SpringBoot2整合SpringSecurity+Swagger3系列
在一章当中,已经学习到TomcatStarter在Tomcat启动过程中的关键作用 - 执行收集到的ServletContextInitializer的启动作用。其中主要包含三个,一个是在创建Tomcat的时候传入的一个匿名的ServletContextInitializer,一个是用于处理Session和Cookie的,还有一个是用于设置初始化参数的。后面两个都比较简单,本质还是属于Servlet的范畴,而第一个呢?其实第一个是非常重要的,也是将Spring容器与Servlet容器整合到一起的关键。
在前面我们知道,收集到的ServletContextInitializer都存放在initializers属性当中。在Tomcat容器启动之后,就会执行每一个收集到的ServletContextInitializer对象的onStartup方法。
for (ServletContextInitializer initializer : this.initializers) {
initializer.onStartup(servletContext);
}
此时才会真实执行上面提及到的ServletWebServerApplicationContext#selfInitialize方法了。
再回顾一下
private void selfInitialize(ServletContext servletContext) throws ServletException {
// 设置servlet容器的Spring容器属性
prepareWebApplicationContext(servletContext);
// 注册一个全局的application scope
registerApplicationScope(servletContext);
// 注册单例比如servletContext servletConfig contextParameters contextAttributes
WebApplicationContextUtils.registerEnvironmentBeans(getBeanFactory(), servletContext);
// 收集Spring当中的Servlet元素并与Sevlet容器发生关系
for (ServletContextInitializer beans : getServletContextInitializerBeans()) {
beans.onStartup(servletContext);
}
}
这里最关键的还是整合Spring当中定义的Sevlet元素(Servlet、Filter、Listener)到ServletContext当中。
/**
* Returns {@link ServletContextInitializer}s that should be used with the embedded
* web server. By default this method will first attempt to find
* {@link ServletContextInitializer}, {@link Servlet}, {@link Filter} and certain
* {@link EventListener} beans.
* @return the servlet initializer beans
*/
protected Collection<ServletContextInitializer> getServletContextInitializerBeans() {
return new ServletContextInitializerBeans(getBeanFactory());
}
根据当前Spring工厂创建一个ServletContextInitializerBeans对象(其实就是收集各种Servlet元素)
@SafeVarargs
public ServletContextInitializerBeans(ListableBeanFactory beanFactory,
Class<? extends ServletContextInitializer>... initializerTypes) {
this.initializers = new LinkedMultiValueMap<>();
this.initializerTypes = (initializerTypes.length != 0) ? Arrays.asList(initializerTypes)
: Collections.singletonList(ServletContextInitializer.class);
addServletContextInitializerBeans(beanFactory);
addAdaptableBeans(beanFactory);
List<ServletContextInitializer> sortedInitializers = this.initializers.values().stream()
.flatMap((value) -> value.stream().sorted(AnnotationAwareOrderComparator.INSTANCE))
.collect(Collectors.toList());
this.sortedList = Collections.unmodifiableList(sortedInitializers);
logMappings(this.initializers);
}
addServletContextInitializerBeans
org.springframework.boot.web.servlet.ServletContextInitializerBeans#getOrderedBeansOfType(org.springframework.beans.factory.ListableBeanFactory, java.lang.Class<T>, java.util.Set<?>)
private <T> List<Entry<String, T>> getOrderedBeansOfType(ListableBeanFactory beanFactory, Class<T> type,
Set<?> excludes) {
String[] names = beanFactory.getBeanNamesForType(type, true, false);
Map<String, T> map = new LinkedHashMap<>();
for (String name : names) {
if (!excludes.contains(name) && !ScopedProxyUtils.isScopedTarget(name)) {
T bean = beanFactory.getBean(name, type);
if (!excludes.contains(bean)) {
map.put(name, bean);
}
}
}
List<Entry<String, T>> beans = new ArrayList<>();
beans.addAll(map.entrySet());
beans.sort((o1, o2) -> AnnotationAwareOrderComparator.INSTANCE.compare(o1.getValue(), o2.getValue()));
return beans;
}
获取所有ServletContextInitializer类型的Bean名称,然后获取Bean,排序并返回。结果如下
接下来在addServletContextInitializerBeans方法中遍历以上的结果,并根据类型(Servlet、Filter、ServletContextInitializer等类型)进行分组
