我正在尝试使用JPA从xml(下面)继承数据。但是一切顺利,直到我在其中一个子类中找到嵌套的arraylist。我已经尝试了下面的代码并查看了几个示例,例如this和this,但没有成功。我想在Instances类中关系应该是OnetoMany。如果有人指出我正确的方向,我会很高兴。请参阅下面的代码段: Instances类:
@Entity
public class Instances {
@Id
@GeneratedValue(strategy = GenerationType.SEQUENCE)
public long id;
@OneToMany (mappedBy = "instances", cascade = CascadeType.PERSIST)
protected List<Instance> instance = new ArrayList<Instance>();
public Instances(List<Instance> instance) {
this.instance = instance;
}
public Instances() {
}
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public List<Instance> getInstance() {
return instance;
}
public void setInstance(List<Instance> instance) {
this.instance = instance;
}
Instance类:
@Entity
public class Instance {
@Id
@GeneratedValue(strategy = GenerationType.SEQUENCE)
public long id;
@XmlElement(required = true)
@XmlSchemaType(name = "anyURI")
protected String uri;
@XmlElement(required = true)
protected String method;
protected String evidence;
protected String param;
protected String attack;
@ManyToOne
public Instances instances;
public Instance(long id, String uri, String method, String evidence, String param, String attack) {
super();
this.id = id;
this.uri = uri;
this.method = method;
this.evidence = evidence;
this.param = param;
this.attack = attack;
}
public Instance() {
}
public String getUri() {
return uri;
}
public void setUri(String value) {
this.uri = value;
}
public String getMethod() {
return method;
}
public void setMethod(String value) {
this.method = value;
}
public String getEvidence() {
return evidence;
}
public void setEvidence(String value) {
this.evidence = value;
}
public String getParam() {
return param;
}
public void setParam(String value) {
this.param = value;
}
public String getAttack() {
return attack;
}
public void setAttack(String value) {
this.attack = value;
}
public long getId() {
return id;
}
public void setId(long id) {
this.id = id;
}
public Instances getInstances() {
return instances;
}
public void setInstances(Instances instances) {
this.instances = instances;
}
主要班级:
System.out.println("Active Scan complete");
System.out.println(new String(api2.core.xmlreport(ZAP_API_KEY)));
JacksonXmlModule module = new JacksonXmlModule();
module.setDefaultUseWrapper(false);
XmlMapper xmlMapper = new XmlMapper(module);
OWASPZAPReport oWASPZAPReport = new OWASPZAPReport();
oWASPZAPReport = xmlMapper.readValue(api2.core.xmlreport(ZAP_API_KEY), OWASPZAPReport.class);
ScannerDAO.em.getTransaction().begin();
Site site = new Site();
site = oWASPZAPReport.getSite();
System.out.println(site);
Alerts al = site.getAlerts();
System.out.println(al);
Alertitem alertitem = new Alertitem();
List<Alertitem> aitems = al.getAlertitem();
for (Alertitem item : aitems) {
Instances instances = item.getInstances();
Instances stances = new Instances();
List<Instance> instance = instances.getInstance();
Instance instancer = new Instance();
for (Instance inst : instance) {
instancer.setAttack(inst.getAttack());
instancer.setUri(inst.getUri());
instancer.setEvidence(inst.getEvidence());
instancer.setParam(inst.getParam());
instancer.setMethod(inst.getMethod());
}
ScannerDAO.em.persist(instancer);
stances.setInstance(instances.getInstance());
ScannerDAO.em.persist(stances);
alertitem.setPluginid(item.getPluginid());
alertitem.setAlert(item.getAlert());
alertitem.setName(item.getName());
alertitem.setRiskcode(item.getRiskcode());
alertitem.setConfidence(item.getConfidence());
alertitem.setRiskdesc(item.getRiskdesc());
alertitem.setDesc(item.getDesc());
alertitem.setInstances(item.getInstances());
alertitem.setCount(item.getCount());
alertitem.setSolution(item.getSolution());
alertitem.setOtherinfo(item.getOtherinfo());
alertitem.setReference(item.getReference());
alertitem.setCweid(item.getCweid());
alertitem.setWascid(item.getWascid());
alertitem.setSourceid(item.getSourceid());
ScannerDAO.em.persist(alertitem);
}
site.setAlerts(al);
ScannerDAO.em.persist(al);
ScannerDAO.em.persist(site);
ScannerDAO.em.getTransaction().commit();
} catch (Exception e) {
System.out.println("Exception : " + e.getMessage());
e.printStackTrace();
}
ScannerDAO.em.close();
return Response.status(200).entity(scanResult).build();
}
}
这是xml:
<?xml version="1.0"?>
<OWASPZAPReport generated="Sun, 25 Jun 2017 17:29:12" version="2.6.0">
<site host="127.0.0.1" name="http://127.0.0.1:8761" port="8761"
ssl="false">
<alerts>
<alertitem>
<pluginid>2</pluginid>
<alert>Private IP Disclosure</alert>
<name>Private IP Disclosure</name>
<riskcode>1</riskcode>
<confidence>2</confidence>
<riskdesc>Low (Medium)</riskdesc>
<desc><p>A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x)
or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been
found in the HTTP response body. This information might be helpful for
further attacks targeting internal systems.</p></desc>
<instances>
<instance>
<uri>http://127.0.0.1:8761/</uri>
<method>GET</method>
<evidence>10.0.75.1</evidence>
</instance>
<instance>
<uri>http://127.0.0.1:8761</uri>
<method>GET</method>
<evidence>10.0.75.1</evidence>
</instance>
</instances>
<count>2</count>
<solution><p>Remove the private IP address from the HTTP response
body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript
comment which can be seen by client browsers.</p></solution>
<otherinfo><p>10.0.75.1</p><p></p></otherinfo>
<reference><p>https://tools.ietf.org/html/rfc1918</p>
</reference>
<cweid>200</cweid>
<wascid>13</wascid>
<sourceid>3</sourceid>
</alertitem>
</alerts>
</site>
和错误stackstrace:
Jul 01, 2017 1:22:16 PM org.apache.catalina.core.StandardWrapperValve
invoke SEVERE: Servlet.service() for servlet [Jersey Web Application] in context with path [/EventService02] threw exception
javax.persistence.RollbackException: java.lang.IllegalStateException:
During synchronization a new object was found through a relationship that
was not marked cascade PERSIST: Instances [id=0, instance=[Instance [id=0,
uri=http://localhost:8761/, method=GET, evidence=null, param=X-XSS-
Protection, attack=null, instances=null], Instance [id=0,
uri=http://localhost:8761/lastn, method=GET, evidence=null, param=X-XSS-
Protection, attack=null, instances=null]]]. at org.eclipse.persistence.internal.jpa.transaction.EntityTransactionImpl.commit(En tityTransactionImpl.java:159)