SpringBoot 实战，自定义 Filter 优雅获取请求参数和响应结果

最新推荐文章于 2024-08-09 15:28:36 发布

2401_85358270

最新推荐文章于 2024-08-09 15:28:36 发布

阅读量2.1k

点赞数 36

文章标签： spring boot 后端 java

本文链接：https://blog.csdn.net/2401_85358270/article/details/140481595

版权

有一定经验的都知道，如果我们在Filter中读取了HttpServletRequest或者HttpServletResponse的流，就没有办法再次读取了，这样就会造成请求异常。所以，我们需要借助 Spring 提供的ContentCachingRequestWrapper和ContentCachingRequestWrapper实现数据流的重复读取。

定义 Filter

通常来说，我们自定义的Filter是实现Filter接口，然后写一些逻辑，但是既然是在 Spring 中，那就借助 Spring 的一些特性。在我们的实现中，要继承OncePerRequestFilter实现我们的自定义实现。

从类名上推断，OncePerRequestFilter是每次请求只执行一次，但是，难道Filter在一次请求中还会执行多次吗？Spring 官方也是给出定义这个类的原因：

Filter base class that aims to guarantee a single execution per request dispatch, on any servlet container. It provides a doFilterInternal(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.FilterChain) method with HttpServletRequest and HttpServletResponse arguments.

As of Servlet 3.0, a filter may be invoked as part of a REQUEST or ASYNC dispatches that occur in separate threads. A filter can be configured in web.xml whether it should be involved in async dispatches. However, in some cases servlet containers assume different default configuration. Therefore sub-classes can override the method shouldNotFilterAsyncDispatch() to declare statically if they should indeed be invoked, once, during both types of dispatches in order to provide thread initialization, logging, security, and so on. This mechanism complements and does not replace the need to configure a filter in web.xml with dispatcher types.

Subclasses may use isAsyncDispatch(HttpServletRequest) to determine when a filter is invoked as part of an async dispatch, and use isAsyncStarted(HttpServletRequest) to determine when the request has been placed in async mode and therefore the current dispatch won’t be the last one for the given request.

Yet another dispatch type that also occurs in its own thread is ERROR. Subclasses can override shouldNotFilterErrorDispatch() if they wish to declare statically if they should be invoked once during error dispatches.

也就是说，Spring 是为了兼容不同的 Web 容器，所以定义了只会执行一次的OncePerRequestFilter。

接下来开始定义我们的Filter类：

public class AccessLogFilter extends OncePerRequestFilter {

//… 这里有一些必要的属性

@Override

protected void doFilterInternal(final HttpServletRequest request,

final HttpServletResponse response,

final FilterChain filterChain)

throws ServletException, IOException {

// 如果是被排除的 uri，不记录 access_log

if (matchExclude(request.getRequestURI())) {

filterChain.doFilter(request, response);

return;

}

final String requestMethod = request.getMethod();

final boolean shouldWrapMethod = StringUtils.equalsIgnoreCase(requestMethod, HttpMethod.PUT.name())

|| StringUtils.equalsIgnoreCase(requestMethod, HttpMethod.POST.name());

final boolean isFirstRequest = !isAsyncDispatch(request);

final boolean shouldWrapRequest = isFirstRequest && !(request instanceof ContentCachingRequestWrapper) && shouldWrapMethod;

final HttpServletRequest requestToUse = shouldWrapRequest ? new ContentCachingRequestWrapper(request) : request;

final boolean shouldWrapResponse = !(response instanceof ContentCachingResponseWrapper) && shouldWrapMethod;

final HttpServletResponse responseToUse = shouldWrapResponse ? new ContentCachingResponseWrapper(response) : response;

final long startTime = System.currentTimeMillis();

Throwable t = null;

try {

filterChain.doFilter(requestToUse, responseToUse);

} catch (Exception e) {

t = e;

throw e;

} finally {

doSaveAccessLog(requestToUse, responseToUse, System.currentTimeMillis() - startTime, t);

}

// … 这里是一些必要的方法

这段代码就是整个逻辑的核心所在，其他的内容从源码中找到。

分析

–

这个代码中，整体的逻辑没有特别复杂的地方，只需要注意几个关键点就可以了。

默认的HttpServletRequest和HttpServletResponse中的流被读取一次之后，再次读取会失败，所以要使用ContentCachingRequestWrapper和ContentCachingResponseWrapper进行包装，实现重复读取。
既然我们可以自定义Filter，那我们依赖的组件中也可能会自定义Filter，更有可能已经对请求和响应对象进行过封装，所以，一定要先进行一步判断。也就是request instanceof ContentCachingRequestWrapper和response instanceof ContentCachingResponseWrapper。