SpringBoot-自定义Filter

前言

Filter 在我们日常开发中是经常要被使用到的，我们经常使用它来记录调用日志、预防XSS攻击，对请求信息进行检查、执行权限验证等。

实现步骤

1. 实现 Filter 接口，重写其 doFilter 方法。
2. 在标有 @Configuration 注解的配置类中，将自定义 Filter 加入过滤器链。

代码实现

1、自定义 Filter

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

public class MyFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(MyFilter.class);

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        logger.info("MyFilter executed，url：{}", request.getRequestURI());
        filterChain.doFilter(servletRequest, servletResponse);
    }
}

2、加入过滤器链

import com.xm.filter.MyFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class WebConfiguration {

    @Bean
    public FilterRegistrationBean<MyFilter> registerFilter() {
        FilterRegistrationBean<MyFilter> registrationBean = new FilterRegistrationBean<>();
        registrationBean.setFilter(new MyFilter());
        registrationBean.addUrlPatterns("/filter/*");
        registrationBean.setName("MyFilter");
        registrationBean.setOrder(1);
        return registrationBean;
    }
}

3、测试

新建一个 Controller

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("filter")
public class FilterTestController {

    @RequestMapping("test")
    public String test() {
        return "filter test!";
    }
}

启动应用，访问 http://localhost:8080/filter/test，可看到控制台打印信息。