目录
- 一、jdk17下载安装
- 1、下载
- 2、Jdk17项目环境设置
- 二、依赖升级
- 1、Java17依赖升级
- 2、SpringBoot3.3.0依赖升级
- 3、myBATis-plus3.5.6依赖升级
- 4、SpringSecurity6.3.0依赖升级
- 5、Swagger.3.0依赖升级
- 6、jakarta包替换
- 7、其他
- 三、Swagger3.0升级(OpenAPI)
- 1、配置文件
- 2、使用示例
- 3、swagger2和swagger3主要区别
- 四、SpringSecurity6
- 1、拦截器变化
- 2、过滤器变化
- 五、Maven3.6
- 六、javax替换 Jakarta
- 七、controller请求地址问题
- 八、配置文件修改
本文介绍了由SpringBoot2升级到SpringBoot3.3.0升级方案,新版本的升级可以解决旧版本存在的部分漏洞问题。
一、jdk17下载安装
1、下载
官网下载地址
Java Archive Downloads - Java SE 17
Jdk17下载后,可不设置系统变量java_home,仅在idea的指定项目中设置即可。
2、Jdk17项目环境设置
a).File-->Settings-->Build,Execution,Deployment-->Compiler-->Java Compiler
b).File-->Project Settings-->modules
source和Dependencies均设置为jdk17
c).File-->Plateform Settings-->SDKS
javascript
d).启动类Edit Configuration-->Run/Debug Configurations
二、依赖升级
主要依赖升级和替换引入
Java17 && Spring3.3.0 && mybatis-plus3.5.6 && Spring Security6.3.0 && Swagger3 && jakarta &&maven3.6
1、Java17依赖升级
<properties> <java.version>17</java.version> <mybatis-plus.version>3.5.6</mybatis-plus.version> <flowable.version>7.0.0</flowable.version> </properties>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<source>${java.version}</source>
<target>${java.version}</target>
<encoding>${project.build.sourceEncoding}</encoding>
</configuration>
</plugin>
</plugins>
</build>
2、SpringBoot3.3.0依赖升级
<!-- SpringBoot的依赖配置-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>3.3.0</version>
<type>pom</type>
<scope>import</scope>
</dependency>
3、mybatis-plus3.5.6依赖升级
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>${mybatis-plus.version}</version>
<exclusions>
<exclusion>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>3.0.3</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-core</artifactId>
<version>3.5.6</version>
<scope>compile</scope>
</dependency>
4、SpringSecurity6.3.0依赖升级
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>6.3.0</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>6.3.0</version>
</dependency>
5、Swagger.3.0依赖升级
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>6.1.8</version>
</dependency>
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<arjstifactId>lombok</artifactId>
</dependency>
<!-- openAPI包,替换 Swagger 的 SpringFox -->
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.3.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
6、jakarta包替换
<dependency>
<groupId>jakarta.annotation</groupId>
<artifactId>jakarta.annotation-api</artifactId>
</dependency>
7、其他
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
</dependency>
<dependency>
<groupId>jakarta.validation</groupId>
<artifactId>jakarta.validation-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
</dependency>
<dependency>
<groupId>com.fasterXML.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
</dependency>
版本查看:
- mvn -version
- java -version
三、Swagger3.0升级(OpenAPI)
1、配置文件
OpenAPIConfig.java
package com.inspur.web.core.config;
import io.swagger.v3.oas.models.ExternalDocumentation;
import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.info.Info;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @author:http://www.devze.com Inspur
* @datetime: 2024/3/26
* @desc:
*/
@Configuration
public class OpenAPIConfig {
@Bean
public OpenAPI openAPI() {
return new OpenAPI()
.info(new Info()
.title("接口文档标题")
.description("SpringBoot3 集成 Swagger3接口文档")
.version("v1"))
.externalDocs(new ExternalDocumentation()
.description("项目API文档")
.url("/"));
}
}
2、使用示例
SwaggerController.java
import io.swagger.v3.oas.annotations.Hidden;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.Parameters;
import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.web.bind.annotation.*;
/**
* @author: zjl
* @datetime: 2024/3/26
* @desc:
*/
@Tag(name = "控制器:测试Swagger3", description = "描述:测试Swagger3")
@RestController
public class SwaggerController {
@Operation(summary = "测试Swagger3注解方法Get")
@Parameters({@Parameter(name = "id",description = "编码"),
@Parameter(name = "headerValue",description = "header传送内容")})
@ApiResponses({
@ApiResponse(responseCode = "200", description = "请求成功"),
@ApiResponse(responseCode = "400", description = "请求参数没填好"),
@ApiResponse(responseCode = "401", description = "没有权限"),
@ApiResponse(responseCode = "403", description = "禁止访问"),
@ApiResponse(responseCode = "404", description = "请求路径没有或页面跳转路径不对")
})
@GetMapping(value = "/swagger/student")
public Object getStudent(@RequestParam @Parameter(example = "2") String id,
@RequestHeader @Parameter(example = "2") String headerValue){
return id;
}
@Operation(summary = "测试Swagger3注解方法Post")
@ApiResponses({
@ApiResponse(responseCode = "200", description = "请求成功"),
