Jforum请求流程


请求的流程也是在类net.jforum.JForum.java中:
public class JForum extends JForumBaseServlet {	
	public void service(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException
	{
		Writer out = null;
		JForumContext forumContext = null;
		RequestContext request = null;
		ResponseContext response = null;
		String encoding = SystemGlobals.getValue(ConfigKeys.ENCODING);

		try {
			// Initializes the execution context
			JForumExecutionContext ex = JForumExecutionContext.get();

			request = new WebRequestContext(req);
            response = new WebResponseContext(res);

			this.checkDatabaseStatus();

            forumContext = new JForumContext(request.getContextPath(),
                SystemGlobals.getValue(ConfigKeys.SERVLET_EXTENSION),
                request,
                response
            );
            ex.setForumContext(forumContext);

            JForumExecutionContext.set(ex);
            // 准备freemarker数据模型
			// Setup stuff
			SimpleHash context = JForumExecutionContext.getTemplateContext();
			
			ControllerUtils utils = new ControllerUtils();
			utils.refreshSession();
			
			context.put("logged", SessionFacade.isLogged());
			
			//加载当前用户的权限到cache中
			// Process security data
			SecurityRepository.load(SessionFacade.getUserSession().getUserId());

			utils.prepareTemplateContext(context, forumContext);
			//取得请求的模块
			String module = request.getModule();
			//取得模块对应的处理类
			// Gets the module class name
			String moduleClass = module != null 
				? ModulesRepository.getModuleClass(module) 
				: null;
			//请求中模块为空,向客户端返回找不到页面的错.
			if (moduleClass == null) {
				// Module not found, send 404 not found response
				response.sendError(HttpServletResponse.SC_NOT_FOUND);
			}
			else {
				//判断客户端地址是否是被禁止了
				boolean shouldBan = this.shouldBan(request.getRemoteAddr());
				
				if (!shouldBan) {
					//正常的请求
					context.put("moduleName", module);
					context.put("action", request.getAction());
				}
				else {
					//被禁止的请求,更改请求的模块为forums,action为banded,即请求路径为:/forums/banned
					moduleClass = ModulesRepository.getModuleClass("forums");
					context.put("moduleName", "forums");
					((WebRequestContext)request).changeAction("banned");
				}
				
				if (shouldBan && SystemGlobals.getBoolValue(ConfigKeys.BANLIST_SEND_403FORBIDDEN)) {
					//被禁止的请求,向客户端返回禁止访问页面
					response.sendError(HttpServletResponse.SC_FORBIDDEN);
				}
				else {
					//正常的请求,将请求代理为具体的命令执行
					context.put("language", I18n.getUserLanguage());
					context.put("session", SessionFacade.getUserSession());
					context.put("request", req);
					context.put("response", response);
					
					out = this.processCommand(out, request, response, encoding, context, moduleClass);
				}
			}
		}
		catch (Exception e) {
			//异常处理:设置允许事务回滚,向异常页面输出异常信息
			this.handleException(out, response, encoding, e, request);
		}
		finally {
			this.handleFinally(out, forumContext, response);
		}		
	}
	private void handleFinally(Writer out, JForumContext forumContext, ResponseContext response) throws IOException
	{
		//关闭输出流
		try {
			if (out != null) { out.close(); }
		}
		catch (Exception e) {
		    // catch close error 
		}
		//获取重定向页面
		String redirectTo = JForumExecutionContext.getRedirectTo();
		//对数据库连接进行事务回滚或提交,并释放连接
		JForumExecutionContext.finish();
		
		if (redirectTo != null) {
			//将请求重定向到指定页
			if (forumContext != null && forumContext.isEncodingDisabled()) {
				response.sendRedirect(redirectTo);
			} 
			else {
				response.sendRedirect(response.encodeRedirectURL(redirectTo));
			}
		}
	}

	private void handleException(Writer out, ResponseContext response, String encoding, 
		Exception e, RequestContext request) throws IOException
	{
		//设置允许事务回滚
		JForumExecutionContext.enableRollback();
		//向异常页面输出异常信息
		if (e.toString().indexOf("ClientAbortException") == -1) {
			response.setContentType("text/html; charset=" + encoding);
			if (out != null) {
				new ExceptionWriter().handleExceptionData(e, out, request);
			}
			else {
				new ExceptionWriter().handleExceptionData(e, new BufferedWriter(new OutputStreamWriter(response.getOutputStream())), request);
			}
		}
	}
	/**
	 * 判断用户地址,或者用户账号被列入禁止列表
	 */
	private boolean shouldBan(String ip)
	{
		Banlist b = new Banlist();
		
		b.setUserId(SessionFacade.getUserSession().getUserId());
		b.setIp(ip);
		
		return BanlistRepository.shouldBan(b);
	}
	private Writer processCommand(Writer out, RequestContext request, ResponseContext response, 
			String encoding, SimpleHash context, String moduleClass) throws Exception
	{
		//根据模块的类名,实例化相应的命令,一个请求对应一个实例,利用反射生成类的实例
		// Here we go, baby
		Command c = this.retrieveCommand(moduleClass);
		Template template = c.process(request, response, context);