private void addServletContextInitializerBean(String beanName, ServletContextInitializer initializer,
ListableBeanFactory beanFactory) {
if (initializer instanceof ServletRegistrationBean) {
Servlet source = ((ServletRegistrationBean<?>) initializer).getServlet();
addServletContextInitializerBean(Servlet.class, beanName, initializer, beanFactory, source);
}
else if (initializer instanceof FilterRegistrationBean) {
Filter source = ((FilterRegistrationBean<?>) initializer).getFilter();
addServletContextInitializerBean(Filter.class, beanName, initializer, beanFactory, source);
}
else if (initializer instanceof DelegatingFilterProxyRegistrationBean) {
String source = ((DelegatingFilterProxyRegistrationBean) initializer).getTargetBeanName();
addServletContextInitializerBean(Filter.class, beanName, initializer, beanFactory, source);
}
else if (initializer instanceof ServletListenerRegistrationBean) {
EventListener source = ((ServletListenerRegistrationBean<?>) initializer).getListener();
addServletContextInitializerBean(EventListener.class, beanName, initializer, beanFactory, source);
}
else {
addServletContextInitializerBean(ServletContextInitializer.class, beanName, initializer, beanFactory,
initializer);
}
}
分组的结果如下,有两个Filter(分别为监控、安全),一个Servlet(DispatchServlet)和一个Servlet上下文初始器(用于actuator)。
- dispatcherServletRegistration
配置Spring Boot的SERVLET环境
org.springframework.boot.autoconfigure.web.servlet.DispatcherServletAutoConfiguration.DispatcherServletRegistrationConfiguration#dispatcherServletRegistration
@Bean(name = DEFAULT_DISPATCHER_SERVLET_REGISTRATION_BEAN_NAME)
@ConditionalOnBean(value = DispatcherServlet.class, name = DEFAULT_DISPATCHER_SERVLET_BEAN_NAME)
public DispatcherServletRegistrationBean dispatcherServletRegistration(DispatcherServlet dispatcherServlet) {
DispatcherServletRegistrationBean registration = new DispatcherServletRegistrationBean(dispatcherServlet,
this.webMvcProperties.getServlet().getPath());
registration.setName(DEFAULT_DISPATCHER_SERVLET_BEAN_NAME);
registration.setLoadOnStartup(this.webMvcProperties.getServlet().getLoadOnStartup());
if (this.multipartConfig != null) {
registration.setMultipartConfig(this.multipartConfig);
}
return registration;
}
从上面bean的定义不难看出,DispatcherServletRegistrationBean与DispatcherServlet有很大的关系,所以创建的时候需要注入DispatcherServlet。而从继承结构看,这个类最终继承自RegistrationBean这个类。而这个类的主要目的是用于Servlet 3.0相关Bean的注册的,其实就是将Servlet相关的元素整合到Spring当中。比如Filter、Listener,下面的几个Bean其实都是这个逻辑。首先在RegistrationBean当中存在如下这个抽象方法
/**
* Register this bean with the servlet context.
* @param description a description of the item being registered
* @param servletContext the servlet context
*/
protected abstract void register(String description, ServletContext servletContext);
这个方法是由子类来实现,调用则是在onStartup方法当中。
@Override
public final void onStartup(ServletContext servletContext) throws ServletException {
String description = getDescription();
if (!isEnabled()) {
logger.info(StringUtils.capitalize(description) + " was not registered (disabled)");
return;
}
register(description, servletContext);
}
这个方法会在Servlet容器启动初始化的时候进行调用,然后将servletContext传入进来,得到了servletContext之后,就可以进行Servlet、Filter等元素的注册了。
比如ServletRegistrationBean#addRegistration注册Servlet
@Override
protected ServletRegistration.Dynamic addRegistration(String description, ServletContext servletContext) {
String name = getServletName();
return servletContext.addServlet(name, this.servlet);
}
回到DispatcherServletRegistrationBean这个Bean上面,在实例化的时候将DispatcherServlet进行包装
/**
* Create a new {@link ServletRegistrationBean} instance with the specified
* {@link Servlet} and URL mappings.
