http”);

public ReportRightsSoap getReportRightsSoapLocalEndpoint() {
return ((ReportRightsSoap)(this).getEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoapLocalEndpoint”)));

public ReportRightsSoap getReportRightsSoapLocalEndpoint(String url) {
ReportRightsSoap var = getReportRightsSoapLocalEndpoint();
org.codehaus.xfire.client.Client.getInstance(var).setUrl(url);
return var;

public ReportRightsSoap getReportRightsSoap() {
return ((ReportRightsSoap)(this).getEndpoint(new QName(“http://tempuri.org/”, “ReportRightsSoap”)));

public ReportRightsSoap getReportRightsSoap(String url) {
ReportRightsSoap var = getReportRightsSoap();
org.codehaus.xfire.client.Client.getInstance(var).setUrl(url);
return var;

public static void main(String[] args) {

ReportRightsClient client = new ReportRightsClient();

//create a default service endpoint
ReportRightsSoap service = client.getReportRightsSoap();

//TODO: Add custom client code here
//
//service.yourServiceOperationHere();
ReportRightResult reportResult=service.getRight(“b96335b0db0347bf9b98c4fb2a3fdb38″);
String displayName= reportResult.getDisplayName();
String Account=reportResult.getAccount();
String reportName= reportResult.getReportName();
boolean flag=reportResult.isRight();

System.out.println(“别名:”+displayName);
System.out.println(“ACount:”+Account);
System.out.println(“报表名:”+reportName);
System.out.println(“是否有权限:”+flag);
//测试:
//http://localhost:9090/appsOnlineUms/index.jsp?token=b96335b0db0347bf9b98c4fb2a3fdb38
//http://localhost:9090/appsOnlineUms/index.jsp?token=b96335b0db0347bf9b98c4fb2a3fdb36
System.exit(0);

ReportRightsSoap.java代码如下:

package com;

import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
import org.tempuri.ReportRightResult;

@WebService(name = “ReportRightsSoap”, targetNamespace = “http://tempuri.org/”)
@SOAPBinding(use = SOAPBinding.Use.LITERAL, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
public interface ReportRightsSoap {

@WebMethod(operationName = “GetRight”, action = “http://tempuri.org/GetRight”)
@WebResult(name = “GetRightResult”, targetNamespace = “http://tempuri.org/”)
public ReportRightResult getRight(
@WebParam(name = “token”, targetNamespace = “http://tempuri.org/”)
String token);

5.根据调用的WebServices对其返回的ReportRightResult结果集得到相关的信息
ReportRightResult reportResult=service.getRight(token);
String displayName= reportResult.getDisplayName();//别名
String Account=reportResult.getAccount();//ACount
String raq= reportResult.getReportName();//报表名
boolean flag=reportResult.isRight();//是否有权限
session.setAttribute(“flag”, flag);
6.由返回的权限判断通过Filter进行页面和数据的过滤
OnlineFilter.java的代码:

package filter;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.*;

public class OnlineFilter extends HttpServlet implements Filter {

private static final long serialVersionUID = 1L;

// private String loginUrl = “”;

public void init(FilterConfig filterConfig) throws ServletException {
// loginUrl = filterConfig.getInitParameter(“exceptUrl”);

public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException,
NullPointerException {
RequestDispatcher dispatcher = request
.getRequestDispatcher(“myErrorPage.jsp”);
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(true);
// 从session里取的权限判断信息
boolean flag = (Boolean) session.getAttribute(“flag”);
System.out.println(“flag:” + flag);
if (!flag) {
// 跳转到登陆页面
dispatcher.forward(request, response);
res.setHeader(“Cache-Control”, “no-store”);
res.setDateHeader(“Expires”, 0);
res.setHeader(“Pragma”, “no-cache”);
System.out.println(“用户没有登陆,不允许操作”);
return;
} else {
chain.doFilter(request, response);
System.out.println(“用户已经登陆,允许操作”);

public void destroy() {

過濾器在web.xml配置如下:
<filter>
<filter-name>onlineFilter</filter-name>
<filter-class>filter.OnlineFilter</filter-class>
<!–
<init-param>
<param-name>exceptUrl</param-name>
<param-value>index.jsp</param-value>
</init-param>
–>
</filter>
<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>/reportJsp/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>/jsp/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>onlineFilter</filter-name>
<url-pattern>/reportServlet</url-pattern>
</filter-mapping>
7.通过获取的权限最终达到数据的完整交互 index.jsp部分代码:
<%
String realPath = “http://”
+ request.getServerName()
+ “:”
+ request.getServerPort()
+ request.getContextPath()
+ request.getServletPath().substring(0,
request.getServletPath().lastIndexOf(“/”) + 1);
String fullfilePath = realPath + “reportJsp/showReport.jsp?raq=”
+ raq;
System.out.println(“fullfilePath:” + fullfilePath);
response.sendRedirect(fullfilePath);
%>

优点:1.权限安全系数更高,只保证当前用户有权限操作,防止了部分通过新开IE记住URL的方式访问,包括
想通过查看源文件里对servlet的处理等,
2.权限的配置,操作完全交给.net系统处理,对报表的应用只要告诉我有没有权限执行当前的操作,要用的报
表,当前的用户信息即可,通用性好,耦合度低,易于集成
缺点:由于是跨语言,跨服务器集成操作,多多少少网络可能会阻止一些访问效率和响应时间等
难点:对WebServices代码的操作过程…

非J2EE部署解决方案相关推荐

  1. linux重启was控制台报错,Linux非WAS部署,启动报错Cannot run program \lsb_release\

    Linux非WAS部署,启动报错Cannot run program "lsb_release" 已确认 tools.jar 文件是当前 linux 中的 jdk 下的 jar 文 ...

