Preface
I wrote an article before-"The projects in this open source organization are fine products", which listed 4 java projects of the Dromara open source organization, each of which is lightweight and practical, and is loved by many small partners. The project in Dromara, an open source organization, only targets Java. After a closer look, they are all artifacts that can improve production efficiency and bid farewell to overtime. This time I have selected 5 high-quality items from them and recommend them to everyone.
If you haven’t read the previous series of articles, I also suggest you review it:
https://segmentfault.com/a/1190000040760402
Cubic
First of all I want to introduce Cubic, a one-stop problem location platform! Thread stack monitoring, thread pool monitoring, dynamic arthas command set, dependency analysis, etc., are they strong or not?
Official website: https://cubic.jiagoujishu.com/
Gitee hosting warehouse: https://gitee.com/dromara/cubic
Github hosting warehouse: https://github.com/dromara/cubic
Introduction
One-stop problem location platform, are you still worrying about online problems?
Thread stack monitoring, thread pool monitoring, dynamic arthas command set, dependency analysis, etc., dedicated to application-level monitoring to help developers quickly locate problems.
what features
- 1. Compatibility: Overall monitoring, whether you are deploying IDC, ECS, or Docker, it is perfectly compatible
- 2. Easy to use: No configuration required, ready to use out of the box, agent-based non-intrusive access, no perception on the upgrade application
- 3. Powerful: Support basic monitoring of applications, stack monitoring, thread pool monitoring, etc.
- 4. High expansion: provide a good expansion interface for you to choose
What kind of work efficiency can be
Authority authentication |
---|
List of examples |
Example heartbeat monitoring |
Sample basic information collection |
Server information collection |
JVM basic information collection |
Start parameter collection |
Dependent package inspection |
arthas dynamic command set support |
Historical thread stack acquisition (minute level) |
Real-time thread stack acquisition |
Thread pool monitoring |
function display
instance center (display current instance information)
Basic information (click on the example-"Show the basic information of the current example)
dependency monitoring (click on the instance-"display the dependency package information of the current instance)
Arthas command operation
Thread pool monitoring
Real-time thread stack
Historical thread stack
For more information, please refer to: https://gitee.com/dromara/cubic
Sureness
Shiro, don't use Spring Security anymore, simple and easy-to-use multi-language multi-frame support, powerful domestic authentication framework based on RESTAPI, efficiency artifact!
Official website: https://usthe.com/sureness
Gitee hosting warehouse: https://gitee.com/dromara/sureness
Github hosting warehouse: https://github.com/dromara/sureness
Introduction
In the mainstream front-end and back-end separation architecture, how to protect the REST API
provided by the back-end through effective and fast authentication becomes particularly important. For existing frameworks, RESTful
of Apache Shiro
not natively supported,
Or the depth of binding Spring
of Spring Security
, more or less not our ideal type.
Ever since Sureness
born, we hope to resolve these, to provide for a REST API , frameless rely , can dynamically modify the permissions , multi-authentication policy , faster , easy to use and easy expansion authentication and authorization framework.
Features
Sureness is a new authentication framework designed and developed after we deeply useApache Shiro
Authentication and authentication forREST API
RBAC
(user-role-resource) mainly focuses on the security protectionAPI
No specific web framework dependency, ready to use out of the box (there are integration examples such asSpring Boot,Quarkus,Javalin,Ktor,Micronaut,Jfinal,Solon
Support dynamic modification of authority configuration (dynamic modification of configuration for eachAPI
who has access to it)
SupportWebsocket
, mainstreamHTTP
containersServlet
,JAX-RS
,Spring Reactive
Support multiple authentication strategies,JWT, Basic Auth, Digest Auth
... Scalable custom authentication methods
High performance based on improved dictionary matching tree
Good extension interface, samples and documents help to quickly understand the use of extensionsSureness
's low configuration, easy to expand, not coupled with other frameworks, hoping to quickly and securely protect the system in multiple scenarios
vs.
~ | Sureness | Shiro | Spring Security |
---|---|---|---|
Multi-frame support | support | Need to change support | not support |
REST API | support | Need to change support | support |
Websocket | support | not support | not support |
filter chain matches | Optimized dictionary matching tree | ant match | ant match |
annotation support | support | support | support |
Servlet | support | support | support |
JAX-RS | support | not support | not support |
Dynamic modification of permissions | support | Need to change support | Need to change support |
performance speed | Faster | Slower | Slower |
learning curve | simple | simple | Steep |
benchmark test of 16168eec386be9 shows that Sureness loses 0.026ms performance compared to non-privileged framework applications, Shiro loses 0.088ms, and Spring Security loses
performance gap of 16168eec386bfc will be further widened as the api matching chain increases.
