项目中会使用filters用于录调用日志、排除有XSS威胁的字符、执行权限验证等
解答:两个步骤
1实现Filter接口,实现Filter方法,代码如下
public class MyFilter implements Filter { @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; System.out.println("this is MyFilter,url :"+request.getRequestURI()); String username=request.getParameter("username"); if(username!=null && username.length()>0) { filterChain.doFilter(servletRequest, servletResponse); } } }
2 添加@Configuration注解,将自定义Filter加入过滤链 :
@Configuration public class MyConfiguration { @Bean public RemoteIpFilter remoteIpFilter() { return new RemoteIpFilter(); } @Bean public FilterRegistrationBean testFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new MyFilter()); registration.addUrlPatterns("/*"); registration.addInitParameter("paramName", "paramValue"); registration.setName("MyFilter"); registration.setOrder(1); return registration; }