Front-end controller mode

zhaozj2021-02-11  215

The front-end controller processes all requests from users. All users' requests must pass the front-end controller, and only the front-end controller is reordered by the front-end controller to access the corresponding resources only after obtaining the controller authentication. This is a way of security control. In fact, under the J2EE architecture, the linkage of various resources is implemented by XML. All files for all web layer applications must be packaged into a WAR file, and web files are usually some JSP files, and there are also some servlets and javabean. And JSP tags. In a simple web application, you can implement direct access to business methods, or even background database resources, etc. in JSP files. But as an extensible and scalable application, there is a lot of inconvenience. This will have a more detailed argument in MVC mode analysis and application. It is to focus here that the front-end controller mode is implemented in the application. Let's take a look at Front Control class diagram [I]:

Any mode has a context environment (Context), in the front-end controller mode application environment can be distributed, although the controller is only one, it may be a plurality of controller distributed to handle different Control requirements. This distributed control mechanism is implemented by the web configuration file Web.xml. Of course, you can also centralize all requests, and judge the distribution request in a centralized environment. A chain structure can be implemented. This is actually the Chain of Responsibility mode of GOF, further mapped into the J2EE mode directory, strictly speaking in front of us should take filter mode, so that the front end verification can be better processed, but the process of such steps It is easy to cause low efficiency. It takes time because it is necessary to judge the chain. As mentioned earlier, the request is described by the configuration file. Here is the web configuration file in an example program I develop:

1

2

3 Logincheck

4 FrontControlleraa.logincheck

5

6

7 Logincheck

8 / logincheck

9

10

11 Loginfront

12 /login.jsp

13

14

15 Loginfront

16 / test / *

17

18

When there is a client request, the container must read the configuration file to determine the user's access to the resource, and distribute some type of user to the corresponding controller. The 16 line of application is to specify that all files under Test under the sub-directory of the context (developed) must be handed over to a servlet called Loginfront. Map this servlet into a JSP file in 11 lines (you know that JSP is in nature is servlet). At the login.jsp file, it is actually just a user interface. He handed the obtained request to the servlet called Logincheck (there should be a corresponding description in the configuration) - a typical view (JSP implementation) - controller (servlet implementation) Pattern (

). This enables protection of resources in the Test directory. Obviously, one end of the protection of the balance is to achieve protection against the entire visited resource, and the other end is to protect a resource and implement control access. This protection is much more scalable to the addition of the control mechanism in each resource. When the user character changes, the code does not change, and the job is only to change the configuration file. The maintenance of code is relatively independent, especially when developing business logic, because we don't need to focus on other things and centralize the business logic. Of course, there are a variety of strategies for implementation of the controller, which is a servlet policy. The core code is as follows: Package FrontControlleraa;

Import javax.servlet. *;

Import javax.servlet.http. *;

Import java.io. *;

Import java.util. *;

Public class logincheck extends httpservlet {

Static Final Private String content_type = "text / html; charSet = GBK";

// Initialize Global Variables

Public void init () throws servletexception {

}

// Process the http get request

Public void doget (httpservletRequest request, httpservletResponse response) throws servletexception, ioException {

// Services with DOPOST

DOPOST (Request, Response);

}

// Process the http post request

Public void dopost (httpservletRequest request, httpservletResponse response) throws servletexception, ioException {

Response.setContentType (Content_Type);

/ / Get username and password

String ID;

String passwd;

ID = Request.getParameter ("UserName"). Trim ();

Passwd = Request.getParameter ("password"). Trim ();

/ *

Determine the legitimacy and utility of user and password (decision) DISPATCHER VIEW)

If the logic is more, it can be delivered to other controller validation (the Help View mode). Since it is just the use of the front-end controller, this is not a database :)

* /

IF (id.equals ("angss_han" && passwd.equals ("hanchen")) {

// Legal, turn to the available page

Response.sendRedirect ("Other.jsp");

}

Else

// illegally, turn to the error page, can also transfer directly to the landing page again in the actual application

// That is to say as long as it is simply returned.

Response.sendRedirect ("LoginerrorPage.jsp");

PrintWriter out = response.getwriter ();

Out.println ("");