For details, see benchmark test
Native support sample
- [x] Sureness integrated Spring Boot sample (configuration file scheme) sample-bootstrap
- [x] Sureness integrated Spring Boot sample (database solution) sample-tom
- [x] Sureness integrated Quarkus sample sample-quarkus
- [x] Sureness integrated Javalin sample sample-javalin
- [x] Sureness integrated Ktor sample sample-ktor
- [x] Sureness integrated Spring Webflux sample sample-spring-webflux
- [x] Sureness integrated Micronaut sample sample-micronaut
- [x] Sureness integrated MicroProfile sample sample-microProfile
- [x] Sureness integrated Jfinal sample sample-jfinal
- [x] Sureness integrated Solon sample sample-solon
- [x] Sureness integration Spring Gateway sample sample-spring-gateway
- [x] Sureness integrated Zuul sample sample-zuul
- [x] Sureness integrated Session sample sureness-session
- [x] Sureness integrated distributed cache Session sample sureness-redis-session
- [x] More samples todo
For more information, please refer to: https://gitee.com/dromara/sureness
TLog
can be accessed in ten minutes, an artifact log framework that supports many frameworks and mainstream RPC, so that your logs can be upgraded immediately and become traceable!
Official website: http://yomahub.com/tlog
Gitee hosting warehouse: https://gitee.com/dromara/TLog
Github hosting warehouse: https://github.com/dromara/TLog
Introduction
With the prevalence of microservices, many companies have dismantled the system into many microservices according to business boundaries, and when troubleshooting and checking logs. Because the business link runs through many microservice nodes, it becomes difficult to locate the log of a certain request and the log of upstream and downstream services.
At this time, many children's shoes will start to consider SkyWalking, Pinpoint and other distributed tracking systems to solve them. They are based on the OpenTracing specification, and are usually non-invasive, and have a relatively friendly management interface for link Span queries.
But to build a distributed tracking system, it takes a certain period of time to be familiar with and promote the system to the whole company, and it involves the storage cost of link span nodes, full collection or partial collection? If the full amount is collected, take SkyWalking's storage as an example. At least 5 nodes are required to build an ES cluster. This requires an increase in server costs. Moreover, if there are many microservice nodes, it is normal to generate tens of gigabytes or hundreds of gigabytes of data in one day. If you want to keep it for a longer time, you also need to increase the cost of the server disk.
Of course, the distributed tracing system is the ultimate solution. If your company is already on the distributed tracing system, TLog is not applicable.
TLog provides the easiest way to solve the log tracking problem. It does not collect logs and does not require additional storage space. It just automatically tags your logs and automatically generates TraceId throughout your microservices. Links. And provide upstream and downstream node information. Suitable for small and medium-sized enterprises and company projects that want to quickly solve log tracking problems.
To this end, TLog adapts to three log frameworks and supports automatic detection and adaptation. It supports the three RPC frameworks of dubbo, dubbox, and spring cloud. More importantly, if your project is connected to TLog, you may not need it for ten minutes:)
project characteristics
The currently supported features of TLog are as follows:
- Complete lightweight microservice log tracking by tagging logs
- Three access methods are provided: javaagent is completely non-intrusive access, bytecode one line of code access, and configuration file-based access
- No intrusive design for business code, easy to use, access in 10 minutes
- Support the common log4j, log4j2, logback three log frameworks, and provide automatic detection to complete the adaptation
- Support dubbo, dubbox, springcloud three RPC frameworks
- Support Spring Cloud Gateway and Soul Gateway
- Adapt to HttpClient and Okhttp's http call tag delivery
- Support three task frameworks, TimerTask of JDK, Quartz, XXL-JOB
- Support the configuration of custom templates for log tags, and provide multiple system-level buried point tags options
- Supports tracking of asynchronous threads, including scenarios such as thread pools, multi-level asynchronous threads, etc.
- Almost no performance loss, fast and stable, after pressure test, the loss is 0.01%
Access method
used, each line of your log will become the following format
For more information, please refer to: https://gitee.com/dromara/TLog
ImageCombiner
not require P-pictures, it can also synthesize nice pictures with Java, simple use method, server-side batch-combining tool!
Official website: http://dromara.gitee.io/image-combiner
Gitee hosting warehouse: https://gitee.com/dromara/image-combiner
Introduction
ImageCombiner is a tool dedicated to image synthesis on the Java server. It does not have very complicated functions. It pursues simplicity and practicality. Starting from actual business scenarios, it provides a simple interface. A few lines of code can achieve image combination (of course, it is also used to synthesize watermarks). Yes), especially suitable for image marketing, product sharing and other scenarios that require real-time generation of images.
