Author: Cherami
Email: cherami@javaresearch.org
Date: 2002.6.2
This article reveals you the work mode and features of the JIVE, including which class is used to do what kind of functionality. Since the content of the JSP page can be seen, how to work, you can know that this article focuses on the functions in the core class, in addition, the author will give a resolution of certain content during the analysis. And your own opinion, I hope to be useful to you. :)
In a large page, only one page is the most critical, that is, golbal.jsp, the reason is because this page is included in the other page, and the feature completed by this page is also the most The key, that is, verify the authorization, and generates forumfactory, other pages are based on the content required by authorization and the ForumFactory, no longer involving the core, all of which are handed over to the two objects and complete the application. The later content will be based on the content of Global.jsp and explore its final implementation.
1. Set the default display parameters, including how many posts and other options per page (these note should be placed in the JIVE core class, as constants, because these values can be modified by modifying the JSP file, The set value has been modified after the configuration file or the database, then there will be contradictions and even lead to the page display error, and some methods are defined in this page, which should also be defined in a class, such as Skinutils. It is a good choice, because the functions of these methods should be Skinutils classes that should be completed.)
2. Call Skinutils.getuseRauthorization (Request, Response) Read the user authorization, first read from the session, if there is, return to the authorization, if there is no, read the automatic login cookie in the client cookie, if there is Cookie extracts the information and calls the decoding method decodeWordCookie to resolve the information (which is required herein is security problem, because although the username and password information existing in cookie is encrypted by some algorithms, this encryption is Reflexible, use Skinutils's DecodeWordCookie method to get its decryption, so if you don't know if you use it alone, don't set up automatic landing, if you don't worry that your password is stealing, then The settings are not related. The password stored in the database does not have to worry about security issues, because the password stored in the database is the use of MD5 encrypted data, even if the system administrator cannot know its cryptographic clear text) and call AuthorizationFactory.GetAuthorization. Username, Password) Complete the authorization (the password here is already a depth of decryption, and it is necessary to explain the process of this generation authorization object to generate a new instance in the system, other generated specific objects in the system. The way is also the same as this, it is worth noting that in the process of generating, it is actually viewed in the configuration file jive_config.xml to specify the class name of the class to be generated, and there is no provision to use the internal DBAUTHORIZATION, such one The great advantage is that you can do not modify the JIVE core class but to implement your own subclass from its interface and specify it in the configuration file, which has great flexibility, use this feature, we can reach the entire system as needed Different implementations, such as user information, etc., stored in the database, and message content can implement XML mode itself, so that database space), otherwise returns null; if Skinutils.getuseRauthorization returns a NULL, authorize to passenger
3, calling ForumFactory.getInstance (authtoken) to get a ForumFactory object, the method creates a new ForumFactoryProxy object based on the authorization, because a Static's ForumFactory object is defined in the FORumFactory class, and GetInstance actually returns the packaged one. The only instance of the object (using an inert initialization method), so actually the entire forum system only has only one forumfactory, and the different users can have different display content and ways because its proxy class ForumFactoryProxy (this agent class can also be seen as FORUMFACTORY WRAPPER will have taken into account according to authorization and user information, which is also the purpose of using a proxy. (A little one feels strange, in the implementation of the FORUMFACTory, the type of userManager and GroupManager members are declared by their interface, while other SearchManager, etc., which use it to implement class DBSEARCHMANAGER, view source code discovery These implementations did not increase what new public methods, only added some protected and private methods, and did not call those methods in DBForumFactory, so they can complete their types to their original interface, so system flexibility And uniformity is also better, but what is the meaning of the code?) 4, if it is not a guest authorization to generate a User object according to its user ID: ForumFactory.getuserManager (). Getuser ()), in In the implementation, first look at whether the user cache function is open. If you do not open, you will generate a new object according to the user ID, otherwise check whether there is such information in the cache, if there is, return, if you don't exist, create a new one Objects and deposit them into the cache. (When viewing the cached implementation, use the usercache as an example, it is a subclass of DatabaseCache, adds a cache member, and DatabaseCache is just a longcache member, and Longcache implements the cacheable interface and in it. Encapsate three set classes: longhashmap and two longlinkedList, represent the cache objects, caching access order, and the order of joining the cache, these classes are all implemented, the author feels that these functions can be by JDK core The combination framework can be implemented, which may be because Jive has no collection framework in early development, so it has been implemented by itself, the author does not carefully study the implementation and characteristics of these collection classes)
5. Call Skinutils.getlastVisited (Request, Response) Get the last access time of the user, the actual working condition is to read from the session, if there is, extract it and store the cookie, if there is no existence, then from the client The cookie finds whether to save the cookie for the last access information, if you are extracted, save the last access time into the session and write a cookie to the client. (This implementation author thinks there is a problem, that is, if the user visits the forum on a computer, then accesses the forum on other computers, the next time he uses the previous computer access forum. The time is actually wrong. The last access time should be presented in the database, which may be the last access time of the author and the understanding of the JIVE Forum. According to its implementation, the last access time should refer to the user The last access time on the same computer?) 6, according to the user settings read the number of messages displayed per page set, no settings use the default.
The two very important classes not mentioned in the above description are PermissionsManager and ForumPermissions. The authorization above is actually a package of the user ID, just acts as a flag, the real permission is granted by PermissionsManager according to the forum ID and user ID granted, PermissionsManager the object as a member of the implementation class DbForumFactory of ForumFactory present, and ForumPermissions as a member of the agent ForumFactoryProxy of ForumFactory present, and that the true instantiation is obtained by getFinalUserPerms method PermissionsManager of DbForumFactory of. During the use of the system, the user ID can change, so its permissions are also changing.
