spring mvc 自定义注解ResponseEncryptBody、RequestDecryptBody统一处理加密、解密数据,供移动端使用的rest服务

最新推荐文章于 2024-08-02 13:42:58 发布
最新推荐文章于 2024-08-02 13:42:58 发布
阅读量8.7k 收藏 4
点赞数 3
分类专栏: Spring spring 不一样的基础
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/doctor_who2004/article/details/52935355
版权

spring mvc 自定义注解ResponseEncryptBody、RequestDecryptBody统一处理加密、解密数据,供移动端使用的rest服务


起源

项目中spring web服务为移动端提供rest接口,很多接口需要加密、解密它们之间的数据传输,现老代码一般是在@Controller层每个request的开始和结尾处做的加密解密操作,这样的代码重复度很高,而且不利于更好的利用Spring框架的HttpMessageConverter达到java丰富类型的自动转换。

解决

    Spring利用RequestBody、ResponseBody注解起到rest服务接口数据格式的自动转换,所以我只需要提供类似的注解RequestDecryptBody、ResponseEncryptBody注解,来达到我的目的。 


/*
 * Copyright 2016    https://github.com/sdcuike Inc. 
 * All rights reserved.
 *
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.doctor.springmvc.extend;

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * json解密后的消息
 * 
 * @author sdcuike
 *
 *         Created At 2016年10月26日 下午8:56:27
 */
@Documented
@Target(ElementType.PARAMETER)
@Retention(RetentionPolicy.RUNTIME)
public @interface RequestDecryptBody {

}



/*
 * Copyright 2016    https://github.com/sdcuike Inc. 
 * All rights reserved.
 *
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.doctor.springmvc.extend;

import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;

/**
 * 返回json信息加密
 * 
 * @author sdcuike
 *
 *         Created At 2016年10月26日 下午8:54:08
 */
@Documented
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface ResponseEncryptBody {

}


为了处理自定义的注解,我们需要扩展RequestResponseBodyMethodProcessor: 

/*
 * Copyright 2016    https://github.com/sdcuike Inc. 
 * All rights reserved.
 *
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.doctor.springmvc.extend;

import java.io.IOException;
import java.lang.reflect.Type;
import java.util.List;

import javax.servlet.http.HttpServletRequest;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.core.annotation.AnnotatedElementUtils;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.http.converter.HttpMessageNotWritableException;
import org.springframework.web.HttpMediaTypeNotAcceptableException;
import org.springframework.web.HttpMediaTypeNotSupportedException;
import org.springframework.web.context.request.NativeWebRequest;
import org.springframework.web.method.support.ModelAndViewContainer;
import org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor;

/**
 * 自定义注解处理器
 * 
 * @author sdcuike
 *
 *         Created At 2016年10月26日 下午9:44:25
 */
public class RequestDecryptResponseEncryptBodyMethodProcessor extends RequestResponseBodyMethodProcessor {

    private final Logger log = LoggerFactory.getLogger(getClass());

    public RequestDecryptResponseEncryptBodyMethodProcessor(List<HttpMessageConverter<?>> converters) {
        super(converters);
    }

    @Override
    public boolean supportsParameter(MethodParameter parameter) {
        return parameter.hasParameterAnnotation(RequestDecryptBody.class);
    }

    @Override
    public boolean supportsReturnType(MethodParameter returnType) {
        return (AnnotatedElementUtils.hasAnnotation(returnType.getContainingClass(), ResponseEncryptBody.class) ||
                returnType.hasMethodAnnotation(ResponseEncryptBody.class));
    }

    @Override
    public void handleReturnValue(Object returnValue, MethodParameter returnType, ModelAndViewContainer mavContainer, NativeWebRequest webRequest) throws IOException, HttpMediaTypeNotAcceptableException, HttpMessageNotWritableException {
        log.info("RequestURI:{}", webRequest.getNativeRequest(HttpServletRequest.class).getRequestURI());
        super.handleReturnValue(returnValue, returnType, mavContainer, webRequest);
    }

    @Override
    protected <T> Object readWithMessageConverters(NativeWebRequest webRequest, MethodParameter methodParam, Type paramType) throws IOException, HttpMediaTypeNotSupportedException, HttpMessageNotReadableException {
        log.info("RequestURI:{}", webRequest.getNativeRequest(HttpServletRequest.class).getRequestURI());
        return super.readWithMessageConverters(webRequest, methodParam, paramType);
    }