  2. 像淘宝、京东这样的大型电商网站服务器构架完全部署解决方案

    像淘宝.京东这样的大型电商网站服务器构架完全部署解决方案 参考文章: (1)像淘宝.京东这样的大型电商网站服务器构架完全部署解决方案 (2)https://www.cnblogs.com/lazb/p ...

  3. MiniDao Framework 1.3.0 发布,J2EE持久化解决方案

    MiniDao简介及特征  MiniDao是J2EE持久化解决方案,摆脱了hibernate笨重和Mybatis的繁琐,同时具备了实体维护和SQL分离的两大优点,拟补了mybatis和hibernat ...

  4. 深度解析大型分布式电商网站演变过程以及构架部署解决方案

    前言: 本文是学习大型分布式网站架构的技术总结.对架构一个高性能,高可用,可伸缩,可扩展的分布式网站进行了概要性描述,并给出一个架构参考.一部分为读书笔记,一部分是个人经验总结.对大型分布式网站架构有 ...

  5. Nginx + uWSGI + flask + socketio 部署解决方案

    Nginx + uWSGI + flask + socketio 部署解决方案 参考文章: (1)Nginx + uWSGI + flask + socketio 部署解决方案 (2)https:// ...

  6. 百度开放云·网站及部署解决方案

    百度世界大会·开放云论坛上,百度开放云共对外发布10套解决方案,覆盖建站部署.视频.图像.存储分发.大数据分析.移动APP以及数字营销.在线教育.物联网.政企等领域. 首先来剖析网站及部署解决方案! ...

  7. 前后端分离Nginx部署解决方案

    前后端分离Nginx部署解决方案 转自:https://www.yuque.com/dukang-hfttn/mo27v1/po8zc3 一.获取前端代码编译发布步骤 获取FE前端源码 安装Nodej ...

  8. 设置安全或非安全部署

    您可以选择设置安全或非安全部署.安全部署涉及通过SSL / TLS进行RESTful API调用并在分发服务器和Receiver Server之间传递路径数据.您可以使用现有的钱包和证书,也可以创建新 ...

  9. quartz集群分布式(并发)部署解决方案-Spring - 推酷

    quartz集群分布式(并发)部署解决方案-Spring - 推酷 quartz集群分布式(并发)部署解决方案-Spring - 推酷 posted on 2015-09-05 16:03 lexus ...

最新文章

  1. step如何打开服务器项目,STEP7项目打开及删除
  2. side menu待研究
  3. 光伏电站清扫机器人_光伏智能清扫机器人
  4. 事件映射 消息映射_映射幻影收费站
  5. 以jieba为首的主流分词工具总结
  6. 【java机器学习】贝叶斯分类
  7. 静态内部类----Java
  8. 机器学习基石--学习笔记02--Hard Dual SVM
  9. 射线检测(Summary)
  10. 由System.getProperty(user.dir)引发的联想
  11. 不用找,你想要的家具贴图素材都在这里
  12. Android如何进行反编译
  13. 八年级计算机考试试题奥运会,八年级信息技术考试试题及答案
  14. 数据链路层协议 ——— 以太网协议
  15. Windows 7个性化配置,关闭Win7动画效果,设置窗口背景为“ 豆绿色”,移动“我的文档”...
  16. PHP关闭Notice错误提示
  17. Spring基础(持续更新)
  18. Floorplan基本概念合集
  19. 美团商家的数据指标体系是怎么做的?
  20. 用Java实现猜数游戏:在程序中预设一个0-9之间的整数,让用户通过键盘输入所猜的数,如果大于预设的数,显示“遗憾,太大了” ;小于预设的数,显示“遗憾,太小了” ,如此循环,直至猜中该数,

热门文章

  1. 物联网中的“网”正在经历一次“脱胎换骨”,不仅洞察人性,还将修炼成精...
  2. vue.js 基础学习 11天 -- 转载 某培训机构 学习资料 (转载链接未找到-暂定原创 - 非原创)
  3. Excel函数--SUM计算累计销量
  4. java alter session_java程序里面可以执行alter session之类的语句?
  5. 功放IC音频芯片双声道D类3W ESOP-8封装
  6. 游戏运营数据解读之----ARPU[国外称之为ARPPU]
  7. python智能语音识别_Python 智能语音识别-Speech搭建和使用
  8. 读书笔记第一篇:知乎高赞回答
  9. Processor Microarchitecture(Mark D.Hill ):Cache
  10. git与repo区别?