* @param servlet the servlet being mapped
* @param alwaysMapUrl if omitted URL mappings should be replaced with '/*'
* @param urlMappings the URLs being mapped
*/
public ServletRegistrationBean(T servlet, boolean alwaysMapUrl, String... urlMappings) {
Assert.notNull(servlet, "Servlet must not be null");
Assert.notNull(urlMappings, "UrlMappings must not be null");
this.servlet = servlet;
this.alwaysMapUrl = alwaysMapUrl;
this.urlMappings.addAll(Arrays.asList(urlMappings));
}
然后在Servlet容器初始化的时候再回调方法将DispatcherServlet注册到Servlet容器当中。还有一些Servlet相关的配置信息通过WebMvcProperties来配置了。
Spring Boot和Spring MVC有一个很大的不同点就在于Servlet容器与Spring容器的启动先后顺序不同。Spring Boot通过将Servlt容器的初始化放在Spring容器刷新过程中(Bean注册和所有非懒加载Bean初始化中间)保证了Servlet 3.0的一些组件(Servlet、Filter等)可以先放到Spring容器中,然后再注册到Servlet容器中,达到整合Spring容器和Servlet容器的目的。
- webMvcMetricsFilter
来源包:spring-boot-actuator-autoconfigure(性能监控)
来源类:org.springframework.boot.actuate.autoconfigure.metrics.web.servlet.WebMvcMetricsAutoConfiguration
@Bean
public FilterRegistrationBean<WebMvcMetricsFilter> webMvcMetricsFilter(MeterRegistry registry,
WebMvcTagsProvider tagsProvider) {
Server serverProperties = this.properties.getWeb().getServer();
WebMvcMetricsFilter filter = new WebMvcMetricsFilter(registry, tagsProvider,
serverProperties.getRequestsMetricName(), serverProperties.isAutoTimeRequests());
FilterRegistrationBean<WebMvcMetricsFilter> registration = new FilterRegistrationBean<>(filter);
registration.setOrder(Ordered.HIGHEST_PRECEDENCE + 1);
registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);
return registration;
}
- securityFilterChainRegistration
来源包:spring-boot-autoconfigure(认证授权)
来源类:org.springframework.boot.autoconfigure.security.servlet.SecurityFilterAutoConfiguration
Auto-configuration for Spring Security’s Filter. Configured separately from SpringBootWebSecurityConfiguration to ensure that the filter’s order is still configured when a user-provided WebSecurityConfiguration exists.
@Bean
@ConditionalOnBean(name = DEFAULT_FILTER_NAME)
public DelegatingFilterProxyRegistrationBean securityFilterChainRegistration(
SecurityProperties securityProperties) {
DelegatingFilterProxyRegistrationBean registration = new DelegatingFilterProxyRegistrationBean(
DEFAULT_FILTER_NAME);
registration.setOrder(securityProperties.getFilter().getOrder());
registration.setDispatcherTypes(getDispatcherTypes(securityProperties));
return registration;
}
创建Bean的过程首先会实例化一个DelegatingFilterProxyRegistrationBean对象,这里并没有复杂的逻辑不过是设置targetBeanName为springSecurityFilterChain。
然后根据securityProperties设置属性,包括顺序、收集分派类型。
private EnumSet<DispatcherType> getDispatcherTypes(SecurityProperties securityProperties) {
if (securityProperties.getFilter().getDispatcherTypes() == null) {
return null;
}
return securityProperties.getFilter().getDispatcherTypes().stream()
.map((type) -> DispatcherType.valueOf(type.name()))
.collect(Collectors.collectingAndThen(Collectors.toSet(), EnumSet::copyOf));
}
创建流、收集、然后转为EnumSet.实例化对象如下所示
然后这个类又实现了ApplicationContextAware接口,所以在Bean初始化阶段又会进入到setApplicationContext方法当中。
@Override
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
this.applicationContext = applicationContext;
}
这里的逻辑比较简单,仅仅是设置了Spring上下文对象。
这个对象在Servlet容器的初始化过程中会获取对应的Filter,对应的一个代理DelegatingFilterProxy
。
@Override
public final void onStartup(ServletContext servletContext) throws ServletException {
String description = getDescription();
if (!isEnabled()) {
logger.info(StringUtils.capitalize(description) + " was not registered (disabled)");
return;
}
register(description, servletContext);
}
@Override
protected String getDescription() {
Filter filter = getFilter();
Assert.notNull(filter, "Filter must not be null");
return "filter " + getOrDeduceName(filter);
}
@Override
public DelegatingFilterProxy getFilter() {
return new DelegatingFilterProxy(this.targetBeanName, getWebApplicationContext()) {
@Override
protected void initFilterBean() throws ServletException {
// Don't initialize filter bean on init()
}
};
}
根据前面设置的目标Bean名称和容器创建DelegatingFilterProxy对象
/**
* Create a new {@code DelegatingFilterProxy} that will retrieve the named target
* bean from the given Spring {@code WebApplicationContext}.
