省略前端密钥加密处理...
import org.springframework.http.HttpMethod;
import org.springframework.lang.Nullable;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class SignInPasswordDecryptionFilter extends OncePerRequestFilter {
private static final AntPathRequestMatcher DEFAULT_ANT_PATH_REQUEST_MATCHER = new AntPathRequestMatcher("/login", HttpMethod.POST.name());
@Override
protected void doFilterInternal(
HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
if (DEFAULT_ANT_PATH_REQUEST_MATCHER.matcher(request).isMatch()) {
filterChain.doFilter(new FormContentRequestWrapper(request), response);
} else {
filterChain.doFilter(request, response);
}
}
private static class FormContentRequestWrapper extends HttpServletRequestWrapper {
public FormContentRequestWrapper(HttpServletRequest request) {
super(request);
}
@Override
@Nullable
public String getParameter(String name) {
String queryStringValue = super.getParameter(name);
if (UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY.equals(name)) {
// 解密操作
queryStringValue = "123456";
}
return queryStringValue;
}
}
}
http.addFilterBefore(new SignInPasswordDecryptionFilter(), UsernamePasswordAuthenticationFilter.class);