}

代码中: 

  @Override
    public boolean supportsParameter(MethodParameter parameter) {
        return parameter.hasParameterAnnotation(RequestDecryptBody.class);
    }

    @Override
    public boolean supportsReturnType(MethodParameter returnType) {
        return (AnnotatedElementUtils.hasAnnotation(returnType.getContainingClass(), ResponseEncryptBody.class) ||
                returnType.hasMethodAnnotation(ResponseEncryptBody.class));
    }


 主要对自定义注解的处理支持。

 RequestDecryptResponseEncryptBodyMethodProcessor起到了对自定义注解处理的作用,我们还需要扩展HttpMessageConverter,让RequestDecryptResponseEncryptBodyMethodProcessor用我们自定义的HttpMessageConverter对数据进行加密、解密处理。

 利用fastjson中的FastJsonHttpMessageConverter4来做json的序列化操作,所以现在要对该类扩展处理: 

package com.doctor.springmvc.extend;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import org.springframework.beans.factory.InitializingBean;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.HttpOutputMessage;
import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.http.converter.HttpMessageNotWritableException;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.method.support.HandlerMethodReturnValueHandler;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter;
import org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.support.config.FastJsonConfig;
import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter4;

/**
 * 
 * @author sdcuike
 *
 *         Created At 2016年10月26日 下午11:53:32
 */
public class DecryptEncryptFastJsonHttpMessageConverter extends FastJsonHttpMessageConverter4 implements InitializingBean {

    private RequestDecryptResponseEncryptBodyProcessor requestDecryptResponseEncryptBodyProcessor;

    public void setRequestDecryptResponseEncryptBodyProcessor(RequestDecryptResponseEncryptBodyProcessor requestDecryptResponseEncryptBodyProcessor) {
        this.requestDecryptResponseEncryptBodyProcessor = requestDecryptResponseEncryptBodyProcessor;
    }

    public RequestDecryptResponseEncryptBodyProcessor getRequestDecryptResponseEncryptBodyProcessor() {
        return requestDecryptResponseEncryptBodyProcessor;
    }

    public DecryptEncryptFastJsonHttpMessageConverter() {
        super();
    }

    @Override
    public Object read(Type type, Class<?> contextClass, HttpInputMessage inputMessage) throws IOException, HttpMessageNotReadableException {

        InputStream in = inputMessage.getBody();
        FastJsonConfig fastJsonConfig = getFastJsonConfig();
        if (requestDecryptResponseEncryptBodyProcessor != null) {
            String input = requestDecryptResponseEncryptBodyProcessor.decryptRequestBody(inputMessage, fastJsonConfig.getCharset());

            byte[] bytes = input.getBytes(fastJsonConfig.getCharset());
            return JSON.parseObject(bytes, 0, bytes.length, fastJsonConfig.getCharset(), type, fastJsonConfig.getFeatures());
        }
        return JSON.parseObject(in, fastJsonConfig.getCharset(), type, fastJsonConfig.getFeatures());
    }

    @Override
    protected void writeInternal(Object obj, Type type, HttpOutputMessage outputMessage) throws IOException, HttpMessageNotWritableException {
        HttpHeaders headers = outputMessage.getHeaders();
        ByteArrayOutputStream outnew = new ByteArrayOutputStream();
        FastJsonConfig fastJsonConfig = getFastJsonConfig();

        if (requestDecryptResponseEncryptBodyProcessor != null) {
            String jsonString = JSON.toJSONString(obj,
                    fastJsonConfig.getSerializeConfig(),
                    fastJsonConfig.getSerializeFilters(),
                    fastJsonConfig.getDateFormat(),
                    JSON.DEFAULT_GENERATE_FEATURE, //
                    fastJsonConfig.getSerializerFeatures());
            obj = requestDecryptResponseEncryptBodyProcessor.encryptResponseBody(jsonString, headers, fastJsonConfig.getCharset());
        }

        int len = JSON.writeJSONString(outnew, //
                fastJsonConfig.getCharset(), //
                obj, //
                fastJsonConfig.getSerializeConfig(), //
                fastJsonConfig.getSerializeFilters(), //
                fastJsonConfig.getDateFormat(), //
                JSON.DEFAULT_GENERATE_FEATURE, //
                fastJsonConfig.getSerializerFeatures());
        headers.setContentLength(len);
        OutputStream out = outputMessage.getBody();
        outnew.writeTo(out);
        outnew.close();
    }

