mysql 事务和锁
一. ACID特性
在关系型数据库管理系统中,一个逻辑工作单元要成为事务,必须满足这 4 个特性,即所谓的 ACID:原子性(Atomicity)、一致性(Consistency)、隔离性(Isolation)和持久性(Durability)。
mysql 索引原理
mysql 索引原理
一. 索引类型
索引可以提升查询速度,会影响where查询,以及orderby排序。MySQL索引类型如下:
从索引存储结构划分:BTree索引、Hash索引、FULLTEXT全文索引、RTree索引
Spring Security 授权
Spring Security 授权
1.简介
在我们应用系统里面,如果想要控制用户权限,需要有2部分数据
- 系统配置信息数据:写着系统里面有哪些URL,每一个url拥有哪些权限才允许被访问。
- 另一份数据就是用户权限信息:请求用户拥有权限系统用户发送一个请求:系统配置信息和用户权限信息作比对,如果比对成功则允许访问。
2.Spring Security授权
2.1 内置表达式
| Expression | Description |
|---|---|
hasRole(String role) | Returns true if the current principal has the specified role.For example, hasRole('admin')By default if the supplied role does not start with ‘ROLE_’ it will be added. This can be customized by modifying the defaultRolePrefix on DefaultWebSecurityExpressionHandler. |
hasAnyRole(String… roles) | Returns true if the current principal has any of the supplied roles (given as a comma-separated list of strings).For example, hasAnyRole('admin', 'user')By default if the supplied role does not start with ‘ROLE_’ it will be added. This can be customized by modifying the defaultRolePrefix on DefaultWebSecurityExpressionHandler. |
hasAuthority(String authority) | Returns true if the current principal has the specified authority.For example, hasAuthority('read') |
hasAnyAuthority(String… authorities) | Returns true if the current principal has any of the supplied authorities (given as a comma-separated list of strings)For example, hasAnyAuthority('read', 'write') |
principal | Allows direct access to the principal object representing the current user |
authentication | Allows direct access to the current Authentication object obtained from the SecurityContext |
permitAll | Always evaluates to true |
denyAll | Always evaluates to false |
isAnonymous() | Returns true if the current principal is an anonymous user |
isRememberMe() | Returns true if the current principal is a remember-me user |
isAuthenticated() | Returns true if the user is not anonymous |
isFullyAuthenticated() | Returns true if the user is not an anonymous or a remember-me user |
hasPermission(Object target, Object permission) | Returns true if the user has access to the provided target for the given permission. For example, hasPermission(domainObject, 'read') |
hasPermission(Object targetId, String targetType, Object permission) | Returns true if the user has access to the provided target for the given permission. For example, hasPermission(1, 'com.example.domain.Message', 'read') |
2.2 url安全表达式
基于web访问使用表达式保护url请求路径
mysql 架构原理
mysql 架构原理
一. mysql体系架构
MySQLServer架构自顶向下大致可以分网络连接层、服务层、存储引擎层和系统文件层
1.1 网络连接层
客户端连接器(ClientConnectors):提供与MySQL服务器建立的支持。目前几乎支持所有主流的服务端编程技术,例如常见的Java、C、Python、.NET等,它们通过各自API技术与MySQL建立连接
Spring Security 认证
Spring Security 认证
1.示例工程
示例工程见:https://gitee.com/ixinglan/spring-security-demo.git
2.SpringSecurity认证基本原理与认证2种方式
Spring Security功能的实现主要是由一系列过滤器相互配合完成。也称之为过滤器链
2.1 过滤器链介绍
过滤器是一种典型的AOP思想,默认加载15个过滤器(SpringBoot 2.6.3版本 )