* <p>For use in Servlet 3.0+ environments where instance-based registration of
* filters is supported.
* <p>The target bean must implement the standard Servlet Filter interface.
* <p>The given {@code WebApplicationContext} may or may not be refreshed when passed
* in. If it has not, and if the context implements {@link ConfigurableApplicationContext},
* a {@link ConfigurableApplicationContext#refresh() refresh()} will be attempted before
* retrieving the named target bean.
* <p>This proxy's {@code Environment} will be inherited from the given
* {@code WebApplicationContext}.
* @param targetBeanName name of the target filter bean in the Spring application
* context (must not be {@code null}).
* @param wac the application context from which the target filter will be retrieved;
* if {@code null}, an application context will be looked up from {@code ServletContext}
* as a fallback.
* @see #findWebApplicationContext()
* @see #setEnvironment(org.springframework.core.env.Environment)
*/
public DelegatingFilterProxy(String targetBeanName, @Nullable WebApplicationContext wac) {
Assert.hasText(targetBeanName, "Target Filter bean name must not be null or empty");
this.setTargetBeanName(targetBeanName);
// 设置容器
this.webApplicationContext = wac;
if (wac != null) {
// 设置环境
this.setEnvironment(wac.getEnvironment());
}
}
然后将这个过滤器注册到Servlet容器当中然后设置相关的参数,比如DispatcherType、UrlMappings、
org.springframework.boot.web.servlet.DynamicRegistrationBean#register
@Override
protected final void register(String description, ServletContext servletContext) {
D registration = addRegistration(description, servletContext);
if (registration == null) {
logger.info(
StringUtils.capitalize(description) + " was not registered " + "(possibly already registered?)");
return;
}
configure(registration);
}
这里有一个很奇怪的事情,就是创建DelegatingFilterProxy对象的时候将initFilterBean的实现覆盖了
而默认的实现为
@Override
protected void initFilterBean() throws ServletException {
synchronized (this.delegateMonitor) {
if (this.delegate == null) {
// If no target bean name specified, use filter name.
if (this.targetBeanName == null) {
this.targetBeanName = getFilterName();
}
// Fetch Spring root application context and initialize the delegate early,
// if possible. If the root application context will be started after this
// filter proxy, we'll have to resort to lazy initialization.
WebApplicationContext wac = findWebApplicationContext();
if (wac != null) {
this.delegate = initDelegate(wac);
}
}
}
}
Servlet容器在启动过程中,会执行Filter的初始化,然后调用这个initFilterBean方法获取真实的代理过滤器,在这里就是bean名称为springSecurityFilterChain的Bean。那么为什么现在不按照这个逻辑呢?在下一章中我们会介绍到springSecurityFilterChain这个Bean的创建过程,可以说这个Bean的创建还是非常复杂的。而且Tomcat启动之后使用的是一个守护后台线程,而主线程会继续执行Spring的refresh操作,所以会出现两个线程同时去创建这个springSecurityFilterChain的情况,最后导致冲突甚至容器启动失败。所以在这里将这个方法覆盖掉,啥也不做,而springSecurityFilterChain的创建、初始化由Spring容器去完成。至于啥时候再去设置这个代理过滤器真实的代理呢?那就是真实调用的时候
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
// Lazily initialize the delegate if necessary.
