=================================
spring-scheduler
=================================
@EnableScheduling => ScheduledAnnotationBeanPostProcessor
registrar = new ScheduledTaskRegistrar();
postProcessAfterInitialization(bean,beanName)
MethodIntrospector.selectMethods(targetClass, @Scheduled);
processScheduled(scheduled, method, bean);
registrar.scheduleCronTask(new CronTask(runnable, new CronTrigger(cron, timeZone))));
taskScheduler.schedule(...);
finishRegistration() //find scheder...
beanFactory.getBeansOfType(SchedulingConfigurer.class);
foreach: SchedulingConfigurer.configureTasks(this.registrar); //SchedulingConfigurer.class
registrar.setTaskScheduler(...); //spring.TaskScheduler or jdk.ScheduledExecutorService
registrar.afterPropertiesSet(); =>scheduleTasks();
scheduleCronTask(task)
taskScheduler.schedule(task.getRunnable(), task.getTrigger())
SchedulingConfigurer.configureTasks(ScheduledTaskRegistrar);
registrar.addCronTask(task);
====================================================
spring-security
====================================================
springboot:
SecurityAutoConfiguration
@Bean SecurityProperties,DefaultAuthenticationEventPublisher
@Import SpringBootWebSecurityConfiguration //@EnableWebSecurity,@ConditionalOnMissingBean(WebSecurityConfiguration.class)
AuthenticationManagerConfiguration -> AuthenticationManager
SecurityDataConfiguration -> SecurityEvaluationContextExtension
SecurityFilterAutoConfiguration -> DelegatingFilterProxyRegistrationBean
EnableWebSecurity
WebSecurityConfiguration & SpringWebMvcImportSelector
setFilterChainProxySecurityConfigurer: webSecurity
springSecurityFilterChain() ***
webSecurity.build(); //AbstractConfiguredSecurityBuilder.build()
init() => for: configurer.init()
configure() => for: configurer.config()
@EnableGlobalAuthentication -> AuthenticationConfiguration
DelegatingFilterProxy.doFilter()
=>FilterChainProxy.doFilterInternal() -> getFilters(fwRequest); 12个
ConcurrentSessionFilter #当出现<session-manage>/<concurrency-control>时
SecurityContextPersistenceFilter >> GenericFilterBean //request.FILTER_APPLIED
SecurityContextHolder.setContext(SecurityContext);
WebAsyncManagerIntegrationFilter
HeaderWriterFilter >> OncePerRequestFilter
CsrfFilter >> OncePerRequestFilter
tokenRepository.loadToken(request);
actualToken = request.getHeader(csrfToken.getHeaderName()); request.getParameter(csrfToken.getParameterName());
LogoutFilter extends GenericFilterBean => SecurityContextLogoutHandler.logout()
AbstractAuthenticationProcessingFilter
UsernamePasswordAuthenticationFilter.attemptAuthentication(request,response) //'/login', POST
DaoAuthenticationProvider.authenticate(authentication); //****** UsernamePasswordAuthenticationToken
retrieveUser(username, authentication) -> userDetailsService.loadUserByUsername(username);
preAuthenticationChecks.check(user); //disable,lock,expire
additionalAuthenticationChecks(user,authen); => passwordEncoder.matches(password...);
postAuthenticationChecks.check(user); //密码过期
if (AuthenticationException e): unsuccessfulAuthentication(request, response, e);
else: createSuccessAuthentication() => add authorities to Authentication;
sessionStrategy.onAuthentication(authResult, request, response);
RedisSessionRegistry.registerNewSession(sessionId, principal); //*****
successfulAuthentication();
SecurityContextHolder.getContext().setAuthentication(authResult);
rememberMeServices.loginSuccess();
SavedRequestAwareAuthenticationSuccessHandler.onAuthenticationSuccess(); //****
