SpringBoot-自定义Filter
前言
Filter 在我们日常开发中是经常要被使用到的,我们经常使用它来记录调用日志、预防XSS攻击,对请求信息进行检查、执行权限验证等。
实现步骤
- 实现 Filter 接口,重写其 doFilter 方法。
- 在标有 @Configuration 注解的配置类中,将自定义 Filter 加入过滤器链。
代码实现
1、自定义 Filter
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
public class MyFilter implements Filter {
private static final Logger logger = LoggerFactory.getLogger(MyFilter.class);
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
logger.info("MyFilter executed,url:{}", request.getRequestURI());
filterChain.doFilter(servletRequest, servletResponse);
}
}
2、加入过滤器链
import com.xm.filter.MyFilter;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class WebConfiguration {
@Bean
public FilterRegistrationBean<MyFilter> registerFilter() {
FilterRegistrationBean<MyFilter> registrationBean = new FilterRegistrationBean<>();
registrationBean.setFilter(new MyFilter());
registrationBean.addUrlPatterns("/filter/*");
registrationBean.setName("MyFilter");
registrationBean.setOrder(1);
return registrationBean;
}
}
3、测试
新建一个 Controller
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("filter")
public class FilterTestController {
@RequestMapping("test")
public String test() {
return "filter test!";
}
}