Features
The material supports three types of images, text, and rectangles, and supports element positioning, scaling, rotation, rounded corners, transparency, color, font, font size, strikethrough, centered drawing, automatic text wrapping and other features, which are enough to cover the daily needs of image synthesis . The project does not rely on any framework, and is completely based on the JDK itself. There are no bells and whistles, and the performance is quite good.
efficiency improvement
Through the encapsulation of Graphics2D and the refinement of the element model, the details of image processing are shielded, and the complex coding can be simplified to setting the position and attributes of each element. In the author’s daily work, a complex picture containing more than ten elements is synthesized. Development and debugging (mainly comparing the reduction degree of the design draft) can be done in 20 minutes, which greatly releases the productivity.
effect preview
The simplest example
public void simpleDemo() throws Exception {
//合成器
ImageCombiner combiner = new ImageCombiner("http://xxx.com/image/bg.jpg", OutputFormat.JPG);
//加图片元素
combiner.addImageElement("http://xxx.com/image/product.png", 0, 300)
.setAlpha(.8f) //透明度(0.0~1.0)
.setRotate(45) //旋转(0~360)
.setBlur(20); //高斯模糊(1~100);
//加文本元素
combiner.addTextElement("周末大放送", 0, 150, 1400)
.setCenter(true) //居中绘制(会忽略x坐标,改为自动计算)
.setColor(Color.Red) //颜色
//执行图片合并
combiner.combine();
//可以获取流(并上传oss等)
InputStream is = combiner.getCombinedImageStream();
//也可以保存到本地
combiner.save("d://image.jpg");
For more information, please refer to: https://gitee.com/dromara/image-combiner
MaxKey
MaxKey single sign-on authentication system is the industry's leading enterprise-level IAM identity management and authentication framework. It has a high degree of productization and is the choice of many well-known companies!
Official website: https://www.maxkey.top/
Gitee hosting warehouse: https://gitee.com/dromara/MaxKey
Github hosting warehouse: https://github.com/dromara/MaxKey
Introduction
MaxKey Single Sign On System (Single Sign On System), homophonic Marx’s key meaning is the biggest key, industry-leading enterprise-level IAM identity management and authentication product , support OAuth 2.x/OpenID Connect, SAML 2.0 , JWT, CAS, SCIM and other standard protocols, providing simple, standard, safe and open user identity management (IDM), identity authentication (AM), single sign-on (SSO), RBAC authority management and resource management.
features
- Standard certification agreement:
Serial number | protocol | support |
---|---|---|
1.1 | OAuth 2.x/OpenID Connect | high |
1.2 | SAML 2.0 | high |
1.3 | JWT | high |
1.4 | CAS | high |
1.5 | FormBased | middle |
1.6 | TokenBased(Post/Cookie) | middle |
1.7 | ExtendApi | Low |
1.8 | EXT | Low |
- Login support
Serial number | Login Method | support |
---|---|---|
2.1 | Dynamic verification code | Letters/numbers/arithmetic |
2.2 | Two-factor authentication | SMS/time token/mail |
2.3 | SMS authentication | Tencent Cloud SMS/Alibaba Cloud SMS/NetEase Yunxin |
2.4 | Time token | Easy login/Google/Microsoft Authenticator/FreeOTP/Support TOTP or HOTP |
2.5 | Domain authentication | Kerberos/SPNEGO/AD domain |
2.6 | LDAP | OpenLDAP/ActiveDirectory/standard LDAP server |
2.7 | Social account | WeChat/QQ/Weibo/Dingding/Google/Facebook/Others |
2.8 | Scan code login | Enterprise WeChat/Dingding Scan Code Login |
- Provide a standard authentication interface to facilitate other applications to integrate SSO, secure mobile access, secure API, third-party authentication and the integration of Internet authentication.
- Provides user lifecycle management, supports SCIM 2 protocol, is based on Apache Kafka proxy, and realizes identity supply synchronization through Connector.
- The certification center is platform-independent and environment diversified. It supports Web, mobile phones, mobile devices, etc., such as Apple iOS, Andriod, etc., and comprehensively covers certification capabilities from B/S to mobile applications.
- Multiple authentication mechanisms coexist. Each application system can retain the original authentication mechanism and integrate the authentication of the authentication center. The application is highly independent and does not rely on the authentication center. It can also use the authentication of the authentication center to achieve single sign-on.
- Based on the Java EE platform, using Spring, MySQL, Tomcat, Redis, Apache Kafka and other open source technologies, micro-service architecture, and strong scalability.
- Open source, security, independent and controllable, license Apache 2.0 License & MaxKey copyright statement.
interface preview
For more information, please refer to: https://gitee.com/dromara/MaxKey
finally
In fact, the Dromara open source community also has the most well-known project (and the project with the most stars)-Hutool, so why don't I write it? I want to say that the popularity of this framework is too high. It can almost replace the apache common package. The existence of the guava package should be used by every programmer. An article is not enough to write about the comprehensiveness and power of the Hutool framework. I will leave an article dedicated to the Hutool framework in the future.
The open source projects recommended above are also boutique projects in the Dromara Java community. Many of them are already GVP projects. Using these frameworks/tools can really improve work efficiency.
Finally, when you see the children's shoes here, like them, share them, and watch them!
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用
。你还可以使用@
来通知其他用户。