浅析网络安全的技术-毕业设计(论文)外文翻译 (2)

引言概述：在现代高等教育中，毕业设计（或称为毕业论文、学士论文等）是学生完成学业的重要环节。

而对于一些特定的专业，例如翻译专业，有时候还需要完成外文翻译这一项任务。

本文将探讨毕设外文翻译的意义和目的，以及为什么对翻译专业的学生而言这一任务极其重要。

正文内容：1.提高翻译能力和技巧外文翻译是一项对翻译专业学生而言十分重要的任务，通过进行外文翻译，学生们可以通过实践提高自己的翻译能力和技巧。

在这个过程中，他们可以学习如何处理不同类型的外文文本，熟悉不同领域的专业术语，并掌握一些常用的翻译技巧和策略。

2.扩展语言和文化知识毕设外文翻译要求学生们对翻译语言的相关知识和背景有一定的了解。

在进行翻译时，学生们需要遵循目标语言的语法规则，并确保所翻译的内容准确、清晰地传达源语言的意义。

通过这一过程，学生们可以进一步扩展自己的语言和文化知识，提高自己的跨文化沟通能力。

3.提供实践机会毕设外文翻译为学生们提供了一个实践的机会，让他们能够将在课堂上所学到的理论知识应用于实际操作中。

通过实践，学生们可以对所学知识的理解更加深入，同时也可以发现并解决实际翻译过程中的问题和挑战。

这对于学生们将来从事翻译工作时具备更好的实践能力和经验具有重要意义。

4.培养翻译专业素养毕设外文翻译要求学生们具备良好的翻译专业素养。

在进行翻译过程中，学生们需要保持专业的态度和责任心，严谨地对待每一个翻译任务。

他们需要学会如何进行翻译质量的评估和控制，以确保最终翻译稿的准确性和流畅性。

这一系列的要求和实践，可以帮助学生们培养出色的翻译专业素养。

5.提升自我学习和研究能力毕设外文翻译要求学生们进行广泛的文献阅读和研究，以便更好地理解所翻译的内容，并找到适当的翻译方法和策略。

在这个过程中，学生们需要培养自己的自主学习和研究能力，提高对学术和专业领域的敏感性，并能够独立思考和解决问题。

这将对学生们未来的学术研究和进一步的职业发展产生积极的影响。

总结：引言概述:毕业设计外文翻译（Thesis Translation）是指在毕业设计过程中，对相关外文文献进行翻译，并将其应用于研究中，以提供理论支持和参考。

外文翻译原文及译文学院计算机学院专业计算机科学与技术班级学号姓名指导教师负责教师2011年6月Detecting ARP Spoofing: An Active TechniqueVivek Ramachandran and Sukumar NandiCisco Systems, Inc., Bangalore IndiaIndian Institute of Technology, Guwahati, Assam, IndiaAbstract. The Address Resolution Protocol (ARP) due to itsstatelessness and lack of an authentication mechanism for verifyingthe identity of the sender has a long history of being prone tospoofing attacks. ARP spoofing is sometimes the starting point formore sophisticated LAN attacks like denial of service, man in themiddle and session hijacking. The current methods of detection use apassive approach, monitoring the ARP traffic and looking forinconsistencies in the Ethernet to IP address mapping. The maindrawback of the passive approach is the time lag between learningand detecting spoofing. This sometimes leads to the attack beingdiscovered long after it has been orchestrated. In this paper, wepresent an active technique to detect ARP spoofing. We inject ARPrequest and TCP SYN packets into the network to probe forinconsistencies. This technique is faster, intelligent, scalable andmore reliable in detecting attacks than the passive methods. It canalso additionally detect the real mapping of MAC to IP addresses to afair degree of accuracy in the event of an actual attack.1. IntroductionThe ARP protocol is one of the most basic but essential protocols for LAN communication. The ARP protocol is used to resolve the MAC address of a host given its IP address. This is done by sending an ARP request packet (broadcasted) on the network. The concerned host now replies back with its MAC address in an ARP reply packet (unicast). In some situations a host might broadcast its own MAC address in a special Gratuitous ARP packet. All hosts maintain an ARP cache where all address mappingslearnt from the network (dynamic entries) or configured by the administrator (static entries) are kept. The dynamic entries age out after a fixed interval of time, which varies across operating systems. After the entry ages out it is deleted from the cache and if the host wants to communicate with the same peer, another ARP request is made. The static entries never age out.The ARP protocol is stateless. Hosts will cache all ARP replies sent to them even if they had not sent an explicit ARP request for it. Even if a previous unexpired dynamic ARP entry is there in the ARP cache it will be overwritten by a newer ARP reply packet on most operating systems. All hosts blindly cache the ARP replies they receive, as they have no mechanism to authenticate their peer. This is the root problem, which leads to ARP spoofing.ARP spoofing is the process of forging ARP packets to be able to impersonate another host on the network. In the most general form of ARP spoofing the attacker sends spoofed ARP responses to the victim periodically. The period between the spoofed responses is much lesser than the ARP cache entry timeout period for the operating system running on the victim host. This will ensure that the victim host would never make an ARP request for the host whose address the attacker is impersonating. Following subsection briefly discuss the current detection and mitigation techniques.1.1 Current Mitigation and Detection TechniquesExisting ARP spoofing detection techniques are discussed next sequentially.1.1.1 Secure ARP Protocol (S-ARP)This has been proposed as a replacement for the ARP protocol in S-ARP: a Secure Address Resolution Protocol. The S-ARP protocol is definitely a permanent solution to ARP spoofing but the biggest drawback is that we will have to make changes to the network stack of all the hosts. This is not very scalable as going for a stack upgrade across all available operating systems is something both vendors and customers will not be happy about. As S-ARP uses Digital Signature Algorithm (DSA) we have the additional overhead of cryptographic calculations though the authors of the paper have claimed that this overhead is not significant.1.1.2 Static MAC EntriesAdding static MAC addresses on every host for all other hosts will not allow spoofing but is not a scalable solution at all and managing all these entries is a full time job by itself. This can fail miserably if mobile hosts such as laptops are periodically introduced into the network. Also some operating systems are known to overwrite static ARP entries if they receive Gratuitous ARP packets (GARP).1.1.3 Kernel Based PatchesKernel based patches such as Anticap and Antidote have made an attempt to protect from ARP spoofing at a individual host level. Anticap does not allow updating of the host ARP cache by an ARP reply that carries a different MAC address then the one already in the cache. This unfortunately makes it drop legal gratuitous ARP replies as well, which is a violation to the ARP protocol specification. Antidote on receiving an ARP reply whose MAC address differs from the previously cached one tries to check if the previously learnt MAC is still alive. If the previously learnt MAC is still alive then the update is rejected and the offending MAC address is added to a list of banned addresses.Both the above techniques rely on the fact that the ARP entry in the cache is the legitimate one. This creates a race situation between the attacker and the victim. If the attacker gets his spoofed ARP entry into the host’s cache before the real host can, then the real MAC address is banned. This can only be undone by administrative