BasicAuthenticationFilter >> OncePerRequestFilter
RequestCacheAwareFilter
SecurityContextHolderAwareRequestFilter
request = this.requestFactory.create();
AnonymousAuthenticationFilter //如果不存在则创建
createAuthentication((HttpServletRequest) req)
SecurityContextHolder.getContext().setAuthentication();
SessionManagementFilter
securityContextRepository.saveContext //when (authentication!=null && !isAnonymous)
httpSession.setAttribute(springSecurityContextKey, context);
ExceptionTranslationFilter >> GenericFilterBean *****
FilterSecurityInterceptor >> Filter *****判断权限
attributes = this.obtainSecurityMetadataSource().getAttributes(FilterInvocation);
accessDecisionManager.decide(authenticated, object, attributes); //AffirmativeBased
WebExpressionVoter,RoleVoter,AuthenticatedVoter
SecurityExpressionRoot.hasRole('ROLE_admin')
Mybatis总体框架
核心类
Executor、StatementHandler、ParameterHandler和ResultSetHandler
SqlSessionFactoryBean.buildSqlSessionFactory()
Reference
https://blog.csdn.net/weixin_39494923/article/details/91534658
https://blog.csdn.net/huyiju/article/details/82454735
注意MapperScan会将所有interface做一个代理
MybatisAutoConfiguration
sqlSessionFactory()
SqlSessionFactoryBean.afterPropertiesSet(); //找mapper文件 classpath*:mybatis/mapper/**/*.xml
PathMatchingResourcePatternResolver.getResources(...) //ParallelWebappClassLoader
sqlSessionTemplate()
一、添加
@MapperScan => @Import(MapperScannerRegistrar)
new ClassPathMapperScanner(registry);
scaner.setSqlSessionTemplateBeanName
scaner.doScan();
二、不添加 (找Applocation包下的 @Mapper)
MybatisAutoConfiguration$MapperScannerRegistrarNotFoundConfiguration //@ConditionalOnMissingBean(MapperFactoryBean.class)
new ClassPathMapperScanner(registry);
scanner.setAnnotationClass(Mapper.class);
scaner.doScan();
三、拦截器
ObjectProvider.getIfAvailable(); ->beanFactory.getBean(Type); //Type=Interceptor
SqlSessionInterceptor.invoke()
DefaultSqlSessionFactory.openSession(executorType): DefaultSqlSession
->Configuration.newExecutor(): sqlSession //interceptorChain.pluginAll(excutor);
DefaultSqlSession.selectList(String statement, Object parameter, RowBounds rowBounds)
->CachingExecutor.query(); =>SimpleExecutor.query() //queryFromDatabase
->Configuration.newStatementHandler(): StatementHandler
->new RoutingStatementHandler();
->configuration.newParameterHandler() //interceptorChain.pluginAll(parameterHandler);
->configuration.newResultSetHandler(); //interceptorChain.pluginAll(resultSetHandler);
->interceptorChain.pluginAll(statementHandler); //*****注册插件(共四类)、生成代理类
->Plugin.wrap(target, this); ->Proxy.newProxyInstance(cl, interfaces, new Plugin(target, interceptor, signatureMap));
->RoutingStatementHandler.prepare(connection, timeout);
->RoutingStatementHandler.parameterize(stmt)
默认参数名:
arg0,arg1...
collection
DataSourceAutoConfiguration
new DataSourceInitializer(properties, applicationContext); *****
getBean(DataSource.class);
runSchemaScripts() //"spring.datasource.schema"
runDataScripts(); //"spring.datasource.data"
@ConditionalOnMissingBean({ DataSource.class, XADataSource.class }): //******initiate DataSource
EmbeddedDatabaseConfiguration
PooledDataSourceConfiguration
TomcatDataSourceJmxConfiguration
@import(Registrar)
DataSourceInitializerPostProcessor
beanFactory.getBean(DataSourceInitializer.class);
@import(DataSourcePoolMetadataProvidersConfiguration) //dataSource->getUsage
TomcatDataSourcePoolMetadataProviderConfiguration
HikariPoolDataSourceMetadataProviderConfiguration
CommonsDbcp2PoolDataSourceMetadataProviderConfiguration