    @Override
    protected Object readInternal(Class<? extends Object> clazz, HttpInputMessage inputMessage) throws IOException, HttpMessageNotReadableException {

        InputStream in = inputMessage.getBody();
        FastJsonConfig fastJsonConfig = getFastJsonConfig();
        if (requestDecryptResponseEncryptBodyProcessor != null) {
            String input = requestDecryptResponseEncryptBodyProcessor.decryptRequestBody(inputMessage, fastJsonConfig.getCharset());
            return JSON.parseObject(input.getBytes(fastJsonConfig.getCharset()), 0, input.length(), fastJsonConfig.getCharset(), clazz, fastJsonConfig.getFeatures());
        }
        return JSON.parseObject(in, fastJsonConfig.getCharset(), clazz, fastJsonConfig.getFeatures());

    }

    @Resource
    private RequestMappingHandlerAdapter requestMappingHandlerAdapter;

    @Override
    public void afterPropertiesSet() throws Exception {
        // 重新排列处理方法,不然map会先处理,从而加密不了数据
        List<HandlerMethodReturnValueHandler> handlers = new ArrayList<HandlerMethodReturnValueHandler>(requestMappingHandlerAdapter.getReturnValueHandlers());

        int requestResponseBodyMethodProcessorIndex = 0;
        int requestDecryptResponseEncryptBodyMethodProcessorIndex = 0;
        RequestDecryptResponseEncryptBodyMethodProcessor requestDecryptResponseEncryptBodyMethodProcessor = null;
        for (int i = 0, length = handlers.size(); i < length; i++) {
            HandlerMethodReturnValueHandler handler = handlers.get(i);
            if (handler instanceof RequestDecryptResponseEncryptBodyMethodProcessor) {
                requestDecryptResponseEncryptBodyMethodProcessor = (RequestDecryptResponseEncryptBodyMethodProcessor) handler;
                requestDecryptResponseEncryptBodyMethodProcessorIndex = i;
            } else if (handler instanceof RequestResponseBodyMethodProcessor) {
                requestResponseBodyMethodProcessorIndex = i;
            }

        }

        if (requestDecryptResponseEncryptBodyMethodProcessor != null) {
            handlers.remove(requestDecryptResponseEncryptBodyMethodProcessorIndex);
            handlers.add(requestResponseBodyMethodProcessorIndex + 1, requestDecryptResponseEncryptBodyMethodProcessor);
        }

        requestMappingHandlerAdapter.setReturnValueHandlers(handlers);

        //
        List<HandlerMethodArgumentResolver> argumentResolvers = new ArrayList<HandlerMethodArgumentResolver>(requestMappingHandlerAdapter.getArgumentResolvers());
        RequestDecryptResponseEncryptBodyMethodProcessor requestDecryptResponseEncryptBodyMethodProcessor2 = null;
        for (int i = 0, length = argumentResolvers.size(); i < length; i++) {
            HandlerMethodArgumentResolver argumentResolver = argumentResolvers.get(i);
            if (argumentResolver instanceof RequestDecryptResponseEncryptBodyMethodProcessor) {
                requestDecryptResponseEncryptBodyMethodProcessor2 = (RequestDecryptResponseEncryptBodyMethodProcessor) argumentResolver;
                requestDecryptResponseEncryptBodyMethodProcessorIndex = i;
            } else if (argumentResolver instanceof RequestResponseBodyMethodProcessor) {
                requestResponseBodyMethodProcessorIndex = i;
            }
        }

        if (requestDecryptResponseEncryptBodyMethodProcessor2 != null) {
            argumentResolvers.remove(requestDecryptResponseEncryptBodyMethodProcessorIndex);
            argumentResolvers.add(requestResponseBodyMethodProcessorIndex + 1, requestDecryptResponseEncryptBodyMethodProcessor2);
        }

        requestMappingHandlerAdapter.setArgumentResolvers(argumentResolvers);

    }

}


json的处理主要对方法覆盖,添加对加密和解密的处理操作,该功能主要由RequestDecryptResponseEncryptBodyProcessor类处理: 


/*
 * Copyright 2016    https://github.com/sdcuike Inc. 
 * All rights reserved.
 *
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.doctor.springmvc.extend;

import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.Charset;

import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;

/**
 * @author sdcuike
 *
 *         Created At 2016年10月26日 下午11:59:07
 */
public abstract class RequestDecryptResponseEncryptBodyProcessor {

    protected final Logger log = LoggerFactory.getLogger(getClass());

    public final String decryptRequestBody(HttpInputMessage inputMessage, Charset charset) throws IOException {
        InputStream inputStream = inputMessage.getBody();
        String input = IOUtils.toString(inputStream, charset);
        HttpHeaders httpHeaders = inputMessage.getHeaders();
        return doDecryptRequestBody(input, httpHeaders, charset);
    }

    public final String encryptResponseBody(String input, HttpHeaders httpHeaders, Charset charset) {
        return doEncryptResponseBody(input, httpHeaders, charset);
    }

    protected String doDecryptRequestBody(String input, HttpHeaders httpHeaders, Charset charset) {
        return input;
    }

    protected String doEncryptResponseBody(String input, HttpHeaders httpHeaders, Charset charset) {
        return input;
    }

}

该类用了模版方法设计,我们只需要继承该类,覆盖加密、解密相关方法即可。

最后,我们需要对xml配置做处理,添加自己的方法和返回值处理扩展类: 

   <bean
        id="requestDecryptResponseEncryptBodyProcessorImpl"
        class="com.doctor.springmvc.demo.controller.RequestDecryptResponseEncryptBodyProcessorImpl" />

    <bean
        id="decryptEncryptFastJsonHttpMessageConverter"
        class="com.doctor.springmvc.extend.DecryptEncryptFastJsonHttpMessageConverter"
        p:requestDecryptResponseEncryptBodyProcessor-ref="requestDecryptResponseEncryptBodyProcessorImpl" />


    <bean
        id="requestDecryptResponseEncryptBodyMethodProcessor"
        class="com.doctor.springmvc.extend.RequestDecryptResponseEncryptBodyMethodProcessor" >
        <constructor-arg >
        <list>
            <ref bean="decryptEncryptFastJsonHttpMessageConverter"/>
        </list>
        </constructor-arg>
        </bean>

    <mvc:annotation-driven>
        <mvc:message-converters>
            <bean class="com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter4" />
        </mvc:message-converters>
        <mvc:argument-resolvers>
            <ref bean="requestDecryptResponseEncryptBodyMethodProcessor" />
        </mvc:argument-resolvers>
        <mvc:return-value-handlers>
            <ref bean="requestDecryptResponseEncryptBodyMethodProcessor" />
        </mvc:return-value-handlers>
    </mvc:annotation-driven>
<mvc:argument-resolvers>、<mvc:return-value-handlers> 的配置,就是为了让spring框架支持我们自定义的注解处理。




