spring boot 自定义过滤器链

Posted 人艰不拆_zmc

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了spring boot 自定义过滤器链相关的知识,希望对你有一定的参考价值。

spring boot 会按照order值的大小,从大到小的顺序来依次过滤。

贴下代码:

package com.osp.ucenter;

import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.web.filter.DelegatingFilterProxy;

import com.osp.ucenter.filter.CrossDomainFilter;
import com.osp.ucenter.filter.Initfilter;
import com.osp.ucenter.filter.SecurityFilter;

@EnableAutoConfiguration
@SpringBootApplication
public class UcenterMain {

	
	
	public static void main(String[] args) {
		SpringApplication.run(UcenterMain.class, args);
	}
	
	/**
	 * 跨域处理Filter(最先执行此过滤器,避免跨域请求调用两次而执行后续的过滤器链)
	 * 
	 * @return
	 */
	@Bean
    @Order(Integer.MAX_VALUE)
	public FilterRegistrationBean crossDomainFilterRegistration() {
		FilterRegistrationBean registration = new FilterRegistrationBean();
		registration.setFilter(new CrossDomainFilter());
		registration.addUrlPatterns("/*");
		registration.setName("CrossDomainFilter");
		return registration;
	}

	/**
	 * 初始化
	 * 
	 * @return
	 */
	@Bean
	@Order(Integer.MAX_VALUE-1)
	public FilterRegistrationBean InitfilterRegistration() {
		FilterRegistrationBean registration = new FilterRegistrationBean();
		registration.setFilter(new Initfilter());
		registration.addUrlPatterns("/no");
		registration.setName("Initfilter");
		return registration;
	}

	/**
	 * 安全权限 DelegatingFilterProxy servlet容器与IOC容器关联
	 * 
	 * @return
	 */
	@Bean
	@Order(Integer.MAX_VALUE-2)
	public FilterRegistrationBean securityFilter() {
		FilterRegistrationBean registration = new FilterRegistrationBean();
		registration.setFilter(new DelegatingFilterProxy("SecurityFilter"));
		registration.addInitParameter("targetFilterLifecycle", "true");
		registration.addUrlPatterns("/*");
		return registration;
	}
	
	@Bean(name = "SecurityFilter")
	public SecurityFilter getSecurityFilter(){
		return new SecurityFilter();
	}
	 
}

  随便贴一个过滤器

package com.osp.ucenter.filter;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.Logger;
import org.springframework.web.filter.OncePerRequestFilter;

/**
 * 处理跨域的filter
 * 
 */
public class CrossDomainFilter extends OncePerRequestFilter {

	Logger logger = Logger.getLogger(CrossDomainFilter.class);
	
	@Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
		try {
			// 跨域
			String origin = request.getHeader("Origin");
			if (origin == null) {
				response.addHeader("Access-Control-Allow-Origin", "*");
			} else {
				response.addHeader("Access-Control-Allow-Origin", origin);
			}
			response.addHeader("Access-Control-Allow-Headers",
					"Origin, x-requested-with, Content-Type, Accept,X-Cookie, token");
			response.addHeader("Access-Control-Allow-Credentials", "true");
			response.addHeader("Access-Control-Allow-Methods", "GET,POST,PUT,OPTIONS,DELETE");
			if (request.getMethod().equals("OPTIONS")) {
				response.setStatus(HttpServletResponse.SC_OK);
				return;
			}
			filterChain.doFilter(request, response);
		} catch (Exception e) {
			logger.error("Exception in crossDomainFilter.doFilter", e);
			throw e;
		}
	}

	@Override
	public void destroy() {
	}

}

  

以上是关于spring boot 自定义过滤器链的主要内容,如果未能解决你的问题,请参考以下文章

在 Spring Boot 中配置 RequestContextListener

在 Spring Boot 中使用多个 WebSecurityConfigurerAdapter

添加自定义过滤器 Apache Shiro + Spring Boot

Spring Boot 自定义 JWT 过滤器不允许任何没有令牌的请求

在 Spring Cloud Gateway 的 Spring Security 过滤器链中插入自定义过滤器

Spring Boot 过滤器顺序:WebLogic 12c vs Tomcat 8