因為國外的客戶姓名有&
導致XML格式錯誤
必須使用CDATA把姓名欄位包以來
https://stackoverflow.com/
Example:
The string contains "&" in it.
You can not:
<FL val="Company Name">Dolce & Gabbana</FL>
Therefore, you must use CDATA:
<FL val="Company Name"> <![CDATA["Dolce & Gabbana"]]> </FL>
一般公司電腦連外上網都會透過Proxy Server,編譯Maven專案時需要特別設定Proxy並將Maven網站的SSL憑證匯入到keystore,步驟如下。
(一)
設定Proxy:
settings.xml放在使用者目錄的.m2資料夾
(二)
因為Maven站台使用https連線,需要透過瀏覽器匯出並將此SSL憑證匯入到keystore
參考
https://stackoverflow.com/questions/25911623/problems-using-maven-and-ssl-behind-proxy
Use a browser (I used IE) to go to https://repo.maven.apache.org
Click on lock icon and choose "View Certificate"
Go to the "Details" tab and choose "Save to File"
Choose type "Base 64 X.509 (.CER)" and save it somewhere
Now open a command prompt and type (use your own paths):
keytool -import -file C:\temp\mavenCert.cer -keystore C:\temp\mavenKeystore
(三)
加入以下紅色參數(以執行Spring Boot專案為例)
mvn spring-boot:run -Djavax.net.ssl.trustStore=C:\temp\mavenKeystore
備註:
如果沒有設定 -Djavax.net.ssl.trustStore=會有以下錯誤訊息
Maven sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
https://www.cnblogs.com/xjknight/p/10897849.html
从Spring 3.0开始,现在可以通过在命名空间中设置disable-url-rewriting =“true”来禁用将jsessionid附加到URL的URL重写逻辑。
web.xml方式設定:
<session-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>
Java config方式設定:
servletContext.setSessionTrackingModes(EnumSet.of(SessionTrackingMode.COOKIE));
https://openhome.cc/Gossip/ServletJSP/Cookie.html
https://ajoshow.com/2017/07/19/201707192223/
Spring設定
https://www.itread01.com/content/1558404302.html
public class MainWebAppInitializer implements WebApplicationInitializer {
@Override
public void onStartup(ServletContext sc) throws ServletException {
sc.getSessionCookieConfig().setHttpOnly(true);
sc.getSessionCookieConfig().setSecure(true);
}
}
https://martinfowler.com/articles/richardsonMaturityModel.html
你的REST不是REST?
https://www.ithome.com.tw/voice/128528
Spring HATEOAS
https://spring.io/projects/spring-hateoas
https://openhome.cc/Gossip/Spring/HATEOAS.html
// https://www.baeldung.com/spring-security-session
//同個使用者一次只能一個session登入,重複原本登入的會回應This session has been expired (possibly due to multiple concurrent logins being attempted as the same user).
http.sessionManagement().maximumSessions(1);
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
</dependency>
ref:
https://www.baeldung.com/spring-security-thymeleaf
https://www.thymeleaf.org/doc/articles/springsecurity.html
https://www.marcobehler.com/guides/spring-security
demo code:
https://github.com/imrexhuang/Spring-Boot-Security-Thymeleaf-Demo
https://jcp.org/en/jsr/detail?id=315
https://openhome.cc/Gossip/ServletJSP/Configuration.html
https://zhuanlan.zhihu.com/p/81885441
web.xml使用Spring Boot进行Web开发的时候,按照官方的推荐都是使用内嵌的Servlet容器,和应用一起打包成jar包部署,当然,我们可以使用传统war包来部署,Main Class只需继承org.springframework.boot.web.servlet.support.SpringBootServletInitializer即可(启动时会加载所有ServletContainerlnitializer)。
免去web.xml是通过Servlet 3.0中的javax.servlet.ServletContainerInitializer来实现的,ServletContainerInitializer是提供了一个实现和web.xml类似功能的接口,在应用启动的时候能够通过编程的方式来注册Servlet、Fileter、Listener的功能。
SpringBoot通过Servlet3.0的这个设计,结合SPI机制,在spring-web包下发现META-INF/services/javax.servlet.ServletContainerInitializer实现类:org.springframework.web.SpringServletContainerInitializer从而进行初始化,包括对DispatcherServlet的注册,ContextLoaderListener的注册等等,最终免去web.xml