Spring Rest API 拦截器在每个/每个请求上添加响应标头
Posted
技术标签:
【中文标题】Spring Rest API 拦截器在每个/每个请求上添加响应标头【英文标题】:Spring Rest API interceptor add response header on each/every request 【发布时间】:2017-09-19 05:35:30 【问题描述】:我正在使用基于 Spring 4 REST API 注释的配置应用程序。一旦用户通过 JWT 身份验证,我想在每个/每个请求上添加响应标头。我为如下所示创建了拦截器:
public class AuthenticateInterceptor implements HandlerInterceptor
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object object, Exception arg3)
throws Exception
response.addHeader("afterCompletion", "afterCompletion header");
response.setHeader("afterCompletion", "afterCompletion header");
System.out.println("************** afterCompletion **************");
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object object,
ModelAndView modelAndView) throws Exception
response.addHeader("postHandle", "postHandle header");
System.out.println("************** postHandle **************");
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception
System.out.println("************** preHandle **************");
return true;
我的拦截器配置如下:
@Configuration
public class AdapterConfig extends WebMvcConfigurerAdapter
@Override
public void addInterceptors(InterceptorRegistry registry)
registry.addInterceptor(new AuthenticateInterceptor());
当我收到 JSON 响应时,我无法看到从拦截器添加的附加标头值。任何人都可以帮助我解决问题以及如何从拦截器中为每个/每个请求添加标头。
【问题讨论】:
【参考方案1】:我没有成功拦截,而是使用过滤器或 WebFilter 完美工作:
@Component
public class ResponseHeaderWebFilter implements Filter
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setHeader("CustomHeaderName", "SomeValue");
chain.doFilter(request, response);
如果您使用的是 webflux 反应式组件,那么:
@Component
public class ResponseHeaderWebFilter implements WebFilter
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain)
exchange.getResponse()
.getHeaders()
.add("CustomHeaderName", "SomeValue");
return chain.filter(exchange);
【讨论】:
【参考方案2】:如果它可以帮助你,我已经这样管理它:https://***.com/a/49431665/4939245 看第二点
您可以将 each 调用的响应头放在应用程序中(这是基于 Spring 注释的):
@Component
public class Filter extends OncePerRequestFilter
....
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException
//response.addHeader("Access-Control-Allow-Origin", "*");
//response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Cache-Control", "no-store"); // HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
response.setHeader("Expires", "0"); // Proxies.
filterChain.doFilter(request, response);
希望对您有所帮助!
【讨论】:
其他问题/来源的链接可以作为额外参考,但您需要将相关信息放入您的答案中。【参考方案3】:您几乎在做同样的事情,但想给您提供实现相同目标的持续方法。请进行以下更改。
1) 在 AuthenticateInterceptor 类上添加@Component 注解。并且你包含这个类的包应该在包扫描列表中。
@Component
public class AuthenticateInterceptor implements HandlerInterceptor
...
2) 如下所示自动装配并注入 AuthenticateInterceptor 实例。
@Configuration
public class AdapterConfig extends WebMvcConfigurerAdapter
@Autowired
private AuthenticateInterceptor authenticateInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry)
registry.addInterceptor(authenticateInterceptor);
【讨论】:
以上是关于Spring Rest API 拦截器在每个/每个请求上添加响应标头的主要内容,如果未能解决你的问题,请参考以下文章
使用 Spring Security 保护 REST API
在使用spring执行rest api之前有啥方法可以验证令牌