马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?立即注册
x
目次
第一部分:HTTP协议与Servlet基础
1. HTTP协议核心知识
2. Servlet核心机制
第二部分:Spring Boot Web深度整合
1. Spring Boot Web架构
2. 创建Spring Boot Web应用
3. 控制器开辟实践
4. 请求与响应处理
第三部分:高级特性与最佳实践
1. 会话管理方案对比
2. 非常处理统一方案
3. 性能优化策略
第四部分:安全与摆设
1. 安全防护基础
2. 摆设方案对比
第五部分:现代化演进
1. 响应式Web开辟
2. 微服务架构整合
第一部分:HTTP协议与Servlet基础
1. HTTP协议核心知识
HTTP协议特性:
- 无状态协议(可通过Cookie/Session维持状态)
- 基于请求/响应模型(Request/Response)
- 默认端口:HTTP(80)/HTTPS(443)
- 支持多种请求方法(GET/POST/PUT/DELETE等)
HTTP请求方法对照表:
方法幂等性安全性范例应用场景GET是是获取资源POST否否创建资源或提交数据PUT是否完整更新资源PATCH否否部分更新资源DELETE是否删除资源 HTTP状态码分类:
状态码范围类别常见状态码示例1xx信息性100 Continue2xx成功200 OK, 201 Created3xx重定向301 Moved Permanently4xx客户端错误400 Bad Request, 403 Forbidden5xx服务器错误500 Internal Server Error 2. Servlet核心机制
Servlet生命周期:
- 初始化阶段:容器调用init()方法
- 服务阶段:针对每个请求调用service()方法(内部路由到doGet/doPost等)
- 烧毁阶段:容器调用destroy()方法开释资源
Servlet处理流程:
- 客户端请求 → Web服务器 → Servlet容器 → 创建Request/Response对象
- → 调用Servlet的service()方法 → 生成响应 → 返回客户端
- // 传统Servlet配置示例(web.xml)
- <servlet>
- <servlet-name>helloServlet</servlet-name>
- <servlet-class>com.example.HelloServlet</servlet-class>
- </servlet>
- <servlet-mapping>
- <servlet-name>helloServlet</servlet-name>
- <url-pattern>/hello</url-pattern>
- </servlet-mapping>
- // 注解配置示例(Servlet 3.0+)
- @WebServlet(
- name = "modernServlet",
- urlPatterns = {"/api/*"},
- initParams = @WebInitParam(name = "config", value = "value")
- )
- public class ModernServlet extends HttpServlet {
- // 实现代码
- }
1. Spring Boot Web架构
核心组件关系:
- HTTP请求 → DispatcherServlet → HandlerMapping
- → Controller → 业务处理 → 返回ModelAndView
- → ViewResolver → 渲染视图 → HTTP响应
- DispatcherServlet作为唯一的前端控制器
- 内嵌Servlet容器(Tomcat/Jetty/Undertow)
- 自动配置Spring MVC组件
2. 创建Spring Boot Web应用
项目初始化:
- # 使用Spring Initializr创建项目
- curl https://start.spring.io/starter.zip \
- -d dependencies=web \
- -d javaVersion=11 \
- -d packageName=com.example \
- -d name=demo \
- -o demo.zip
- src/
- ├── main/
- │ ├── java/
- │ │ └── com/example/demo/
- │ │ ├── DemoApplication.java # 启动类
- │ │ ├── config/ # 配置类
- │ │ ├── controller/ # 控制器
- │ │ ├── service/ # 服务层
- │ │ └── repository/ # 数据访问层
- │ └── resources/
- │ ├── static/ # 静态资源
- │ ├── templates/ # 模板文件
- │ ├── application.properties # 配置文件
- │ └── application.yml # 替代配置
RESTful控制器示例:
- @RestController
- @RequestMapping("/api/users")
- public class UserController {
- @Autowired
- private UserService userService;
- @GetMapping
- public ResponseEntity<List<User>> getAllUsers() {
- return ResponseEntity.ok(userService.findAll());
- }
- @GetMapping("/{id}")
- public ResponseEntity<User> getUser(@PathVariable Long id) {
- return userService.findById(id)
- .map(ResponseEntity::ok)
- .orElse(ResponseEntity.notFound().build());
- }
- @PostMapping
- public ResponseEntity<User> createUser(@Valid @RequestBody User user) {
- User savedUser = userService.save(user);
- URI location = ServletUriComponentsBuilder.fromCurrentRequest()
- .path("/{id}")
- .buildAndExpand(savedUser.getId())
- .toUri();
- return ResponseEntity.created(location).body(savedUser);
- }
- @PutMapping("/{id}")
- public ResponseEntity<User> updateUser(@PathVariable Long id,