Dreamer who
关注
专栏目录
Spring Cloud与微服务学习总结(9)——Spring Cloud面试题汇总
科技D人生
02-26 856
为什么需要学习Spring Cloud 不论是商业应用还是用户应用,在业务初期都很简单,我们通常会把它实现为单体结构的应用。但是,随着业务逐渐发展,产品思想会变得越来越复杂,单体结构的应用也会越来越复杂。这就会给应用带来如下的几个问题: 代码结构混乱:业务复杂,导致代码量很大,管理会越来越困难。同时,这也会给业务的快速迭代带来巨大挑战; 开发效率变低:开发人员同时开发一套代码,很难避免代码冲...
SpringMvc扩展自定义注解实现web加密解密 不侵入业务代码(2)
小学僧的博客
08-16 678
SpringMvc扩展自定义注解实现web解密 不侵入业务代码(2) 1.需求 在项目中spring web服务为外部APP提rest接口,为了 安全考虑 一般会加入自己的验证,常规 的签名+数据加密, 当然一个好的架构师或者负责人会在项目初期会考虑到的问题现老代码一般是在@Controller层每个request的开始和结尾处做的加密解密操作,这样的代码重复度很高,而且不利于更好的利用Sp...
Java注解配置rest服务_spring mvc 自定义注解ResponseEncryptBodyRequestDecryptBody统一处理加密解密数据移动端使用rest服务...
weixin_35275073的博客
02-25 253
package com.doctor.springmvc.extend;import java.io.ByteArrayOutputStream;import java.io.IOException;import java.io.InputStream;import java.io.OutputStream;import java.lang.reflect.Type;import java.uti...
《学会 SpringMVC 系列 · 剖析出参处理
最新发布
山人行
08-02 1326
上一篇博文《学会 SpringMVC 系列 · 剖析入参处理》的学习,大致了解了SpringMVC请求流程中的入参处理环节,接下来介绍出参处理相关分析。后续的几篇博文,会将流程中涉及的若干关键环节单独拿出来讲解,并结合实战中的运用,帮助领略SpringMVC带来的定制和扩展能力。相关博文《学会 SpringMVC 系列 · 基础篇》《学会 SpringMVC 系列 · 剖析篇(上)》《学会 SpringMVC 系列 · 剖析入参处理》《程序猿入职必会(1) · 搭建拥有数据交互的 SpringBoot 》
SpringMvc扩展自定义注解实现web加密解密 (4)----测试工程
小学僧的博客
08-17 742
                                               测试代码 1.把定义的2个类加入到spring中 package com.caigaoqinng.tech.config; import com.caigaoqing.tech.common.support.RequestBodyWrapFactoryBean; import com.caigao...
java 请求加密_如何对Java请求的@requestBody前端加密后端解密?
weixin_33612966的博客
02-12 1561
背景随着 Spring Boot 使用越来越广泛,Spring Boot 已经成为 Java 程序员面试的知识点,很多同学对 Spring Boot 理解不是那么深刻,经常就会被几个连环跑给干趴下了!这一文章主要讲解如何对Java请求的@requestBody前端加密后端解密。为了方便所以我采用的最简单的base64加解密作为讲解。直接上干货。技术讲解Spring处理JSON请求使用@Reque...
springmvc 部分加密通信
Black Shadow
03-30 5209
至于不用HTTPS,本文不讨论,这里给出使用springmvc +http协议,手机客户端加密部分数据只,后台进行统一解密。实现思路就是使用拦截器,使用装饰模式,可以直接使用HttpServletRequestWrapper。
spring-boot-starter-encrypt-example:Spring Boot请求统一解密示例代码
05-01
在IT行业中,Spring Boot是一个非常流行的Java框架,用于快速开发微服务应用。...通过对项目源码的分析和学习,开发者可以更好地理解和掌握Spring Boot的自定义 starter 创建以及加密解密技术的实践。
spring-json-crypt:Spring框架+ REST API +有效负载(JSON加密
05-10
3. **数据流拦截**:使用Spring的Filter或Interceptor,对出站和入站的JSON数据进行拦截,调用加密解密工具进行处理。 4. **安全密钥管理**:确保密钥的安全存储和访问控制,防止未授权访问。 5. **客户端集成**:...
gateway oauth2 对称加密_Spring Security OAuth2 实现 使用JWT-不想当码农的程序员
weixin_39788386的博客
12-22 607
回过头来说一下资源服务 器的问题点吧,这里OAuth2+JWT用的是springsecurity ,具体怎么用springsecurity 搭建资源服务 器我就不说了。这里要讨论的问题是这样的,我们希望在spring mvc中,直接通过如下的形式获得登录用户信息@GetMapping("/me") public Authentication me(OAuth2Authentication...1、...
