I'm multing a multi-tenant SaaS web-application in Java, Spring, Struts2 and Hibernate. After a bit of research, i choose to implement multi-tenancy in a shared db, shared schema, shared table approach. And tagging each db-line with a tenantId.
我在Java,Spring,Struts2和Hibernate中挖掘了一个多租户SaaS Web应用程序。经过一番研究,我选择在共享数据库,共享模式,共享表方法中实现多租户。并使用tenantId标记每个db-line。
I have rewritting my application, so Managers and Dao's will take the tenantId as a parameter to only serve the correct db-resources.
我重写了我的应用程序,因此Managers和Dao将把tenantId作为参数来仅提供正确的db-resources。
This works perfect for all view's when getting information. And also for creating new stuff (using the logged in users tenantId to store the info).
在获取信息时,这适用于所有视图。还用于创建新东西(使用登录用户tenantId来存储信息)。
However, for updating and deleting stuff I am not sure how to secure my application. For example: When a user want to edit an object, the url will be: /edit?objectId=x And this is mapped to an action that will retrieve this object by Id. Meaning any logged in user can by url-modification view any object. This i can solve by adding the tenantId to the Dao so if the User tries to view an object outside his tenancy he will get nothing.
但是,为了更新和删除内容,我不确定如何保护我的应用程序。例如:当用户想要编辑对象时,URL将为:/ edit?objectId = x并且这将映射到将通过Id检索此对象的操作。意味着任何登录用户都可以通过url-modification查看任何对象。这可以通过将tenantId添加到Dao中来解决,因此如果用户试图查看他租赁之外的对象,他将什么也得不到。
Ok thats ok then, but about when sending in the edit-form? What if the user modifies the request, messing with the hidden field objectId so the action will receive a request to alter an object not belonging to the users tenancy.
好吧那好吧,但是在发送编辑表格时呢?如果用户修改了请求,弄乱了隐藏字段objectId,那么该操作将收到更改不属于用户租约的对象的请求。
Or if the users url-modifies a delete action /delete?objectId=x
或者,如果用户url-修改删除操作/删除?objectId = x
Basicly I need some way of assure that the logged in user has access to whatever he is trying to do. For all get's its easy. Just putting the tenantId in the where clause. But for updates and deletes i'm not sure what direction to go.
基本上我需要一些方法来确保登录用户可以访问他想要做的任何事情。对于所有人来说,这很简单。只需将tenantId放在where子句中。但是对于更新和删除,我不确定要走哪条路。
I could query the db for every update and delete to see if the users has access to the object, but i'm trying to keep db-interaction to the minimum. So i find it impractical to make an extra db-call for every such action.
我可以在每次更新时查询数据库并删除以查看用户是否有权访问该对象,但我正在尝试将数据库交互保持在最低限度。因此,我发现为每个此类操作进行额外的db调用是不切实际的。
Does anyone have any hints or tips to my issues?
有没有人对我的问题有任何提示或提示?
2 个解决方案
#1
0
The same for reading applies to writing/updating: user can only see/access/change what they own. Your question is more about database that about anything else. The same constraints you apply to viewing data must also apply to writing data.
读取相同也适用于写入/更新:用户只能查看/访问/更改他们拥有的内容。你的问题更多的是关于数据库的事情。您应用于查看数据的相同约束也必须适用于写入数据。
In this case, you don't want to wear the performance of a query first then an update. That's fine, since you can update the database with conditions. Since this seems likely to be database-level in your case you need to know what your database is capable of (to do it in one go). For example, oracle has the merge statement.
在这种情况下,您不希望先更新查询的性能。没关系,因为你可以用条件更新数据库。因为在您的情况下,这似乎可能是数据库级别,您需要知道您的数据库能够做什么(一次性完成)。例如,oracle具有merge语句。
#2
0
I am quite late to this thread and maybe you have already built the solution you were asking here about. Anyway, I have implemented a database-per-tenant multitenant web application using Spring Boot 2 and secured the web access using Spring Security 5. The data access is via Spring JPA (with Hibernate 5 as the JPA provider). Do take a look here.
我这个帖子已经很晚了,也许你已经构建了你在这里问的解决方案。无论如何,我使用Spring Boot 2实现了一个基于数据库的租户多租户Web应用程序,并使用Spring Security 5保护了Web访问。数据访问是通过Spring JPA(Hibernate 5作为JPA提供者)。看看这里。
#1
0
The same for reading applies to writing/updating: user can only see/access/change what they own. Your question is more about database that about anything else. The same constraints you apply to viewing data must also apply to writing data.
读取相同也适用于写入/更新:用户只能查看/访问/更改他们拥有的内容。你的问题更多的是关于数据库的事情。您应用于查看数据的相同约束也必须适用于写入数据。
In this case, you don't want to wear the performance of a query first then an update. That's fine, since you can update the database with conditions. Since this seems likely to be database-level in your case you need to know what your database is capable of (to do it in one go). For example, oracle has the merge statement.
在这种情况下,您不希望先更新查询的性能。没关系,因为你可以用条件更新数据库。因为在您的情况下,这似乎可能是数据库级别,您需要知道您的数据库能够做什么(一次性完成)。例如,oracle具有merge语句。
#2
0
I am quite late to this thread and maybe you have already built the solution you were asking here about. Anyway, I have implemented a database-per-tenant multitenant web application using Spring Boot 2 and secured the web access using Spring Security 5. The data access is via Spring JPA (with Hibernate 5 as the JPA provider). Do take a look here.
我这个帖子已经很晚了,也许你已经构建了你在这里问的解决方案。无论如何,我使用Spring Boot 2实现了一个基于数据库的租户多租户Web应用程序,并使用Spring Security 5保护了Web访问。数据访问是通过Spring JPA(Hibernate 5作为JPA提供者)。看看这里。