SpringBoot项目过滤器filter

​ Filter是在Servlet 2.3之后增加的新功能,当需要限制用户访问某些资源或者在处理请求时提前处理某些资源的时候,就可以使用过滤器完成。Filter 过滤器主要是用来过滤用户请求的,它允许我们对用户请求进行前置处理和后置处理,比如实现 URL 级别的权限控制、过滤非法请求等等。

​ 过滤器是以一种组件的形式绑定到WEB应用程序当中的,与其他的WEB应用程序组件不同的是,过滤器是采用了“链”的方式进行处理的。

自定义filter需要经过以下几步:

  • 实现javax.servlet.Filter接口
  • 实现init方法,读取过滤器的初始化参数
  • 实现doFilter方法,完成对请求或响应的过滤
  • 调用FilterChain接口对象的doFilter方法,向后续的过滤器传递请求或响应(链式)
1
2
3
4
5
6
7
8
9
10
11
12
13
// javax.servlet.Filter接口
public interface Filter {
    //初始化过滤器后执行的操作
    default void init(FilterConfig filterConfig) throws ServletException {
    }
    
    // 对请求进行过滤
    void doFilter(ServletRequest var1, ServletResponse var2, FilterChain var3) throws IOException, ServletException;
    
    // 销毁过滤器后执行的操作,主要用户对某些资源的回收
    default void destroy() {
    }
}

1. 自定义filter

这里定义了两个filter,分别是FilterA和FilterB。

FilterA

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
@Component
public class FilterA implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println("初始化过滤器A: " + filterConfig.getFilterName());
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("过滤器A开始执行");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        System.out.println("请求uri为:" + request.getRequestURI());
        // 调用FilterChain接口对象的doFilter方法,向后续的过滤器传递请求或响应(链式)
        filterChain.doFilter(servletRequest, servletResponse);
        // 上面的doFilter方法执行结束后用户的请求已经返回
        System.out.println("过滤器A处理结束");
    }

    @Override
    public void destroy() {
        System.out.println("过滤器A已被销毁");
    }
}

FilterB

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
@Component
public class FilterB implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println("初始化过滤器B: " + filterConfig.getFilterName());
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("过滤器B开始执行");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        System.out.println("请求uri为:" + request.getRequestURI());
        // 调用FilterChain接口对象的doFilter方法,向后续的过滤器传递请求或响应(链式)
        filterChain.doFilter(servletRequest, servletResponse);
        // 上面的doFilter方法执行结束后用户的请求已经返回
        System.out.println("过滤器B处理结束");
    }

    @Override
    public void destroy() {
        System.out.println("过滤器B已被销毁");
    }
}

2. 配置过滤器,确定执行顺序,过滤URI

filterRegistrationBean.setOrder(1);确定两个过滤器的执行顺序。

FilterA过滤"/user/*", "/department/getAllDepartment"

FilterB过滤"/user/*", "/department/geDepartmenttById"

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
@Configuration
public class FilterConfig {
    @Autowired
    FilterA filterA;

    @Autowired
    FilterB filterB;

    @Bean
    public FilterRegistrationBean<FilterA> setUpMyFilter() {
        FilterRegistrationBean<FilterA> filterRegistrationBean = new FilterRegistrationBean<>();
        // 过滤器顺序,这里是第一个
        filterRegistrationBean.setOrder(1);
        // 注册filterA
        filterRegistrationBean.setFilter(filterA);
        // 设置过滤uri
        filterRegistrationBean.setUrlPatterns(new ArrayList<>(Arrays.asList("/user/*", "/department/getAllDepartment")));
        return filterRegistrationBean;
    }

    @Bean
    public FilterRegistrationBean<FilterB> setUpMyFilter2() {
        FilterRegistrationBean<FilterB> filterRegistrationBean = new FilterRegistrationBean<>();
        // 过滤器顺序,这里是第二个
        filterRegistrationBean.setOrder(2);
        // 注册filterB
        filterRegistrationBean.setFilter(filterB);
        // 设置过滤uri
        filterRegistrationBean.setUrlPatterns(new ArrayList<>(Arrays.asList("/user/*", "/department/geDepartmenttById")));
        return filterRegistrationBean;
    }
}

3. 注解形式配置过滤器

此时不再需要编写2中的配置类了,直接由注解进行配置。其中,@Order(1)配置过滤器顺序,@WebFilter

FilterA

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
@Order(1)
@WebFilter(filterName = "filterA", urlPatterns = {"/user/*", "/department/getAllDepartment"})
public class FilterA implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println("初始化过滤器A: " + filterConfig.getFilterName());
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("过滤器A开始执行");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        System.out.println("请求uri为:" + request.getRequestURI());
        // 调用FilterChain接口对象的doFilter方法,向后续的过滤器传递请求或响应(链式)
        filterChain.doFilter(servletRequest, servletResponse);
        // 上面的doFilter方法执行结束后用户的请求已经返回
        System.out.println("过滤器A处理结束");
    }

    @Override
    public void destroy() {
        System.out.println("过滤器A已被销毁");
    }
}

FilterB

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
@Order(2)
@WebFilter(filterName = "filterB", urlPatterns = {"/user/*", "/department/geDepartmenttById"})
public class FilterB implements Filter {

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println("初始化过滤器B: " + filterConfig.getFilterName());
    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("过滤器B开始执行");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        System.out.println("请求uri为:" + request.getRequestURI());
        // 调用FilterChain接口对象的doFilter方法,向后续的过滤器传递请求或响应(链式)
        filterChain.doFilter(servletRequest, servletResponse);
        // 上面的doFilter方法执行结束后用户的请求已经返回
        System.out.println("过滤器B处理结束");
    }

    @Override
    public void destroy() {
        System.out.println("过滤器B已被销毁");
    }
}

最后,需要在启动类上加上 @ServletComponentScan 注解

1
2
3
4
5
6
7
8
9
@ServletComponentScan
@SpringBootApplication
public class SpringbootfilterannoApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringbootfilterannoApplication.class, args);
    }

}

4. Controller

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
@RestController
public class TestFilterController {

    @GetMapping("/user/getAllUsers")
    public String getAllUsers() {
        System.out.println("获取所有User");
        return "allUser";
    }

    @GetMapping("/department/getAllDepartment")
    public void getAllDepartment() {
        System.out.println("获取所有Department");
    }

    @GetMapping("/department/geDepartmenttById")
    public void geDepartmenttById() {
        System.out.println("根据id获取department");
    }
}

5. 运行程序,请求

启动程序后,初始化了过滤器

发起请求/user/getAllUsers,按照配置,两个过滤器都要处理这个请求

发起请求/department/getAllDepartment,FilterA执行

发起请求/department/geDepartmenttById,FilterB执行

扫一扫,分享到微信

微信分享二维码
本站总访问量 |

tag:

    缺失模块。
    1、请确保node版本大于6.2
    2、在博客根目录(注意不是yilia根目录)执行以下命令:
    npm i hexo-generator-json-content --save

    3、在根目录_config.yml里添加配置: 

      jsonContent:
    meta: false
    pages: false
    posts:
      title: true
      date: true
      path: true
      text: false
      raw: false
      content: false
      slug: false
      updated: false
      comments: false
      link: false
      permalink: false
      excerpt: false
      categories: false
      tags: true

硕士在读。乐于学习新知识、新技能,喜欢交流,喜欢分享。平时打羽毛球,看电影。期待自己的技术和能力能有不断地提升。