Filter delegateToUse = this.delegate;
if (delegateToUse == null) {
synchronized (this.delegateMonitor) {
delegateToUse = this.delegate;
if (delegateToUse == null) {
WebApplicationContext wac = findWebApplicationContext();
if (wac == null) {
throw new IllegalStateException("No WebApplicationContext found: " +
"no ContextLoaderListener or DispatcherServlet registered?");
}
delegateToUse = initDelegate(wac);
}
this.delegate = delegateToUse;
}
}
// Let the delegate perform the actual doFilter operation.
invokeDelegate(delegateToUse, request, response, filterChain);
}
如上面源码所示,第一次过滤器起作用的时候,会去判断delegateToUse是否存在,如果不存在则会去初始化。同样,这里也必须考虑可能同时多个请求过来,这里使用synchronized来保证线程安全。初始化代理的逻辑如下所示,通过bean名称获取Bean是很快的,所以用synchronized是很合理的。
protected Filter initDelegate(WebApplicationContext wac) throws ServletException {
String targetBeanName = getTargetBeanName();
Assert.state(targetBeanName != null, "No target bean name set");
Filter delegate = wac.getBean(targetBeanName, Filter.class);
if (isTargetFilterLifecycle()) {
delegate.init(getFilterConfig());
}
return delegate;
}
在上面源码使用DCL来保证并发安全性,所以delegate属性是需要加上volatile修饰符的。
- servletEndpointRegistrar
来源包:spring-boot-actuator-autoconfigure(性能监控)
来源类:org.springframework.boot.actuate.autoconfigure.endpoint.web.ServletEndpointManagementContextConfiguration.WebMvcServletEndpointManagementContextConfiguration
ManagementContextConfiguration for servlet endpoints.
@Configuration
@ConditionalOnClass(DispatcherServlet.class)
public static class WebMvcServletEndpointManagementContextConfiguration {
private final ApplicationContext context;
public WebMvcServletEndpointManagementContextConfiguration(ApplicationContext context) {
this.context = context;
}
@Bean
public ServletEndpointRegistrar servletEndpointRegistrar(WebEndpointProperties properties,
ServletEndpointsSupplier servletEndpointsSupplier) {
DispatcherServletPath dispatcherServletPath = this.context.getBean(DispatcherServletPath.class);
return new ServletEndpointRegistrar(dispatcherServletPath.getRelativePath(properties.getBasePath()),
servletEndpointsSupplier.getEndpoints());
}
}
比较简单吗,注册一堆的EndpointServlet
@Override
public void onStartup(ServletContext servletContext) throws ServletException {
this.servletEndpoints.forEach((servletEndpoint) -> register(servletContext, servletEndpoint));
}
private void register(ServletContext servletContext, ExposableServletEndpoint endpoint) {
String name = endpoint.getEndpointId().toLowerCaseString() + "-actuator-endpoint";
String path = this.basePath + "/" + endpoint.getRootPath();
String urlMapping = path.endsWith("/") ? path + "*" : path + "/*";
EndpointServlet endpointServlet = endpoint.getEndpointServlet();
Dynamic registration = servletContext.addServlet(name, endpointServlet.getServlet());
registration.addMapping(urlMapping);
registration.setInitParameters(endpointServlet.getInitParameters());
logger.info("Registered '" + path + "' to " + name);
}
首先是读取WebEndpointProperties类型Bean获取配置的属性,这些属性的前缀为management.endpoints.web
。接下来获取DispatcherServletPath类型的Bean。而这个实现在默认情况下为DispatcherServletRegistrationBean。其实就上面名称为dispatcherServletRegistration
的Bean。
在创建Bean的过程中主要是根据传入的basePath和servlet断点设置值而已。
比较简单,结果如下
addAdaptableBeans
protected void addAdaptableBeans(ListableBeanFactory beanFactory) {
MultipartConfigElement multipartConfig = getMultipartConfig(beanFactory);
addAsRegistrationBean(beanFactory, Servlet.class, new ServletRegistrationBeanAdapter(multipartConfig));
addAsRegistrationBean(beanFactory, Filter.class, new FilterRegistrationBeanAdapter());
for (Class<?> listenerType : ServletListenerRegistrationBean.getSupportedTypes()) {
addAsRegistrationBean(beanFactory, EventListener.class, (Class<EventListener>) listenerType,
new ServletListenerRegistrationBeanAdapter());
}
}
接下来从容器中获取MultipartConfigElement类型Bean,主要是用于文件上传的配置信息。
然后再次到容器中获取Servlet和Filter,前者只有DispatchServlet(已经处理过了),后者还有其他的一些配置,比如以下这些都是系统默认需要的。
比如characterEncodingFilter在Spring中定义如下
@Configuration
@EnableConfigurationProperties(HttpProperties.class)
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
@ConditionalOnClass(CharacterEncodingFilter.class)
@ConditionalOnProperty(prefix = "spring.http.encoding", value = "enabled", matchIfMissing = true)
public class HttpEncodingAutoConfiguration {
private final HttpProperties.Encoding properties;
public HttpEncodingAutoConfiguration(HttpProperties properties) {
this.properties = properties.getEncoding();
}
@Bean
@ConditionalOnMissingBean
public CharacterEncodingFilter characterEncodingFilter() {
CharacterEncodingFilter filter = new OrderedCharacterEncodingFilter();
filter.setEncoding(this.properties.getCharset().name());
filter.setForceRequestEncoding(this.properties.shouldForce(Type.REQUEST));
filter.setForceResponseEncoding(this.properties.shouldForce(Type.RESPONSE));
return filter;
}
...