intervention. Thus we can conclude that wrong learning may cause these tools to fail in detecting ARP spoofing.1.1.4 Passive DetectionIn Passive Detection we sniff the ARP requests/responses on the network and construct a MAC address to IP address mapping database. If we notice a change in any of these mappings in future ARP traffic then we raise an alarm and conclude that an ARP spoofing attack is underway. The most popular tool in this category is ARPWATCH.The main drawback of the passive method is a time lag between learning the address mappings and subsequent attack detection. In a situation where the ARP spoofing began before the detection tool was started for the first time, the tool will learn the forged replies in it’s IP to MAC address mapping database. Now only after the victim starts communicating with some other host the inconsistency will be detected and an alarm rose. The attacker may have made his getaway because of this delay. Also a spoofed entry learned as in the above scenario would have to be manually undone by the networkadministrator. The only solution to this problem is to manually feed the correct address mappings into the database before starting the tool or create an attack free learning traffic. Both of these are unreasonable due to scalability and mobility issues. An ideal example would be mobile hosts e.g. laptops brought in by customers or visitors to a company. This slow learning curve makes it impossible to install passive tools on a large network (1000+ hosts) and expect them to identify attacks instantaneously.The passive techniques do not have any intelligence and blindly look for a mismatch in the ARP traffic with their learnt database tables. If an ARP spoofing is detected than there is no way of ascertaining if the newly seen address mapping is because of a spoofing attempt or the previously learnt one was actually a spoofed one. Our technique will determine the real MAC to IP mapping during an actual attack to a fair degree of accuracy.The passive learning technique is also very unreliable. A new address mapping is learnt when ARP traffic is seen from them. Thus a switch ARP Cache table overflow attempt by the generation of random ARP reply packets per second with arbitrary MAC and IP addresses will just result in new stations being discovered instead of being reported as attack traffic. To overcome problems in earlier techniques, we present a new ARP spoofing detection technique. Our technique uses an active approach to detect ARP spoofing. We send out ARP request and TCP SYN packets to probe the authenticity of the ARP traffic we see in the network. The approach is faster, intelligent, scalable and more reliable in detecting attacks than the passive methods. It can also additionally detect the real mapping of MAC to IP addresses to a fair degree of accuracy in the event of an actual attack. A description of the technique in detail is reported in following sections.2 The Proposed Active Detection Technique for ARP spoofingThe proposed technique actively interacts with the network to gauge the presence of ARP spoofing attacks. We will henceforth assume the following about the network we desire to protect.2.1 Assumptions1. The attacker’s computer has a normal network stack. This assumption will hold for most of the attacks as “ready to use” ARP spoofing tools have always been the attacker’s most popular choice. If the attacker does use a customized stack then our technique willstill detect ARP spoofing but will not be able to predict the correct address mappings anymore. We will discuss performance in the presence of a customized stack in section 2.5.2. The individual hosts we desire to protect on the network may use a personal firewall but at least one TCP port should be allowed through the firewall. This is to allow our probe packets (TCP SYN packets) to go through. This is a reasonable assumption as even if a firewall is installed some LAN based services such as NETBIOS etc are normally allowed through it for LAN communication.3. We assume that all devices, which we protect, have a TCP/IP network stack up and running.2.2 TerminologyWe now introduce the terminology used in the rest of this paper.1. Threshold interval: ARP replies to an ARP request must be received within a specified time interval. After this time has elapsed we will consider the ARP request to have “expired”.We will call this interval as the “Threshold Interval”. This will be administratively configurable on any tool using our technique.2. Host Database: This is the mapping of all legitimate IP and MAC pairs on the network verified and learnt by our technique.The ARP packets consist of the MAC header and the ARP header. Based on the value of the source and destination MAC addresses in the MAC header and as advertised in the ARP header we can divide the all ARP packets into 2 categories.1. Inconsistent Header ARP packets: The MAC addresses in the MAC and ARP header differ i.e. Source MAC address in MAC header! = Source MAC address in ARP header (in ARP requests/responses) and/or Destination MAC address in MAC header! = Destination address in ARP header (only for ARP replies).2. Consistent Header ARP packets: These are the compliment of the Inconsistent Header ARP packets. The MAC addresses in the MAC and ARP headers match in these packets.Note that Inconsistent Header ARP packets are guaranteed spoofed packets as such an anomaly is only possible in attack traffic. Based on the above classification we can further bunch the Consistent Header ARP packets into three groups:1. Full ARP Cycle: An ARP request and its corresponding ARP replies seen within the threshold interval.2. Request Half Cycle: An ARP request for which no replies are sent as seen within the threshold time.3. Response Half Cycle: An ARP reply generated without an ARP request. These three categories form the basis of our input to the ARP spoofing detection mechanism. The following subsection discusses the Architecture of the proposed technique in detail.2.3 ArchitecturePlease refer to Figure 1 for the architecture discussion. We have adopted a modularized approach and have divided our spoof detection into the following modules:1. ARP Sniffer module: This sniffs all ARP traffic from the network.2. MAC - ARP header anomaly detector module: This module classifies the ARP traffic into Inconsistent Header ARP packets and Consistent Header ARP packets.3. Known Traffic Filter module: This filters all the traffic, which is already learnt. It will either drop the packet if the IP to MAC mapping is coherent with the learnt Host Database or raise an alarm if there are any contradictions. All the new ARP packets with unknown addresses are sent to the Spoof Detection Engine for verification.4. Spoof Detection Engine module: This is the main detection engine. We feed the Consistent Header ARP packets to it as input. The design of this module will be discussed in Section 2.4.5. Add to Database Module: Legitimate ARP entries verified by the Spoof Detection Engine are added to the Host Database by this module.6. Spoof Alarm Module: This module raises an alarm on detection of ARP spoofing by sending a mail, SMS etc to the administrator.Fig. 1. Inter-relation between various Modules used by the ARP Spoof Detection AlgorithmAs shown in Figure 1, the ARP Sniffer module sniffs all the ARP traffic in its LAN segment and passes it to the MAC – ARP Header Anomaly Detector. This module passes the entire Consistent Header ARP packets to the Known Traffic Filter module. The entireInconsistent Header ARP packets are sent to the Spoof Alarm. This is done because the Inconsistent Header ARP packets are all spoofed packets as discussed earlier. The Known Traffic Filter module will remove all traffic coherent with the already learnt addresses by consulting the Host Database. If there is a contradiction in the ARP traffic for already learnt addresses then it raises a Spoof Alarm. All new ARP traffic is passed to the Spoof Detection Engine.The Spoof Detection Engine applies our detection algorithm to detect ARP spoofing. The newly seen Consistent Header ARP packets are input to this module. The engine now internally bunches these packets into the three categories discussed in Section 2.2 namely Full ARP Cycle, Request and Response Half Cycle packets. The detection algorithm applied by the engine will be discussed in the section 2.4. After applying the detection algorithm the Spoof Detection engine either sends the ARP entry to the Add to Database module or the Spoof Alarm module. The Add to Database module will add these verified MAC and IP address mapping to the Host Database. The spoof detection engine is discussed in detail next.2.4 The Spoof Detection EngineThe Spoof Detection Engine is the heart of the whole system. The three different ARP Cycle packets as discussed in Section 2.2 are treated in slightly different ways by the Spoof Detection Engine to detect an attempted spoofing. The Spoof Detection Engine works based on the following Rules:Rule A: “The network interface card of a host will accept packets sent to its MAC address, Broadcast address and subscribed multicast addresses. It will pass on these packets to the IP layer. The IP layer will only accept IP packets addressed to its IP address(s) and will silently discard the rest of the packets. If the accepted packet is a TCP packet it is passed on to the TCP layer. If a TCP SYN packet is received then the host will either respond back with a TCP SYN/ACK packet if the destination port is open or with a TCP RST packet if the port is closed”.Rule B: “The attacker can spoof ARP packets imp ersonating a host but he can never stop the real host from replying to ARP requests (or any other packet) sent to it. The valid assumption here is that the r eal host is up on the network.”It should be noted that these rules have been derived from the correct behavior that a host’s network stack should exhibit when it receives a packet. To exemplify Rule A, let a host have MAC address = X and IP address = Y. If this host receives a packet with destination MAC address = X and destination IP address = Z then even though the network interface card would accept the packet as the destination MAC address matches, the host’s network stack will silently discard this packet as the destination IP address does not match, without sending any error messages back to the source of the packet.Based on Rule A, we can conceive of two types of probe packets from a host’s network stack point of view which we will use to detect ARP spoofing.a. Right MAC – Wrong IP packet: The destination MAC address in the packet is of the hos t but the IP address is invalid and does not correspond to any of the host’s addresses. The destination host will silently drop this packet.b. Right MAC – Right IP packet: The destination MAC address and IP addresses pairs are of the host’s and its networ k stack accepts it.We will henceforth assume that the attacker is using an unmodified network stack. The performance of our technique in the presence of a modified network stack will be evaluated in Section 2.5. Based on the above observation we will construct our own packets based on Rule A and send them on the network. We will use the address information in the ARP response packet sent by the host whose authenticity is to be verified. We will use the MAC and IP addresses used in the ARP response packet to construct a TCP SYN packet i.e. the destination MAC and IP in the TCP SYN packet will be the source MAC and IP address advertised in the ARP response packet and the source MAC and IP in the TCP SYN packet would be of the host running the Spoof Detection Engine. The TCP destination port will be chosen based on the presence/absence of packet filtering firewalls on the network hosts. If there is a firewall installed on the hosts we will choose the “allowed TCP port” (as in section 2.1) and if no firewalls ar e there then we can choose any TCP port. The rest of the header values in the TCP SYN packet will be set as usual.When a TCP SYN packet as constructed above is sent to the source of the ARP reply packet, the host’s response will be based on Rule A. If the ARP response was from the real host its IP stack will respond back with either a TCP RST packet (If the destination port is closed) or a TCP SYN/ACK packet (if the destination port is open).If the ARP response had been from a malicious host then its network stack would silently discard the TCP SYN packet in accordance with Rule A. Thus based on the fact that the Spoof Detection Engine does/does not receive any TCP packets in return to the SYN packet it sent, it can judge the authenticity of the received ARP response packet.APR欺骗检测：一种主动技术手段维克拉玛苍兰和舒库玛南迪思科系统公司班加罗尔印度印度理工学院，古瓦哈蒂，阿萨姆，印度摘要.地址解析协议（ARP）由于其无状态性和缺乏对发送者身份进行验证的机制，因而长久以来常被用于欺骗攻击。

本科生毕业设计 (论文)
外文翻译
原文标题
Worlds Collide:
Exploring the Use of Social Media Technologies for
Online Learning
译文标题
世界的碰撞：
探索社交媒体技术在在线学习的应用
作者所在系别计算机科学与工程系作者所在专业计算机科学与技术作者所在班级
作者姓名
作者学号
指导教师姓名
指导教师职称讲师
完成时间2013年2月
北华航天工业学院教务处制
注：1. 指导教师对译文进行评阅时应注意以下几个方面：①翻译的外文文献与毕业设计（论文）的主题是否高度相关，并作为外文参考文献列入毕业设计（论文）的参考文献；②翻译的外文文献字数是否达到规定数量（3 000字以上）；③译文语言是否准确、通顺、具有参考价值。

2. 外文原文应以附件的方式置于译文之后。

网络安全外文翻译附件1：外文资料翻译译文网络安全1 简介在计算机网络最初出现的几十年里，它主要用于在各大学的研究人员之间传送电子邮件，以及共同合作的职员间共享打印机。

在这种条件下，安全性未能引起足够的注意，但是现在，众多的普通市民使用网络来处理银行事务、购物和纳税，网络安全逐渐成为一个潜在的巨大问题。

安全性是一个涉及面很广的问题，其中也涉及到是否构成犯罪行为的问题。

大多数安全性问题的出现都是由于有恶意的人试图获得某种好处或损害某些人而故意引起的。

网络安全性可以被粗略地分为4个相互交织的部分：保密、鉴别、反拒认以及完整性控制。

保密是指保护信息不被未授权者访问，这是人们在谈到网络安全性时最常想到的问题。

鉴别主要指在揭示敏感信息或进行事务处理之前先确认对方身份。

反拒认主要与鉴别有关：当你的客户下了一份要采购1000万双手套的订单，后来他宣称每双的价格是69美分，如何证明他原先答应的价格是89美分呢？最后，如何确定自己收到的消息是最初发送的那条消息，而不是被有恶意的敌人篡改或伪造过的呢？所有这些问题（保密、鉴别、反拒认和完整性控制）也发生在传统的系统中，但却有很大的差别。

在讨论解决方法之前，值得花些时间考虑网络安全性属于协议组的哪一部分的内容。

可能无法确定一个单独的位置，因为安全性与每一层都有关。

以下将从不同的角度来介绍网络安全性。

2 计算机病毒在我们这个富有健康意识的社会中，任何形式的病毒都是敌人。

计算机病毒则尤其是个祸害。

这类病毒可以、也的确侵袭过没有防范的计算机系统，轻者可能仅仅是惹人心烦，重者可能造成灾难性的软件及数据损失，导致时间及财力的浪费。

各家公司越来越多地使用计算机进行企业管理，这对于企业来说是至关重要的。

然而，随着计算机病毒威胁的出现，病毒引发的系统瘫痪屡有发生，其代价正不断增长。

我们应当关注这一问题，但恐慌是没有必要的。

正如良好的饮食、运动及医疗保健可以延年益寿一样，谨慎高效的防病毒策略也可以最大限度地减少病毒入侵的机会。

中英文资料外文翻译计算机网络计算机网络，通常简单的被称作是一种网络，是一家集电脑和设备为一体的沟通渠道，便于用户之间的沟通交流和资源共享。

网络可以根据其多种特点来分类。

计算机网络允许资源和信息在互联设备中共享。

一．历史早期的计算机网络通信始于20世纪50年代末，包括军事雷达系统、半自动地面防空系统及其相关的商业航空订票系统、半自动商业研究环境。

1957年俄罗斯向太空发射人造卫星。

十八个月后，美国开始设立高级研究计划局(ARPA)并第一次发射人造卫星。

然后用阿帕网上的另外一台计算机分享了这个信息。

这一切的负责者是美国博士莱德里尔克。

阿帕网于来于自印度，1969年印度将其名字改为因特网。

上世纪60年代，高级研究计划局(ARPA)开始为美国国防部资助并设计高级研究计划局网(阿帕网)。

因特网的发展始于1969年，20世纪60年代起开始在此基础上设计开发，由此，阿帕网演变成现代互联网。

二．目的计算机网络可以被用于各种用途:为通信提供便利:使用网络，人们很容易通过电子邮件、即时信息、聊天室、电话、视频电话和视频会议来进行沟通和交流。

共享硬件:在网络环境下，每台计算机可以获取和使用网络硬件资源，例如打印一份文件可以通过网络打印机。

共享文件：数据和信息: 在网络环境中，授权用户可以访问存储在其他计算机上的网络数据和信息。

提供进入数据和信息共享存储设备的能力是许多网络的一个重要特征。

共享软件:用户可以连接到远程计算机的网络应用程序。

信息保存。

安全保证。

三．网络分类下面的列表显示用于网络分类：3．1连接方式计算机网络可以据硬件和软件技术分为用来连接个人设备的网络，如：光纤、局域网、无线局域网、家用网络设备、电缆通讯和G.hn（有线家庭网络标准）等等。

以太网的定义，它是由IEEE 802标准，并利用各种媒介，使设备之间进行通信的网络。

经常部署的设备包括网络集线器、交换机、网桥、路由器。

无线局域网技术是使用无线设备进行连接的。

网络设计与规划中英文对照外文翻译文献现代企业面临的挑战尽管企业进行了大量的IT资本投资，但许多公司发现，大部分关键网络资源和信息资产仍处于自由状态。

实际上，许多"孤立"的应用程序和数据库无法相互通信，这是一种常见的商业现象。

2.The n: Service-Oriented ork Architecture (SONA)___'___(SONA) ___ is based on a service-oriented architecture (SOA) approach。

___.解决方案：面向服务的网络架构（SONA）___的面向服务的网络架构（SONA）是一个全面的框架，帮助企业克服网络设计和规划的挑战。

SONA基于面向服务的架构（SOA）方法，使企业能够将不同的应用程序和数据库集成到一个统一的网络中。

3.___ SONABy implementing SONA。

businesses ___ of benefits。

___。

increased security。

___。

___ security features。

such as identity and access management。

to protect critical n assets。

Finally。

___.SONA的好处通过实施SONA，企业可以获得许多好处，包括提高网络敏捷性、增加安全性和降低成本。

SONA通过提供灵活和可扩展的网络架构，使企业能够快速适应不断变化的业务需求。

此外，SONA提供了增强的安全功能，如身份和访问管理，以保护关键信息资产。

最后，SONA通过简化网络管理和减少对额外硬件和软件的需求，帮助企业降低成本。

4.nIn today's fast-paced business environment。

it is essential for ___。

secure。

and cost-effective ork architecture.结论在今天快节奏的商业环境中，企业必须拥有一个可以快速适应不断变化的业务需求的网络基础设施。

论文外文文献翻译以下是一篇700字左右的论文外文文献翻译：原文题目：The Role of Artificial Intelligence in Medical Diagnostics: A Review原文摘要：In recent years, there has been a growing interest in the use of artificial intelligence (AI) in the field of medical diagnostics. AI has the potential to improve the accuracy and efficiency of medical diagnoses, and can assist clinicians in making treatment decisions. This review aims to examine the current state of AI in medical diagnostics, and discuss its advantages and limitations. Several AI techniques, including machine learning, deep learning, and natural language processing, are discussed. The review also examines the ethical and legal considerations associated with the use of AI in medical diagnostics. Overall, AI has shown great promise in improving medical diagnostics, but further research is needed to fully understand its potential benefits and limitations.AI在医学诊断中发挥的作用：一项综述近年来，人工智能（AI）在医学诊断领域的应用引起了越来越多的关注。

本科毕业设计(论文) 外文翻译（附外文原文）系 ( 院 )：信息科学与工程学院课题名称：学生信息管理系统专业(方向)：计算机科学与技术（应用）7.1 Enter ActionMappingsThe Model 2 architecture (see chapter 1) encourages us to use servlets and Java- Server Pages in the same application. Under Model 2, we start by calling a servlet.The servlet handles the business logic and directs control to the appropriate pageto complete the response.The web application deployment descriptor (web.xml) lets us map a URL patternto a servlet. This can be a general pattern, like *.do, or a specific path, like saveRecord.do.Some applications implement Model 2 by mapping a servlet to each business operation. This approach works, but many applications involve dozens or hundredsof business operations. Since servlets are multithreaded, instantiating so manyservlets is not the best use of server resources. Servlets are designed to handle anynumber of parallel requests. There is no performance benefit in simply creatingmore and more servlets.The servlet’s primary job is to interact with the container and HTTP. Handlinga business operation is something that a servlet could delegate to another component. Struts does this by having the ActionServlet delegate the business operationto an object. Using a servlet to receive a request and route it to a handler is knownas the Front Controller pattern [Go3].Of course, simply delegating the business operation to another componentdoes not solve the problem of mapping URIs [W3C, URI] to business operations.Our only way of communicating with a web browser is through HTTP requests and URIs. Arranging for a URI to trigger a business operation is an essential part of developing a web application.Meanwhile, in practice many business operations are handled in similar ways.Since Java is multithreaded, we could get better use of our server resources if wecould use the same Action object to handle similar operations. But for this towork, we might need to pass the object a set of configuration parameters to usewith each operation.So what’s the bottom line? To implement Model 2 in an efficient and flexibleway, we need to:Enter ActionMappings 195♉ Route requests for our business operations to a single servlet♉ Determine which business operation is related to the request♉ Load a multithreaded helper object to handle the business operation♉ Pass the helper object the specifics of each request along with any configuration detail used by this operationThis is where ActionMappings come in.7.1.1 The ActionMapping beanAn ActionMapping (org.apache.struts.action.ActionMapping) describes howthe framework handles each discrete business operation (or action). In Struts,each ActionMapping is associated with a specific URI through its path property. When a request comes in, the ActionServlet uses the path property to select the corresponding ActionMapping. The set of ActionMapping objects is kept in an ActionMappings collection (org.apache.struts.action.ActionMappings). Originally, the ActionMapping object was used to extend the Action objectrather than the Action class. When used with an Action, a mapping gives a specific Action object additional responsibilities and new functionality. So, it was essentiallyan Action decorator [Go4]. Along the way, the ActionMapping evolved into anobject in its own right and can be used with or without an Action.DEFINITION The intent of the decorator pattern is to attach additional responsibilities to an object dynamically. Decorators provide a flexible alternative to subclassingfor extending functionality [Go4].The ActionMappings are usually created through the Struts configuration file.For more about this file, see chapter 4.7.1.2 The ActionMappings catalogThe ActionMappings catalog the business logic available to a Struts application.When a request comes in, the servlet finds its entry in the ActionMappings catalogand pulls the corresponding bean.The ActionServlet uses the ActionMapping bean to decide what to do next. Itmay need to forward control off to another resource. Or it may need to populateand validate an ActionForm bean. At some point, it may have to pass control to an Action object, and when the Action returns, it may have to look up an Action-Forward associated with this mapping.196 CHAPTER 7Designing with ActionMappingsThe ActionMapping works like a routing slip for the servlet. Depending onhow the mapping is filled out, the request could go just about anywhere.The ActionMappings represent the core design of a Struts application. If youwant to figure out how a Struts application works, start with the ActionMappings. Ifyou want to figure out how to write a new Struts application, start with the Action- Mappings. The mappings are at the absolute center of every Struts application.In this chapter, we take a close look at the ActionMapping properties andexplore how they help you design the flow of a Struts application.1.0 vs 1.1 In Struts 1.1, ActionMapping subclasses ActionConfig (org.apache. struts.config.ActionConfig) and adds API methods required forbackward compatibility. ActionMapping is not deprecated, and how thehierarchy will be handled in future releases has not been determined.For now, we refer to the ActionMapping class, but you should note thatin Struts 1.1 all of the action properties are actually defined by the ActionConfigsuper class. The ActionMapping class otherwise works thesame way in both versions.7.2 ActionMapping propertiesTable 7.1 describes the base ActionMapping properties. As with other configuration components, developers may extend ActionMapping to provide additionalproperties.Table 7.1 The base ActionMapping propertiesProperty Descriptionpath The URI path from the request used to select this mapping. (API command) forward The context-relative path of the resource that should serve this request via a forward.Exactly one of the forward, include, or type properties must be specified.orinclude The context-relative path of the resource that should serve this request via aninclude. Exactly one of the forward, include, or type properties must be specified.ortype Optionally specifies a subclass oforg.apache.struts.action.ActionMappingthat should be used when instantiating this mapping.className The fully qualified name of the Action class used by this mapping. SinceStruts 1.1ActionMapping properties 197In the sections that follow, we take a look at each of these properties.7.2.1 The path propertyThe ActionMapping URI, or path, will look to the user like just another file onthe web server. But it does not represent a file. It is a virtual reference to our ActionMapping.Because it is exposed to other systems, the path is not really a logical name, likethose we use with ActionForward. The path can include slashes and an extension—as if it referred to a file system—but they are all just part of a single name.The ActionMappings themselves are a “flat” namespace with no type of internalhierarchy whatsoever. They just happen to use the same characters that we areused to seeing in hierarchical file systems.name The name of the form bean, if any, associated with this action. This is not the classname. It is the logical name used in the form bean configuration.roles The list of security roles that may access this mapping.scope The identifier of the scope (request or session) within which the form bean, if any,associated with this mapping will be created.validate Set to true if the validate method of the form bean (if any) associated with thismapping should be called.input Context-relative path of the input form to which control should be returned ifa validationerror is encountered. This can be any URI: HTML, JSP, VM, or another Action- Mapping.parameter General-purpose configuration parameter that can be used to pass extra informationto the Action selected by this ActionMapping.attribute Name of the request-scope or session-scope attribute under which our form bean isaccessed, if it is other than the bean's specified name.prefix Prefix used to match request parameter names to form bean property names, if any.suffix Suffix used to match request parameter names when populating the properties ofour ActionForm bean, if any.unknown Can be set to true if this mapping should be configured as the default for this application(to handle all requests not handled by another mapping). Only one mappingcan be defined as the