springboot中的filter
第一种情况,自定义的filter
方式1
1.实现javax.servlet.Filter
2.重写init,doFilter,destory方法
3.添加component注解
package com.warofcode.securitydemo.filter;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import java.io.IOException;
@Component
public class MyFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println(" myfilter init");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("myfilter execute");
}
@Override
public void destroy() {
System.out.println("myfilter destroy");
}
}
方式2
1.实现javax.servlet.Filter
2添加webfilter注解,可以设定过滤的路径
3在配置类加上注解@ServletComponentScan
1.编写过滤器代码
package com.mrsaber.security; import org.springframework.core.annotation.Order; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; @Order(1) @WebFilter(filterName = "MSecurity",urlPatterns = {"*.html"}) public class MSecurityFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response= (HttpServletResponse) servletResponse; System.out.println(request.getRequestURI()); //检查是否是登录页面 if(request.getRequestURI().equals("/web/index.html")) filterChain.doFilter(servletRequest,servletResponse); //检测用户是否登录 HttpSession session =request.getSession(); String status= (String) session.getAttribute("isLogin"); if(status==null || !status.equals("true")) { try{ response.sendRedirect("/web/index.html");}catch (Exception e){} } filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { } }
说明:
重点在于两个注解!
When using an embedded container, automatic registration of
@WebServlet
,@WebFilter
, and@WebListener
annotated classes can be enabled using@ServletComponentScan
.使用嵌入式容器时,可以使用@ServletComponentScan启用@WebServlet,@ WebFilter和@WebListener注释类的自动注册。
@ServletComponentScan will have no effect in a standalone container, where the container’s built-in discovery mechanisms will be used instead.
如果使用外置容器的话,容器的内置发现机制将会被使用,而不需要使用这条注解。
2.添加@ServletComponentScan注解
@SpringBootApplication @ServletComponentScan(basePackages = "com.mrsaber.security") public class MsSupplyAndSaleApplication { public static void main(String[] args) { SpringApplication.run(MsSupplyAndSaleApplication.class, args); } }