Spring Cloud 中文文档 参考手册 中文版2018
03-26
Spring Cloud支持与多种编程语言的微服务实现集成,这包括使用RxJava与Spring MVC。同时,它也支持Sidecar模式,允许非JVM语言编写的微服务Spring Cloud基础设施集成。 总的来说,Spring Cloud Dalston文档涉及了...
基于springmvc实现的接口进行json数据自动加解密
菜 头笔记
01-26 6338
需求:接口接收到加密的json数据,然后自动进行解密成json数据后再解析成对象,然后进行业务操作,结果返回json数据自动进行加密操作发送到客户端。 实现接口json数据自动加解密的方法有很多种,可以自定义一个注解,一个加密注解一个解密注解,例如参考这篇文章。或者也可以通过拦截器实现HandlerInterceptor,preHandle 在执行controller处理之前执行解密解析,然
SpringMVC请求参数和响应结果全局加密解密
云之彼端
04-30 700
参考资料: SpringMVC请求参数和响应结果全局加密解密 利用注解+RequestBodyAdvice实现http请求内容加解密 基于RequestBodyAdvice和ResponseBodyAdvice来实现spring中参数的加密解密 利用JsonViewRequestBodyAdvice和JsonViewResponseBodyAdvice 优雅处理对请求体和返回体进行加密解密 ...
SpringBoot--RSA自动加密解密工具
ONROAD0612的博客
08-25 1万+
1 概述 在项目中,为了保证数据的安全,我们常常会对传递的数据进行加密。常用的加密算法包括对称加密(AES)和非对称加密(RSA),这里针对SpringBoot搭建的项目,博主根据SpringBoot自动配置的原理写了一个RSA自动加密工具,实现自动加密返回数据解密传入数据并映射成json。 2 项目结构 上图的项目结构其实和SpringBoot--自动配置Demo实现的项目结构基本一...
pkcs1解密 springboot_SpringBoot 请求消息体解密(通信加密解密
weixin_39864387的博客
12-19 450
介绍在一些安全性要求较高的项目中,我们希望客户端请求数据可以做到数据加密服务器端进行解密。(单纯的HTTPS仍难以满足安全需要。)本文基于SpringBoot针对消息体进行解密,目前仅支持请求消息解密。(响应消息过大情况下,加密会带来严重的性能问题。)流程如下:使用DES cbc模式对称加密请求体。要求客户端请求前加对消息体进行加密服务器端通过SpringMVC Advice拦截请求解密后,传...
token拦截器android_Android:给OHTTP添加Interceptor 拦截器
weixin_29614223的博客
01-14 672
一、前言:1:需求:我们需要对http的请求参数加密,还要对http的返回参数加密,这就需要用到Interceptor 拦截器了。2:OkHttp/Retrofit的实现现在说到网络框架,应该毫无疑问是Retrofit了。上面说的加密方案说到底还是要在网络请求框架内加上,怎么做入侵最小,怎么做最方便才是重点。1、坑定不能直接在接口调用层做加密,加参数,这样每个接口都要修改,这是不可能的。2、Con...
SpringBoot中接口加密解密统一处理
热门推荐
熊诗言的博客
07-27 4万+
项目参见https://gitee.com/xxssyyyyssxx/affect-inoutput 我们与客户端的接口交互中,为了更高的安全性,我们可能需要对接口加密(请求参数加密服务解密)、返回信息加密服务加密,客户端解密),但是也不是所有的接口都这样,有些接口可能不需要,我们可以使用注解来轻松达到此要求。 将接口参数的加密解密和返回信息的加密解密分开,分别定义注解,利用C...
springboot2.2.X手册:防抓包?快速实现API接口数据加密
互联网应用架构
06-08 1298
目录 接口安全防什么 什么是抓包 POM文件 编写加密解密工具类 编写加密注解 编写加密判断类 编写加密拦截 加入密钥 编写加密解密接口 测试 溪云阁:专注编程教学,架构,JAVA,Python,微服务,机器学习等,欢迎关注 上一篇:springboot2.2.X手册:redis的7种类型100个方法全解析 有没有遇到这样子的接口,放到互联网上面去,谁都可以调用,谁都可以访问,完全就是公开的,这样子的接口,如果只是普通的数据,其实可以考虑,只是可以考虑,但是,一般情况下,我们是
SpringMVC系列第18篇:强大的RequestBodyAdvice解密
路人甲Java
10-05 6734
文末可以领取所有系列高清 pdf。大家好,我是路人,这是 SpringMVC 系列第 18 篇。1、前言在实际项目中,有时候我们需要在请求之前或之后做一些操作,比如:对参数进行解密,对所有...
Spring MVC 3.0注解实战:REST风格与数据绑定
Spring MVC 3.0实战指南中,主要讲解了如何利用注解进行数据绑定和路由控制。Spring MVC是一个基于Java的Web MVC框架,它允许开发者通过声明式编程的方式处理HTTP请求,提高了开发效率和代码的可读性。本部分着重...
评论 15
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

Dreamer who

你的鼓励将是我创作的最大动力!

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值