default unknown mapping within an application.forwards(s) Block of ActionForwards for this mapping to use, if any.exception(s) Block of ExceptionHandlers for this mapping to use, if any.Table 7.1 The base ActionMapping properties (continued)Property DescriptionSinceStruts 1.1SinceStruts 1.1198 CHAPTER 7Designing with ActionMappingsOf course, it can still be useful to treat your ActionMappings as if they werepart of a hierarchy and group related commands under the same "folder." Theonly restriction is that the names must match whatever pattern is used in the application’s deployment description (web.xml) for the ActionServlet. This is usuallyeither /do/* or *.do, but any similar pattern can be used.If you are working in a team environment, different team members can begiven different ActionMapping namespaces to use. Some people may be workingwith the /customer ActionMappings, others may be working with the /vendor ActionMappings. This may also relate to the Java package hierarchy the team isusing. Since the ActionMapping URIs are logical constructs, they can be organizedin any way that suits your project.With Struts 1.1, these types of namespaces can be promoted to applicationmodules. Each team can work independently on its own module, with its own setof configuration files and presentation pages. Configuring your application to use multiple modules is covered in chapter 4.DEFINITION The web runs on URIs, and most URIs map to physical files. If you want to change the resource, you change the corresponding file. Some URIs, likeStruts actions, are virtual references. They do not have a correspondingfile but are handled by a programming component. To change the resource,we change how the component is programmed. But since thepath is a URI and interacts with other systems outside our control, thepath is not a true logical reference—the name of an ActionForward, forinstance. We can change the name of an ActionForward without consultingother systems. It’s an internal, logical reference. If we change thepath to an ActionMapping, we might need to update other systems thatrefer to the ActionMapping through its public URI.7.2.2 The forward propertyWhen the forward property is specified, the servlet will not pass the request to an Action class but will make a call to RequestDispatcher.forward. Since the operationdoes not use an Action class, it can be used to integrate Struts with otherresources and to prototype systems. The forward, include, and type propertiesare mutually exclusive. (See chapter 6 for more information.)7.2.3 The include propertyWhen the include property is specified, the servlet will not pass the request to an Action class but will make a call to RequestDispatcher.include. The operationActionMapping properties 199does not use an Action class and can be used to integrate Struts with other components. The forward, include, and type properties are mutually exclusive. (Seechapter 6 for more information.)7.2.4 The type propertyMost mappings will specify an Action class type rather than a forward or include.An Action class may be used by more than one mapping. The mappings may specifyform beans, parameters, forwards, or exceptions. The forward, include, andtype properties are mutually exclusive.7.2.5 The className propertyWhen specified, className is the fully qualified Java classname of the ActionMapping subclass that should be used for this object. This allows you to use your own ActionMapping subclass with specialized methods and properties. See alsosection 7.4.7.2.6 The name propertyThis property specifies the logical name for the form bean, as given in the formbean segment of the Struts configuration file. By default, this is also the name tobe used when placing the form bean in the request or session context. Use theattribute property of this class to specify a different attribute key.7.2.7 The roles propertyThis property is a comma-delimited list of the security role names that are allowed access to this ActionMapping object. By default, the same system that is used with standard container-based security is applied to the list of roles given here. Thismeans you can use action-based security in lieu of specifying URL patterns in the deployment descriptor, or you can use both together.The security check is handled by the processRoles method of the Request- Processor (org.apache.struts.action.RequestProcessor). By subclassing RequestProcessor, you can also use the roles property with application-based security. See chapter 9 for more about subclassing RequestProcessor.7.2.8 The scope propertyThe ActionForm bean can be stored in the current request or in the session scope (where it will be available to additional requests). While most developers userequest scope for the ActionForm, the framework default is session scope. Tomake request the default, see section 7.4.SinceStruts 1.1SinceStruts 1.1200 CHAPTER 7Designing with ActionMappings7.2.9 The validate propertyAn important step in the lifecycle of an ActionForm is to validate its data before offering it to the business layer. When the validate property for a mapping is true, the ActionServlet will call the ActionForm’s validate method. If validate returns false, the request is forwarded to the resource given by the input property.Often, developers will create a pair of mappings for each data entry form. Onemapping will have validate set to false, so you can create an empty form. Theother has validate set to true and is used to submit the completed form.NOTE Whether or not the ActionForm validate method is called does not relateto the ActionServlet’s validating property. That switch controlshow the Struts configuration file is processed.7.2.10 The input propertyWhen validate is set to true, it is important that a valid path for input be provided. This is where control will pass should the ActionForm validate methodreturn false. Often, this is the address for a presentation page. Sometimes it willbe another Action path (with validate set to false) that is required to generatedata objects needed by the page.NOTE The input path often leads back to the page that submitted the request.While it seems natural for the framework to return the request to whereit originated, this is not a simple task in a web application. A request is oftenpassed from component to component before a response is sent backto the browser. The browser only knows the path it used to retrieve theinput page, which may or may not also be the correct path to use for theinput property. While it may be possible to try and generate a default inputpage based on the HTTP referrer attribute, the Struts designersdeemed that approach unreliable.inputForwardIn Struts 1.0, the ActionMapping input property is always a literal URI. InStruts 1.1, it may optionally be the name of an ActionForward instead. The ActionForward is retrieved and its path property is used as the input property.This can be a global or local ActionForward.To use ActionForwards here instead of literal paths, set the inputForwardattribute on the <controller> element for this module to true:SinceStruts 1.1ActionMapping properties 201<controller inputForward="true">For more about configuring Struts, see chapter 4. For more about ActionForwards,see chapter 6.7.2.11 The parameter propertyThe generic parameter property allows Actions to be configured at runtime. Severalof the standard Struts Actions make use of this property, and the standardScaffold Actions often use it, too. The parameter property may contain a URI, the name of a method, the name of a class, or any other bit of information an Actionmay need at runtime. This flexibility allows some Actions to do double and tripleduty, slashing the number of distinct Action classes an application needs on hand.Within an Action class, the parameter property is retrieved from the mappingpassed to perform:parameter = mapping.getParameter();Multiple parametersWhile multiple parameters are not supported by the standard ActionMappingsclass, there are some easy ways to implement this, including using HttpUtils, a StringTokenizer, or a Properties file (java.util.Properties).HttpUtils. Although deprecated as of the Servlet API 2.3 specification, theHttpUtils package (javax.servlet.http.HttpUtils) provides a static method that parses any string as if it were a query string