过滤器:
过滤器依赖servlet容器,在spring boot中添加自己的Servlet有两种方法,代码注册Servlet和注解自动注册(Filter和Listener也是如此)。
一、代码注册通过ServletRegistrationBean、 FilterRegistrationBean 和 ServletListenerRegistrationBean 获得控制。
也可以通过实现 ServletContextInitializer 接口直接注册。
二、在 SpringBootApplication 上使用@ServletComponentScan 注解后,Servlet、Filter、Listener 可以直接通过 @WebServlet、@WebFilter、@WebListener 注解自动注册,无需其他代码。
基于注解注册:(编写自定义过滤器然后在springboot主类加上@ServletComponentScan)
package com.yc.filter;
import com.yc.util.SessionAttributeKey;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
@WebFilter(filterName = "LoginFilter", urlPatterns = {"/*"})
public class LoginFilter implements Filter {
private static String mainPage = "/";
/**
* 封装,不需要过滤的list列表
*/
protected static List<Pattern> patterns = new ArrayList<Pattern>();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
patterns.add(Pattern.compile("/"));
patterns.add(Pattern.compile("/swagger-ui.html"));
patterns.add(Pattern.compile("/login"));
patterns.add(Pattern.compile("/toyc.action"));
patterns.add(Pattern.compile("back/user/login.action"));
patterns.add(Pattern.compile("front/index.action"));
patterns.add(Pattern.compile("front/content.action"));
patterns.add(Pattern.compile("front/login.action"));
patterns.add(Pattern.compile("front/reg.action"));
patterns.add(Pattern.compile("front/fatie.action"));
patterns.add(Pattern.compile("front/bankuai.action"));
patterns.add(Pattern.compile("back/huifu/findAllHuifu.action"));
patterns.add(Pattern.compile("back/huifu/addHuifu.action"));
patterns.add(Pattern.compile("back/bankuai/findAllBankuai.action"));
patterns.add(Pattern.compile("back/tiezi/findAllTiezi.action"));
patterns.add(Pattern.compile("ueditor/third-party/zeroclipboard/ZeroClipboard.swf"));
patterns.add(Pattern.compile("ueditor/dialogs/emotion/emotion.html"));
patterns.add(Pattern.compile("ueditor/dialogs/image/image.html"));
patterns.add(Pattern.compile("back/user/sendEmail.action"));
patterns.add(Pattern.compile("back/user/regUser.action"));
patterns.add(Pattern.compile("back/user/logins.action"));
patterns.add(Pattern.compile(".*\\.[(js)||(css)||(png)||(ico)||(jpg)||(gif)||(xls)||(pdf)||(doc)]+"));
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
String url = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());
if (url.startsWith("/") && url.length() > 1) {
url = url.substring(1);
}
if (isInclude(url)) {
chain.doFilter(httpRequest, httpResponse);
return;
} else {
HttpSession session = httpRequest.getSession();
if (session.getAttribute(SessionAttributeKey.LOGIN_ADMIN) != null) {
// session存在
chain.doFilter(httpRequest, httpResponse);
return;
} else {
// session不存在 准备跳转失败
String path = httpRequest.getScheme() + "://" + httpRequest.getServerName() + ":" + httpRequest.getServerPort() + httpRequest.getContextPath();
httpResponse.getWriter().print("<script>location.href='" + path + mainPage + "'</script>");
return;
}
}
}
@Override
public void destroy() {
}
/**
* 是否需要过滤
*
* @param url
* @return
*/
private boolean isInclude(String url) {
for (Pattern pattern : patterns) {
Matcher matcher = pattern.matcher(url);
if (matcher.matches()) {
return true;
}
}
return false;
}
}
基于代码注册:
import org.slf4j.LoggerFactory;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* Created by mazhenhua on 2016/12/27.
*
* 过滤器
*/
public class SessionFilter implements Filter {
private static final org.slf4j.Logger logger = LoggerFactory.getLogger(SessionFilter.class);
/**
* 封装,不需要过滤的list列表
*/
protected static List<Pattern> patterns = new ArrayList<Pattern>();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
logger.info("aaaaaaaaaa");
String url = httpRequest.getRequestURI().substring(httpRequest.getContextPath().length());
if (url.startsWith("/") && url.length() > 1) {
url = url.substring(1);
}
if (isInclude(url)){
chain.doFilter(httpRequest, httpResponse);
return;
} else {
HttpSession session = httpRequest.getSession();
if (session.getAttribute("") != null){
// session存在
chain.doFilter(httpRequest, httpResponse);
return;
} else {
// session不存在 准备跳转失败
/* RequestDispatcher dispatcher = request.getRequestDispatcher(path);
dispatcher.forward(request, response);*/
chain.doFilter(httpRequest, httpResponse);
return;
}
}
}
@Override
public void destroy() {
}
/**
* 是否需要过滤
* @param url
* @return
*/
private boolean isInclude(String url) {
for (Pattern pattern : patterns) {
Matcher matcher = pattern.matcher(url);
if (matcher.matches()) {
return true;
}
}
return false;
}
}
/**
* 配置过滤器 如果有多个可以通过order属性,来设置执行顺序
* @return
*/
@Bean
public FilterRegistrationBean someFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(sessionFilter());
registration.addUrlPatterns("/*");
registration.addInitParameter("paramName", "paramValue");
registration.setName("sessionFilter");
return registration;
}
/**
* 创建一个bean
* @return
*/
@Bean(name = "sessionFilter")
public Filter sessionFilter() {
return new SessionFilter();
}
拦截器:
spring拦截器分两种一种是HandlerInterceptor,一种MethodInterceptor,这里介绍前一种:
@Component
public class LoginInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
return false;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
}
}
@Configuration
public class LoginConfigurtion extends WebMvcConfigurerAdapter{
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new LoginInterceptor())
.addPathPatterns("/*")
.excludePathPatterns("/user/login");
}
}
不过springboot2.0和spring5.0就废弃了WebMvcConfigurerAdapter,目前解决方法有两种:
1. 直接实现WebMvcConfigurer(官方推荐)
2. 继承WebMvcConfiguractionSupport