@ApiResponse(responseCode = "400", description = "请求参数没填好"),
@ApiResponse(responseCode = "401", description = "没有权限"),
@ApiResponse(responseCode = "403", description = "禁止访问"),
@ApiResponse(responseCode = "404", description = "请求路径没有或页面跳转路径不对")
})
@PostMapping(value = "/swagger/student", produces = "application/json")
public SwaggerApiModel updateStudent(@RequestBody SwaggerApiModel model){
return model;
}
/**
* swagger 不暴漏该 api,通过@Hidden隐藏
* 但是仍然可以访问
* @return
*/
@Hidden
@GetMapping(value = "/swagger/hiddenApi")
public String hiddenApi(){
return "hiddenApi";
}
/**
* swagger 暴漏该 api,没有配置@Hidden会展示
* @return
*/
@GetMapping(value = "/swagger/noHiddenApi")
public String noHiddenApi(){
return "noHiddenApi";
}
}
3、swagger2和swagger3主要区别
四、SpringSecurity6
1、拦截器变化
extends HandlerInterceptorAdapter
==>
implements HandlerInterceptor
自定义拦截器
implements WebMvcConfigurer
==>
extends WebMvcConfigurationSupport
跨域配置eg:ResourceConfig.java:
addAllowedOrigin ==>
addAllowedOriginPattern
@Configuration
public class ResourcesConfig implements WebMvcConfigurer
{
@Bean
public CorsFilter corsFilter()
{
// 设置访问源地址
// config.addAllowedOrigin("*");
config.addAllowedOriginPattern("*");
}
}
2、过滤器变化
antMatchers ==> requestMatchers
匹配地址时 “**”==> “*”
示例:
Spring2:
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
@Bean
@Override
public AuthenticationManager authejsnticationManagerBean() throws Exception
{
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception
{
httpSecurity
// CSRF禁用,因为不使用session
.csrf().disable()
// 认证失败处理类
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
// 基于token,所以不需要session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 过滤请求
.authorizeReque编程sts()
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
.antMatchers("/login","/loginApp", "/appLogin","/register", "/captchaImage","/factory/getPublicKey").anonymous()
.antMatchers(
HttpMethod.GET,
"/",
"/*.html",
"/**/*.html",
"/**/*.css",
"/**/*.js",
"/profile/**"
).permitAll()
.antMatchers("/common/download**").anonymous()
// 除上面外的所有请求全部需要鉴权认证
.anyRequest().authenticated()
.and()
.headers().frameOptions().disable();
httpSecurity.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
// 添加JWT filter
httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
// 添加CORS filter
httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception
{
auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
}
}
/**
* 强散列哈希加密实现
*/
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder()
{
return new BCryptPasswordEncoder();
}
}
Spring3:
@Configuration
@EnableWebSecurity
@AllArgsConstructor
@EnableMethodSecurity
public class SecurityConfig
{
@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
// CSRF禁用,因为不使用session
.csrf().disable()
// 禁用HTTP响应标头
.headers().cacheControl().disable().and()
// 认证失败处理类
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
// 基于token,所以不需要session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 过滤请求
.authorizeRequests()
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
// // 对于登录login 注册register 验证码captchaImage 允许匿名访问
.requestMatchers("/login","/loginApp", "/appLogin","/register", "/captchaImage","/factory/getPublicKey").anonymous()
.requestMatchers(
HttpMethod.GET,
"/",
"/*.html",
"/*/*.html",
"/*/*.css",
"/*/*.js",
"/profile/**"
).permitAll()
.requestMatchers("/common/download**").anonymous()
// 除上面外的所有请求全部需要鉴权认证
.anyRequest().authenticated()
.and()
.headers().frameOptions().disable();
// 添加Logout filter
http.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
// 添加JWT filter
http.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
// 添加CORS filter
http.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
http.addFilterBefore(corsFilter, LogoutFilter.class);
}
/**
* 强散列哈希加密实现
*/
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder()
{
return new BCryptPasswordEncoder();
}
}
五、Maven3.6
六、javax替换 Jakarta
批量替换:
javax.persistence.* -> jakarta.persistence.*
javax.validation.* -> jakarta.validation.*
javax.servlet.* -> jakarta.servlet.*
javax.annotation.* -> jakarta.annotation.*
javax.transaction.* -> jakarta.transaction.*
import javax. ==> import jakarta.
或者使用idea工具:Refactor==>Migrate
七、controller请求地址问题
对于GetMapping方法,@PathVariable(“roleId”) 需要注明变量名
public AJAXResult getInfo(@PathVariable Long roleId)
==>
public AjaxResult getInfo(@PathVariable("roleId") Long roleId)
八、配置文件修改
# swagger3
spring:
mvc:
pathmatch:
matching-strategy: ant_path_matcher
# 升级后可能导致不支持Bean的注入依赖,可以在配置文件解决
main:
allow-circular-references: true #允许循环依赖
到此这篇关于SpringBoot3.3.0升级方案的文章就介绍到这了,更多相关SpringBoot3.3.0升级内容请搜索编程客栈(www.devze.com)以前的文章或继续浏览下面的相关文章希望大家以后多多支持编程客栈(www.devze.com)!
加载中,请稍侯......
精彩评论