今天简单记录一下security执行
1. org.springframework.web.filter.DelegatingFilterProxy.doFilter()
2. org.springframework.security.web.FilterChainProxy.doFilter()
3. org.springframework.security.web.SecurityFilterChain.matches()
3.1 org.springframework.security.web.util.RequestMatcher.matches()
4 org.springframework.security.web.SecurityFilterChain.getFilters() #返回方法链
2. org.springframework.security.web.FilterChainProxy.doFilter()
3. org.springframework.security.web.SecurityFilterChain.matches()
3.1 org.springframework.security.web.util.RequestMatcher.matches()
4 org.springframework.security.web.SecurityFilterChain.getFilters() #返回方法链
5. VirtualFilterChain.doFilter() #循环执行方法链8个
5.1 org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter()
5.2 org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter()
5.3 org.springframework.security.web.session.SessionManagementFilter.doFilter()
5.x ....
6.org.springframework.web.servlet.FrameworkServlet.doGet()
7.org.springframework.web.servlet.DispatcherServlet.doDispatch()
spring security 方法链一般的写法:
if (currentPosition == size) {
return //结束
}else{
currentPosition++;
Filter nextFilter = additionalFilters.get(currentPosition - 1);
nextFilter.doFilter(request, response, this);
}