- @Valid @RequestBody User user) {
- return ResponseEntity.ok(userService.update(id, user));
- }
- @DeleteMapping("/{id}")
- public ResponseEntity<Void> deleteUser(@PathVariable Long id) {
- userService.delete(id);
- return ResponseEntity.noContent().build();
- }
- }
参数绑定方式对比:
参数类型注解示例路径变量@PathVariable/users/{id}请求参数@RequestParam?name=value请求体@RequestBodyJSON/XML格式数据请求头@RequestHeader获取特定Header值Cookie值@CookieValue获取Cookie信息表单数据@ModelAttribute绑定表单对象Servlet原生对象直接声明HttpServletRequest等 响应处理技术:
- // 1. 返回视图
- @Controller
- public class ViewController {
- @GetMapping("/greet")
- public String greet(Model model) {
- model.addAttribute("message", "Hello World");
- return "greetView"; // 对应templates/greetView.html
- }
- }
- // 2. 返回JSON(RESTful)
- @RestController
- public class ApiController {
- @GetMapping("/data")
- public Map<String, Object> getData() {
- return Map.of("status", "success", "code", 200);
- }
- }
- // 3. 文件下载
- @GetMapping("/download")
- public ResponseEntity<Resource> downloadFile() {
- InputStreamResource resource = new InputStreamResource(...);
- return ResponseEntity.ok()
- .header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=file.txt")
- .contentType(MediaType.APPLICATION_OCTET_STREAM)
- .body(resource);
- }
1. 会话管理方案对比
方案对比表:
方案实现方式优点缺点SessionHttpSession服务端状态,安全性较好集群环境需要同步Cookie欣赏器存储简单易用大小限制,安全性低TokenJWT等机制无状态,适合分布式需要处理令牌过期Spring Session共同Redis等存储适合分布式系统增长架构复杂度 JWT实现示例:
- // 生成Token
- public String generateToken(UserDetails userDetails) {
- Map<String, Object> claims = new HashMap<>();
- return Jwts.builder()
- .setClaims(claims)
- .setSubject(userDetails.getUsername())
- .setIssuedAt(new Date(System.currentTimeMillis()))
- .setExpiration(new Date(System.currentTimeMillis() + JWT_TOKEN_VALIDITY * 1000))
- .signWith(SignatureAlgorithm.HS512, secret)
- .compact();
- }
- // 验证Filter
- public class JwtAuthenticationFilter extends OncePerRequestFilter {
- @Override
- protected void doFilterInternal(HttpServletRequest request,
- HttpServletResponse response,
- FilterChain chain) {
- // 验证逻辑
- }
- }
全局非常处理:
- @RestControllerAdvice
- public class GlobalExceptionHandler {
- @ExceptionHandler(ResourceNotFoundException.class)
- public ResponseEntity<ErrorResponse> handleNotFound(ResourceNotFoundException ex) {
- ErrorResponse error = new ErrorResponse(
- "NOT_FOUND",
- ex.getMessage(),
- System.currentTimeMillis());
- return ResponseEntity.status(HttpStatus.NOT_FOUND).body(error);
- }
- @ExceptionHandler(MethodArgumentNotValidException.class)
- public ResponseEntity<ErrorResponse> handleValidation(MethodArgumentNotValidException ex) {
- List<String> errors = ex.getBindingResult()
- .getFieldErrors()
- .stream()
- .map(FieldError::getDefaultMessage)
- .collect(Collectors.toList());
-
- ErrorResponse error = new ErrorResponse(
- "VALIDATION_FAILED",
- "字段验证失败",
- System.currentTimeMillis(),
- errors);
-
- return ResponseEntity.badRequest().body(error);
- }
- }
缓存配置示例:
- @Configuration
- @EnableCaching
- public class CacheConfig {
- @Bean
- public CacheManager cacheManager() {
- CaffeineCacheManager cacheManager = new CaffeineCacheManager();