and returns a Hashtable(java.util.Hashtable):Hashtable parameters = parseQueryString(parameter);The parameter property for your mapping then becomes just another query string, because you might use it elsewhere in the Struts configuration. stringTokenizer. Another simple approach is to delimit the parameters using the token of your choice—such as a comma, colon, or semicolon—and use the StringTokenizer to read them back:StringTokenizer incoming =new StringTokenizer(mapping.getParameter(),";");int i = 0;String[] parameters = new String[incoming.countTokens()]; while (incoming.hasMoreTokens()) {parameters[i++] = incoming.nextToken().trim();}202 CHAPTER 7Designing with ActionMappingsProperties file. While slightly more complicated than the others, another popular approach to providing multiple parameters to an ActionMapping is with a standard Properties files (java.util.Properties). Depending on your needs, the Properties file could be stored in an absolute location in your file system or anywhere on your application’s CLASSPATH.The Commons Scaffold package [ASF, Commons] provides a ResourceUtils package (mons.scaffold.util.ResourceUtils) with methods forloading a Properties file from an absolute location or from your application’s CLASSPATH.7.2.12 The attribute propertyFrom time to time, you may need to store two copies of the same ActionForm inthe same context at the same time. This most often happens when ActionFormsare being stored in the session context as part of a workflow. To keep their names from conflicting, you can use the attribute property to give one ActionForm bean a different name.An alternative approach is to define another ActionForm bean in the configuration, using the same type but under a different name.7.2.13 The prefix and suffix propertiesLike attribute, the prefix and suffix properties can be used to help avoid naming conflicts in your application. When specified, these switches enable aprefix or suffix for the property name, forming an alias when it is populatedfrom the request.If the prefix this was specified, thenthisName=McClanahanbecomes equivalent toname=McClanahanfor the purpose of populating the ActionForm. Either or both parameters would call getName("McClanahan");This does not affect how the properties are written by the tag extensions. It affects how the autopopulation mechanism perceives them in the request.Nested components 2037.2.14 The unknown ActionMappingWhile surfing the Web, most of us have encountered the dreaded 404— page not found message. Most web servers provide some special features for processing requests for unknown pages, so webmasters can steer users in the right direction. Struts offers a similar service for ActionMapping 404s—the unknown ActionMapping. In the Struts configuration file, you can specify one ActionMapping toreceive any requests for an ActionMapping that would not otherwise be matched:<actionname="/debug"forward="/pages/debug.jsp"/>When this option is not set, a request for an ActionMapping that cannot bematched throws400 Invalid path /notHere was requestedNote that by a request for an ActionMapping, we mean a URI that matches the prefix or suffix specified for the servlet (usually /do/* or *.do). Requests for other URI patterns, good or bad, will be handled by other servlets or by the container:/do/notHere (goes to the unknown ActionMapping)/notHere.txt (goes to the container)7.3 Nested componentsThe ActionMapping properties are helpful when it comes to getting an Action torun a business operation. But they tell only part of the story. There is still much todo when the Action returns.An Action may have more than one outcome. We may need to register several ActionForwards so that the Action can take its pick.7.3.1 Local forwardsIn the normal course, an ActionMapping is used to select an Action object to handle the request. The Action returns an ActionForward that indicates which pageshould complete the response.The reason we use ActionForwards is that, in practice, presentation pages areeither often reused or often changed, or both. In either case, it is good practice to encapsulate the page’s location behind a logical name, like “success” or “failure.”The ActionForward object lets us assign a logical name to any given URI.204 CHAPTER 7Designing with ActionMappingsOf course, logical concepts like success or failure are often relative. What represents success to one Action may represent failure to another. Each Action-Mapping can have its own set of local ActionForwards. When the Action asks for a forward (by name), the local set is checked before trying the global forwards. See chapter 6 for more about ActionForwards.Local forwards are usually specified in the Struts configuration file. See chapter4 for details.7.3.2 Local exceptionsMost often, an application’s exception handlers (org.apache.struts.action. ExceptionHandler) can be declared globally. However, if a given ActionMapping needs to handle an exception differently, it can have its own set of local exception handlers that are checked before the global set.Local exceptions are usually specified in the Struts configuration file. Seechapter 4 for details.7.4 Rolling your own ActionMappingWhile ActionMapping provides an impressive array of properties, developers may also provide their own subclass with additional properties or methods. InStruts 1.0, this is configured in the deployment descriptor (web.xml) for the ActionServlet:<init-param><param-name>mapping</param-name><param-value>app.MyActionMapping</param-value></init-param>In Struts 1.1, this is configured in the Struts configuration file as an attribute to the <action-mappings> element:<action-mappings type="app.MyActionMapping">Individual mappings may also be set to use another type through the className attribute:<action className="app.MyActionMapping">For more about configuring Struts, see chapter 4.SinceStruts 1.1Summary 205The framework provides two base ActionMapping classes, shown in table 7.2. They can be selected as the default or used as a base for your own subclasses.The framework default is SessionActionMapping, so scope defaults to session. Subclasses that provide new properties may set them in the Struts configuration using a standard mechanism:<set-property property="myProperty" value="myValue" /> Using this standard mechanism helps developers avoid subclassing the Action- Servlet just to recognize the new properties when it digests the configuration file. This is actually a feature of the Digester that Struts simply inherits.7.5 SummarySun’s Model 2 architecture teaches that servlets and JavaServer Pages should be used together in the same application. The servlets can handle flow control and data acquisition, and the JavaServer Pages can handle the HTML.Struts takes this one step further and delegates much of the flow control anddata acquisition to Action objects. The application then needs only a single servletto act as a traffic cop. All the real work is parceled out to the Actions and theStruts configuration objects.Like servlets, Actions are efficient, multithreaded singletons. A single Actionobject can be handling any number of requests at the same time, optimizing your server’s resources.To get the most use out of your Actions, the ActionMapping object is used as a decorator for the Action object. It gives the Action a URI, or several URIs, and away to pass different configuration settings to an Action depending on which URIis called.In this chapter, we took a close look at the ActionMapping properties andexplained each property’s role in the scheme of things. We also looked at extendingthe standard ActionMapping object with custom properties—just in case yourscheme needs even more things.Table 7.2 The default ActionMapping classesActionMapping Descriptionorg.apache.struts.action.SessionActionMapping Defaults the scope property to sessionorg.apache.struts.action.RequestActionMapping Defaults the scope property to request206 CHAPTER 7Designing with ActionMappingsIn chapter 8, the real fun begins. The configuration objects covered so far aremainly a support system. They help the controller match an incoming requestwith a server-side operation. Now that we have the supporting players, let’s meet the Struts diva: the Action object.7.1 进入ActionMappingModel 2 架构(第1章)鼓励在同一个应用中使用servlet和JSP页面。