		//不是重定向请求
		if (JForumExecutionContext.getRedirectTo() == null) {
			String contentType = JForumExecutionContext.getContentType();
			
			if (contentType == null) {
				contentType = "text/html; charset=" + encoding;
			}
			
			response.setContentType(contentType);
			
			//如果不是请求的二进程文件,向输出流中输出模板处理的结果,即返回请求的结果页面
			// Binary content are expected to be fully 
			// handled in the action, including outputstream
			// manipulation
			if (!JForumExecutionContext.isCustomContent()) {
				out = new BufferedWriter(new OutputStreamWriter(response.getOutputStream(), encoding));
				template.process(JForumExecutionContext.getTemplateContext(), out);
				out.flush();
			}
		}
		
		return out;
	}
}

public class ControllerUtils
{
	/**
	 * 用户没有登录:如果配置了自动登录,则进行自动登录,否则则生成一个匿名用户登录
	 */
	public void refreshSession()
	{
		UserSession userSession = SessionFacade.getUserSession();
		RequestContext request = JForumExecutionContext.getRequest();
	
		if (userSession == null) {// 如果用户还未登录
			userSession = new UserSession();
			userSession.registerBasicInfo();
			userSession.setSessionId(request.getSessionContext().getId());
			userSession.setIp(request.getRemoteAddr());
			SessionFacade.makeUnlogged();
	
			if (!JForumExecutionContext.getForumContext().isBot()) {
				// Non-SSO authentications can use auto login
				if (!ConfigKeys.TYPE_SSO.equals(SystemGlobals.getValue(ConfigKeys.AUTHENTICATION_TYPE))) {// 不是SSO认证
					if (SystemGlobals.getBoolValue(ConfigKeys.AUTO_LOGIN_ENABLED)) {// 如果配置了自动登录
						this.checkAutoLogin(userSession);
					} else {// 没有配置自动登录,生成一个匿名用户
						userSession.makeAnonymous();
					}
				} else {//转向SSO认证
					this.checkSSO(userSession);
				}
			}
	
			SessionFacade.add(userSession);
		} else if (ConfigKeys.TYPE_SSO.equals(SystemGlobals.getValue(ConfigKeys.AUTHENTICATION_TYPE))) {//用户已经登录,且SSO认证
			SSO sso;
			
			try {
				sso = (SSO) Class.forName(SystemGlobals.getValue(ConfigKeys.SSO_IMPLEMENTATION)).newInstance();
			}
			catch (Exception e) {
				throw new ForumException(e);
			}
	
			// If SSO, then check if the session is valid
			if (!sso.isSessionValid(userSession, request)) {//session无效
				SessionFacade.remove(userSession.getSessionId());
				refreshSession();
			}
		} else {// 更新用户在线时长
			SessionFacade.getUserSession().updateSessionTime();
		}
	}
}

核心的处理请求的命令类
public abstract class Command 
{
	public Template process(RequestContext request, ResponseContext response, SimpleHash context)
	{
		this.request = request;
		this.response = response;
		this.context = context;
		//取得对模块的动作,对应为模块处理类的具体方法名
		String action = this.request.getAction();

		if (!this.ignoreAction) {
			try {
				//以无参形式执行请求对应的具体类的某个方法
				this.getClass().getMethod(action, NO_ARGS_CLASS).invoke(this, NO_ARGS_OBJECT);
			}
			catch (NoSuchMethodException e) {		
				//如果请求的方法不存在,默认执行list方法
				this.list();		
			}
			catch (Exception e)
            {
                throw new ForumException(e);
			}
		}

		if (JForumExecutionContext.getRedirectTo() != null) {
			//是重定向请求
			this.setTemplateName(TemplateKeys.EMPTY);
		}
		else if (request.getAttribute("template") != null) {
			//从请求中取得模板名,从缓存中取得模板名对应的具体页面,具体的对应关系在系统初始化时从templatesMapping.properties文件加载,并放到缓存中
			this.setTemplateName((String)request.getAttribute("template"));
		}
		//如果请求的是二进制文件,返回
		if (JForumExecutionContext.isCustomContent()) {
			return null;
		}
		//如果没找到缓存对应的页面,抛出动作对应的模板未找到的未常
		if (this.templateName == null) {
			throw new TemplateNotFoundException("Template for action " + action + " is not defined");
		}

        try {
        	//返回页面的模板
            return JForumExecutionContext.templateConfig().getTemplate(
                new StringBuffer(SystemGlobals.getValue(ConfigKeys.TEMPLATE_DIR)).
                append('/').append(this.templateName).toString());
        }
        catch (IOException e) {
            throw new ForumException( e);
        }
    }
}

你可能感兴趣的:(freemarker,servlet,Security,SSO,Go)