spring security的springSecurityFilterChain怎么初始化的

最新推荐文章于 2024-06-21 11:00:00 发布

阅读量3.1k

点赞数

分类专栏： Spring java

本文链接：https://blog.csdn.net/buyaore_wo/article/details/8113215

版权

java 同时被 2 个专栏收录

100 篇文章 0 订阅

订阅专栏

Spring

27 篇文章 0 订阅

订阅专栏

了解springSecurityFilterChain怎么初始化之前有必要先了解下　spring 的namespacehandler

http://static.springsource.org/spring/docs/2.0.x/reference/extensible-xml.html

    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

代码实现:

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
			throws ServletException, IOException {

		// Lazily initialize the delegate if necessary.
		Filter delegateToUse = null;
		synchronized (this.delegateMonitor) {
			if (this.delegate == null) {
				WebApplicationContext wac = findWebApplicationContext();
				if (wac == null) {
					throw new IllegalStateException("No WebApplicationContext found: no ContextLoaderListener registered?");
				}
				this.delegate = initDelegate(wac);
			}
			delegateToUse = this.delegate;
		}

		// Let the delegate perform the actual doFilter operation.
		invokeDelegate(delegateToUse, request, response, filterChain);
	}

	protected Filter initDelegate(WebApplicationContext wac) throws ServletException {
		Filter delegate = wac.getBean(getTargetBeanName(), Filter.class);
		if (isTargetFilterLifecycle()) {
			delegate.init(getFilterConfig());
		}
		return delegate;
	}

        //此方法在父类GenericFilterBean的init方法中调用的
        @Override
	protected void initFilterBean() throws ServletException {
		synchronized (this.delegateMonitor) {
			if (this.delegate == null) {
				// If no target bean name specified, use filter name.
				if (this.targetBeanName == null) {
　　　　　　　　　　　　　　　　　　//如果我们没有指定targetBeanName　将默认取filter的名字 即springSecurityFilterChain
					this.targetBeanName = getFilterName();
				}

				// Fetch Spring root application context and initialize the delegate early,
				// if possible. If the root application context will be started after this
				// filter proxy, we'll have to resort to lazy initialization.
				WebApplicationContext wac = findWebApplicationContext();
				if (wac != null) {
					this.delegate = initDelegate(wac);
				}
			}
		}
	}

那么springSecurityFilterChain这个bean在哪里定义的呢

spring 的namespacehander在解析http://www.springframework.org/schema/security 命名空间的http元素时创建此bean的

参考: