springboot中的filter
第一种情况,自定义的filter
方式1
1.实现javax.servlet.Filter
2.重写init,doFilter,destory方法
3.添加component注解
package com.warofcode.securitydemo.filter;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import java.io.IOException;
@Component
public class MyFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println(" myfilter init");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("myfilter execute");
}
@Override
public void destroy() {
System.out.println("myfilter destroy");
}
}
方式2
1.实现javax.servlet.Filter
2添加webfilter注解,可以设定过滤的路径
3在配置类加上注解@ServletComponentScan
1.编写过滤器代码
package com.mrsaber.security;
import org.springframework.core.annotation.Order;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@Order(1)
@WebFilter(filterName = "MSecurity",urlPatterns = {"*.html"})
public class MSecurityFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response= (HttpServletResponse) servletResponse;
System.out.println(request.getRequestURI());
//检查是否是登录页面
if(request.getRequestURI().equals("/web/index.html"))
filterChain.doFilter(servletRequest,servletResponse);
//检测用户是否登录
HttpSession session =request.getSession();
String status= (String) session.getAttribute("isLogin");
if(status==null || !status.equals("true"))
{
try{ response.sendRedirect("/web/index.html");}catch (Exception e){}
}
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
说明:
重点在于两个注解!
When using an embedded container, automatic registration of
@WebServlet,@WebFilter, and@WebListenerannotated classes can be enabled using@ServletComponentScan.使用嵌入式容器时,可以使用@ServletComponentScan启用@WebServlet,@ WebFilter和@WebListener注释类的自动注册。
@ServletComponentScan will have no effect in a standalone container, where the container’s built-in discovery mechanisms will be used instead.
如果使用外置容器的话,容器的内置发现机制将会被使用,而不需要使用这条注解。
2.添加@ServletComponentScan注解
@SpringBootApplication
@ServletComponentScan(basePackages = "com.mrsaber.security")
public class MsSupplyAndSaleApplication {
public static void main(String[] args) {
SpringApplication.run(MsSupplyAndSaleApplication.class, args);
}
}