}
类似的hiddenHttpMethodFilter和formContentFilter
@Configuration
@ConditionalOnWebApplication(type = Type.SERVLET)
@ConditionalOnClass({ Servlet.class, DispatcherServlet.class, WebMvcConfigurer.class })
@ConditionalOnMissingBean(WebMvcConfigurationSupport.class)
@AutoConfigureOrder(Ordered.HIGHEST_PRECEDENCE + 10)
@AutoConfigureAfter({ DispatcherServletAutoConfiguration.class, TaskExecutionAutoConfiguration.class,
ValidationAutoConfiguration.class })
public class WebMvcAutoConfiguration {
public static final String DEFAULT_PREFIX = "";
public static final String DEFAULT_SUFFIX = "";
private static final String[] SERVLET_LOCATIONS = { "/" };
@Bean
@ConditionalOnMissingBean(HiddenHttpMethodFilter.class)
@ConditionalOnProperty(prefix = "spring.mvc.hiddenmethod.filter", name = "enabled", matchIfMissing = true)
public OrderedHiddenHttpMethodFilter hiddenHttpMethodFilter() {
return new OrderedHiddenHttpMethodFilter();
}
@Bean
@ConditionalOnMissingBean(FormContentFilter.class)
@ConditionalOnProperty(prefix = "spring.mvc.formcontent.filter", name = "enabled", matchIfMissing = true)
public OrderedFormContentFilter formContentFilter() {
return new OrderedFormContentFilter();
}
接下来还会考虑加载EventListener类型Bean.
其中SUPPORTED_TYPES在类加载的时候添加的,这些都属于Servlet规范了。
public class ServletListenerRegistrationBean<T extends EventListener> extends RegistrationBean {
private static final Set<Class<?>> SUPPORTED_TYPES;
static {
Set<Class<?>> types = new HashSet<>();
types.add(ServletContextAttributeListener.class);
types.add(ServletRequestListener.class);
types.add(ServletRequestAttributeListener.class);
types.add(HttpSessionAttributeListener.class);
types.add(HttpSessionListener.class);
types.add(ServletContextListener.class);
SUPPORTED_TYPES = Collections.unmodifiableSet(types);
}
...
}
通过以上步骤,收集到的Servlet元素如下所示
接下来通过流处理(针对每一个map的条目值排序然后通过flatMap转给一个流收集为列表)为列表,然后转为不可修改列表设置为对象属性,并根据日志级别打印日志(org.springframework.boot.web.servlet.ServletContextInitializerBeans为Debug级别)。
List<ServletContextInitializer> sortedInitializers = this.initializers.values()
.stream()
.flatMap((value) -> value.stream().sorted(AnnotationAwareOrderComparator.INSTANCE))
.collect(Collectors.toList());
this.sortedList = Collections.unmodifiableList(sortedInitializers);
logMappings(this.initializers);
最后再回过头来看一下ServletContextInitializerBeans这个类的类型。
竟然是一个集合,而针对这个集合的迭代就是迭代上面获取的排序好的列表。
@Override
public Iterator<ServletContextInitializer> iterator() {
return this.sortedList.iterator();
}
@Override
public int size() {
return this.sortedList.size();
}