- cacheManager.setCaffeine(Caffeine.newBuilder()
- .initialCapacity(100)
- .maximumSize(1000)
- .expireAfterWrite(10, TimeUnit.MINUTES)
- .recordStats());
- return cacheManager;
- }
- }
- // 使用缓存
- @Service
- public class ProductService {
-
- @Cacheable(value = "products", key = "#id")
- public Product getProductById(Long id) {
- // 数据库查询
- }
-
- @CacheEvict(value = "products", key = "#product.id")
- public void updateProduct(Product product) {
- // 更新操作
- }
- }
- @RestController
- public class AsyncController {
- @GetMapping("/async")
- public CompletableFuture<String> asyncTask() {
- return CompletableFuture.supplyAsync(() -> {
- // 模拟耗时操作
- try { Thread.sleep(2000); }
- catch (InterruptedException e) { /* 处理异常 */ }
- return "异步任务完成";
- });
- }
- }
1. 安全防护基础
Spring Security配置:
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .antMatchers("/public/**").permitAll()
- .antMatchers("/admin/**").hasRole("ADMIN")
- .anyRequest().authenticated()
- .and()
- .formLogin()
- .loginPage("/login")
- .permitAll()
- .and()
- .logout()
- .logoutSuccessUrl("/")
- .and()
- .rememberMe()
- .and()
- .csrf().disable(); // 根据实际情况决定是否禁用
- }
- }
摆设方式对比:
摆设方式适用场景特点内嵌容器开辟/小型生产环境简单快捷,无需额外容器WAR包摆设传统Java EE环境需要外部Servlet容器Docker容器化云原生环境环境同等,便于扩展云平台原生摆设Kubernetes等云环境弹性伸缩,高可用 生产环境配置建议:
- # application-prod.yml
- server:
- port: 8080
- compression:
- enabled: true
- mime-types: text/html,text/xml,text/plain,text/css,text/javascript,application/javascript,application/json
- min-response-size: 1024
- error:
- whitelabel:
- enabled: false
- management:
- endpoints:
- web:
- exposure:
- include: health,info,metrics
- endpoint:
- health:
- show-details: always
1. 响应式Web开辟
WebFlux基础示例:
- @RestController
- @RequestMapping("/reactive")
- public class ReactiveController {
- @GetMapping("/flux")
- public Flux<String> getFlux() {
- return Flux.just("Item1", "Item2", "Item3")
- .delayElements(Duration.ofSeconds(1));
- }
- @GetMapping(value = "/stream", produces = MediaType.TEXT_EVENT_STREAM_VALUE)
- public Flux<ServerSentEvent<String>> getStream() {
- return Flux.interval(Duration.ofSeconds(1))
- .map(sequence -> ServerSentEvent.<String>builder()
- .id(String.valueOf(sequence))
- .event("periodic-event")
- .data("SSE - " + LocalTime.now().toString())
- .build());
- }
- }
OpenAPI文档集成:
- @Configuration
- public class OpenApiConfig {
- @Bean
- public OpenAPI customOpenAPI() {
- return new OpenAPI()
- .info(new Info()
- .title("电商平台API")
- .version("1.0")
- .description("基于Spring Boot的电商平台接口文档")
- .license(new License().name("Apache 2.0")))
- .externalDocs(new ExternalDocumentation()
- .description("项目Wiki")
- .url("https://github.com/example/wiki"));
- }
- }
- // 控制器注解示例
- @Operation(summary = "获取用户详情", description = "根据ID返回用户完整信息")
- @ApiResponses(value = {
- @ApiResponse(responseCode = "200", description = "成功获取用户"),
- @ApiResponse(responseCode = "404", description = "用户不存在")
- })
- @GetMapping("/{id}")
- public ResponseEntity<User> getUser(@Parameter(description = "用户ID") @PathVariable Long id) {
- // 实现代码
- }
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。 |
