springboot配置过滤器示例

作者: haiyong6 | 来源:发表于2019-11-13 23:21 被阅读0次

springboot配置过滤器示例
学习计划
5.SpringBoot多环境配置
springboot后台xss防御过滤器配置示例
SpringBoot解决Shiro导致依赖注入的bean事务失效
spring boot整合mybatis
kotlin语法-SpringBoot配置web.xml，Ser
阿里二面：SpringBoot如何配置自动/手动方式集成CAS单
SpringBoot集成Jedis(二)
CAS-5.3单点登录/退出客户端搭建(Springboot)

配置过滤器需要两步，在普通的ssm web项目中配置web.xml和写一个filter类，在springboot中也是一样的思路，只是在application启动类里通过org.springframework.boot.web.servlet.FilterRegistrationBean加入拦截注册代码配置和写一个filter类

application启动类配置

@Bean
    public FilterRegistrationBean myFilterRegistration() {
        FilterRegistrationBean regist = new FilterRegistrationBean(new LoginProcessFilter());
        // 过滤全部请求
        regist.addUrlPatterns("/*");//过滤url
        regist.setOrder(1);//过滤器顺序
        return regist;
    }

@Bean
    public FilterRegistrationBean filterRegistrationBean() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        StrutsPrepareAndExecuteFilter struts = new StrutsPrepareAndExecuteFilter();
        filterRegistrationBean.setFilter(struts);
        filterRegistrationBean.setOrder(2);
        return filterRegistrationBean;
    }

如上实例中配置了两个过滤器，一个是控制登录的LoginProcessFilter过滤器，一个是struts的默认过滤器，可以控制每个过滤器的url和过滤顺序等配置。

LoginProcessFilter.java

package cn.ways.gtids.sys.filter;
import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import cn.ways.gtids.common.provider.vo.UserInfoVo;



public class LoginProcessFilter implements Filter {

    public static final String NO_INTERCEPTOR_PATH = ".*/((.css)|(.js)|(images)|(login.jsp)|(loginPage.do)|(login.do)|(anon)).*";

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        // TODO Auto-generated method stub
        
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest req =(HttpServletRequest) request;
        HttpServletResponse res =(HttpServletResponse) response;
        String path = req.getServletPath();
        //System.out.println("path==" + path);
        if (path.matches(NO_INTERCEPTOR_PATH)) {
           // System.out.println("passUrl==" + path);
            // 不需要的拦截直接过
            chain.doFilter(request, response);
        } else {
            // 这写你拦截需要干的事儿，比如取缓存，SESSION，权限判断等
            UserInfoVo userInfoVo = (UserInfoVo)req.getSession().getAttribute("user");
            if (userInfoVo==null) {
                res.sendRedirect("/loginPage.do");//跳转登录页面
                return;
            }else {
                if("/".equals(path)) {//登录之后访问根目录要放行跳转mainMenu.jsp
                    res.sendRedirect("/login.do");//跳转登录成功页面
                } else {
                   // System.out.println("passUrlHasSession==" + path);
                    chain.doFilter(request, response);
                }
            }
//          res.sendRedirect("www.baidu.com");
            
        }
    }

    @Override
    public void destroy() {
    }

}