Out.println (" Logincheck </ Title> </ head>);</p> <p>Out.println ("<Body>");</p> <p>Out.println ("<p> The servlet has received a pos. this is the reply. </ p>");</p> <p>Out.println ("</ Body> </ HTML>");</p> <p>}</p> <p>// Clean Up Resources</p> <p>Public void destroy () {</p> <p>}</p> <p>}</p> <p>The explanation of the code has also been annotated above, and there is not much explanation here. Of course, the controller can also be implemented in a simple application, complex applications, often combine the view assistant, an intercepting filter, a Dispatcher View mode application. [ii]</p> <p>Let's discuss the diamese example above [A1] (a commercial system found on some pages lacks user authentication, it is not named here), obviously the program developers noticed the protection of resources, referring to a business application Regardless of safety resource protection is simply felt creepy! However, developers only joined judgment logic in some pages, at least two defects:</p> <p>First, the code coupling is strong</p> <p>Second, the safety is low</p> <p>The previous defect leads to repeated code, adding similar judgment logic in a large number of pages that need to be protected, and must take into account the joining the judgment logic to join the business code, and the previous defect also leads to the maintenance of the code. Big and difficult to expand, especially when needed to adjust a large amount of protection resources, the maintainer has to go deep into each business code, but this coupling suddenly decreases to 0 after using Web.xml;</p> <p>The latter defect has led the developer to hangs a long. If you accidentally, you will "forget" there is a logic. If you have a river embankment, "Zhoumi" considers a loss. In the antforcy, just know the absolute domain name of the resource, you can access the corresponding resources (of course, the page exceptions of code protection) can be accessed by the browser. But in this demonstration we can see, just try to access the resources in the Test subdirectory, any resource, the browser will be repositioned to the landing page. That is to say, unless you first log in, the client should be repositioned to the login page, requiring the user to register or log in to obtain access to the corresponding resource. Of course, the abstract implementation of these safety processes requires clear requirements in the Servlet specification [III], more detailed multi-controller processing can also be written with reference to specifications. The sample code is all passed in WebLogic Server, JBoss, and Apusic debugging. The results show that they support this mechanism for this specification. 1, http://java.sun.com/blueprints/corej2eepatterns/patterns/frontcontroller.html</p> <p>[II], http://java.sun.com/blueprints/corej2eepatterns/patterns/frontcontroller.html</p> <p>In the "Core J2EE Patterns", the Sample Code for the controller implementation strategy</p> <p>[III], Servlet-2_3-FCS-SPEC specification 75 pages</p> <p>[A1] Demo? in</p></div><div class="text-center mt-3 text-grey"> 转载请注明原文地址:https://www.9cbs.com/read-3743.html</div><div class="plugin d-flex justify-content-center mt-3"></div><hr><div class="row"><div class="col-lg-12 text-muted mt-2"><i class="icon-tags mr-2"></i><span class="badge border border-secondary mr-2"><h2 class="h6 mb-0 small"><a class="text-secondary" href="tag-2.html">9cbs</a></h2></span></div></div></div></div><div class="card card-postlist border-white shadow"><div class="card-body"><div class="card-title"><div class="d-flex justify-content-between"><div><b>New Post</b>(<span class="posts">0</span>) </div><div></div></div></div><ul class="postlist list-unstyled"> </ul></div></div><div class="d-none threadlist"><input type="checkbox" name="modtid" value="3743" checked /></div></div></div></div></div><footer class="text-muted small bg-dark py-4 mt-3" id="footer"><div class="container"><div class="row"><div class="col">CopyRight © 2020 All Rights Reserved </div><div class="col text-right">Processed: <b>0.050</b>, SQL: <b>9</b></div></div></div></footer><script src="./lang/en-us/lang.js?2.2.0"></script><script src="view/js/jquery.min.js?2.2.0"></script><script src="view/js/popper.min.js?2.2.0"></script><script src="view/js/bootstrap.min.js?2.2.0"></script><script src="view/js/xiuno.js?2.2.0"></script><script src="view/js/bootstrap-plugin.js?2.2.0"></script><script src="view/js/async.min.js?2.2.0"></script><script src="view/js/form.js?2.2.0"></script><script> var debug = DEBUG = 0; var url_rewrite_on = 1; var url_path = './'; var forumarr = {"1":"Tech"}; var fid = 1; var uid = 0; var gid = 0; xn.options.water_image_url = 'view/img/water-small.png'; </script><script src="view/js/wellcms.js?2.2.0"></script><a class="scroll-to-top rounded" href="javascript:void(0);"><i class="icon-angle-up"></i></a><a class="scroll-to-bottom rounded" href="javascript:void(0);" style="display: inline;"><i class="icon-angle-down"></i></a></body></html><script> var forum_url = 'list-1.html'; var safe_token = '41YWEfgpwtIl5mEExtPPSuWJxkW8vng2f4mTF7Pgd7uHha887GAeYrHbxCyzOfkFeOlSab7uXGdimQOFIyKZCA_3D_3D'; var body = $('body'); body.on('submit', '#form', function() { var jthis = $(this); var jsubmit = jthis.find('#submit'); jthis.reset(); jsubmit.button('loading'); var postdata = jthis.serializeObject(); $.xpost(jthis.attr('action'), postdata, function(code, message) { if(code == 0) { location.reload(); } else { $.alert(message); jsubmit.button('reset'); } }); return false; }); function resize_image() { var jmessagelist = $('div.message'); var first_width = jmessagelist.width(); jmessagelist.each(function() { var jdiv = $(this); var maxwidth = jdiv.attr('isfirst') ? first_width : jdiv.width(); var jmessage_width = Math.min(jdiv.width(), maxwidth); jdiv.find('img, embed, iframe, video').each(function() { var jimg = $(this); var img_width = this.org_width; var img_height = this.org_height; if(!img_width) { var img_width = jimg.attr('width'); var img_height = jimg.attr('height'); this.org_width = img_width; this.org_height = img_height; } if(img_width > jmessage_width) { if(this.tagName == 'IMG') { jimg.width(jmessage_width); jimg.css('height', 'auto'); jimg.css('cursor', 'pointer'); jimg.on('click', function() { }); } else { jimg.width(jmessage_width); var height = (img_height / img_width) * jimg.width(); jimg.height(height); } } }); }); } function resize_table() { $('div.message').each(function() { var jdiv = $(this); jdiv.find('table').addClass('table').wrap('<div class="table-responsive"></div>'); }); } $(function() { resize_image(); resize_table(); $(window).on('resize', resize_image); }); var jmessage = $('#message'); jmessage.on('focus', function() {if(jmessage.t) { clearTimeout(jmessage.t); jmessage.t = null; } jmessage.css('height', '6rem'); }); jmessage.on('blur', function() {jmessage.t = setTimeout(function() { jmessage.css('height', '2.5rem');}, 1000); }); $('#nav li[data-active="fid-1"]').addClass('active'); </script>