一、添加web三大组件servlet、filter、listener支持
1、通过自动扫描注解来从Servlet规范中注册Servlet,过滤器和所有监听器
启动类添加注解来自动扫描三大组件
@ServletComponentScan
添加servlet、filter、listener Bean
@WebServlet(urlPatterns = "/myServlet") public class MyServlet extends HttpServlet { 。。。 } @WebFilter(urlPatterns = "/*") public class MyFilter implements Filter { 。。。 } @WebListener public class MyListener implements ServletContextListener { 。。。 }
2、使用xxxRegistrationBean方式配置bean
@Bean public ServletRegistrationBean heServletRegistrationBean(){ ServletRegistrationBean registration = new ServletRegistrationBean(new MyServlet(), "/myServlet"); return registration; } @Bean public FilterRegistrationBean heFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(new MyFilter()); registration.addUrlPatterns("/*"); return registration; } @Bean public ServletListenerRegistrationBean listenerRegistrationBean() { ServletListenerRegistrationBean registration = new ServletListenerRegistrationBean(new MyListener()); return registration; }
二、使用spring mvc拦截器
1、编写拦截器类MyInterceptor
2、编写配置类实现WebMvcConfigurer接口,覆盖addInterceptors方法
public class MyInterceptor implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println("preHandle11 interceptor..........."); return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { System.out.println("postHandle11 interceptor..........."); } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { System.out.println("afterCompletion11 interceptor..........."); } }
@Configuration public class MyMvcConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { //对来自 /api/** 链接的请求进行拦截,对登录请求/api/login不进行拦截 String[] addPathPatterns = {"/**", "/api/**", "/boot/**"}; registry.addInterceptor(new MyInterceptor()) .addPathPatterns(addPathPatterns) .excludePathPatterns("/api/login", "/web/test"); //另外一个拦截器 /*registry.addInterceptor(new HeInterceptor()) .addPathPatterns(addPathPatterns) .excludePathPatterns("/api/login", "/web/test");*/ } }
三、springboot打war包
1、程序入口类继承SpringBootServletInitializer
2、程序入口类覆盖如下方法
@Override protected SpringApplicationBuilder configure(SpringApplicationBuilder builder) { return builder.sources(getClass()).bannerMode(Banner.Mode.OFF); }
3、pom文件修改:排除调servlet-api、starter-tomcat等jar包(maven依赖的scope属性设置),打包方式改为war,添加打war插件
<!-- 打包方式 -->
<packaging>war</packaging>
<!-- 依赖servlet包排除 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
<scope>provided</scope> <!-- 编译测试时依赖,打包时排除 -->
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<scope>provided</scope>
</dependency>
<-- 打包插件 -->
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.8.1</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
<showWarnings>true</showWarnings>
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>3.2.3</version>
<configuration>
<warName>${project.artifactId}</warName>
<failOnMissingWebXml>false</failOnMissingWebXml> --表示不用web.xml也可启动web
</configuration>
</plugin>
</plugins>
或使用springboot打包插件:
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
如果jsp项目可以添加如下配置:(避免一些资源没有打到包里面去)
<resources>
<resource> <!--源文件位置--> <directory>src/main/java</directory> <includes> <!--要把哪些文件编译过去.*.*表示所有--> <include>**/*.xml</include> </includes> </resource> <resource> <!--源文件位置--> <directory>src/main/resources</directory> <includes> <!--要把哪些文件编译过去.*.*表示所有--> <include>**/*.*</include> </includes> </resource> <resource> <!--源文件位置--> <directory>src/main/webapp</directory> <!--编译到META-INF/resources目录下--> <targetPath>META-INF/resources</targetPath> <includes> <!--要把哪些文件编译过去.*.*表示所有--> <include>**/*.*</include> </includes> </resource>
</resources>
四、springboot打jar包
对Jsp的支持有一些限制,打的jar不支持jsp访问;
1、Spring boot程序打jar包,在pom.xml文件加入如下Spring boot的maven插件:
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<!--使用1.4.2版本打jar包,jsp页面才能访问,否则访问不到-->
<version>1.4.2.RELEASE</version>
</plugin>
</plugins>
</build>
2、jsp项目需要额外添加jsp相关依赖。如:
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-jasper</artifactId>
</dependency>
3、使用mvn package打jar包
五、SpringBoot配置SSL(https)
SpringBoot可以通过在application.properties或application.yml配置文件中配置各种server.ssl.*属性来声明性使用SSL(https),比如下面的例子在application.properties中设置SSL属性:
server: port: 8443 #配置https的端口 ssl: key-store: classpath:tomcat.pkcs12 #配置https的证书位置 key-store-password: 123456 #证书的密码(在生成证书的时候会指定一个密码) key-store-type: pkcs12 #执行证书的类型(pkcs12和jks,pkcs12通用,jks仅jdk专用)
如果使用了上面的配置就表示springboot应用程序不再在端口8080上支持HTTP连接请求,SpringBoot不能通过配置application.properties来实现既支持HTTP连接又支持HTTPS连接,这是做不到的,如果要同时支持HTTP和HTTPS,则需要以编程方式配置其中的一个,建议使用application.properties文件来配置HTTPS,以编程方式配置HTTP,这是比较容易的方法
SpringBoot jar包支持配置https具体步骤(war可不用改程序,需要改tomcat配置):
1、生成证书,可以使自签名证书(平时测试的时候)或者从SSL证书授权中心购买证书(上线)
2、配置springboot ssl
server: port: 8443 ssl: key-store: classpath:tomcat.pkcs12 key-store-password: 123456 key-store-type: pkcs12
3、配置springboot支持http访问,并自动跳转https(非必须,仅需http访问时添加该配置)
@Configuration public class SslConfig { @Value("${server.port:8443}") private int httpsPort; @Value("${server.httpport:8080}") private int httpPort; /** * 配置http访问自动跳转https */ @Bean public TomcatServletWebServerFactory servletContainer() { TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { @Override protected void postProcessContext(Context context) { SecurityConstraint securityConstraint = new SecurityConstraint(); securityConstraint.setUserConstraint("CONFIDENTIAL"); SecurityCollection collection = new SecurityCollection(); collection.addPattern("/*"); securityConstraint.addCollection(collection); context.addConstraint(securityConstraint); } }; //非必须,若让http访问自动重定向到https需要添加该配置 tomcat.addAdditionalTomcatConnectors(createHttpConnector()); return tomcat; } /** * 创建http连接器 * * @return */ private Connector createHttpConnector() { Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); connector.setScheme("http"); // http端口 connector.setPort(httpPort); connector.setSecure(false); // https端口 connector.setRedirectPort(httpsPort); return connector; } }
附:jdk工具生成自签名证书
keytool -genkey -keyalg RSA -keystore tomcat.jks #jks专有格式
keytool -importkeystore -srckeystore tomcat.jks -destkeystore tomcat.pkcs12 -deststoretype pkcs12 #转换为pkcs12行业标准格式
证书生成后我们可以验证下jks是否包含了完整的证书链:
keytool -list -v -keystore tomcat.jks
keytool -list -v -keystore tomcat.pkcs12
tomcat配置https另行查阅
