Spring boot URL请求流程
ApplicationFilterChain doFilter#internalDoFilter 依次执行所有的 ApplicationFilterConfig的doFilter方法
执行完所有的filter之后会调用DispatcherServlet(FrameworkServlet).service HttpServlet.service
DispatcherServlet.doService DispatcherServlet#doDispatch RequestMappingHandlerAdapter#invokeHandlerMethod
ServletInvocableHandlerMethod#invokeAndHandle(通过url找到对应的controller的具体方法上)
spring boot filter
ApplicationFilterChain doFilter#internalDoFilter[
1 [name=characterEncodingFilter, filterClass=org.springframework.boot.web.servlet.filter.OrderedCharacterEncodingFilter],
2 [name=hiddenHttpMethodFilter, filterClass=org.springframework.boot.web.servlet.filter.OrderedHiddenHttpMethodFilter],
3 [name=formContentFilter, filterClass=org.springframework.boot.web.servlet.filter.OrderedFormContentFilter],
4 [name=requestContextFilter,
filterClass=org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter],
5 [name=springSecurityFilterChain, filterClass=org.springframework.boot.web.servlet.DelegatingFilterProxyRegistrationBean$1],
6 [name=webStatFilter, filterClass=com.alibaba.druid.support.http.WebStatFilter],
7 [name=Tomcat WebSocket (JSR356) Filter, filterClass=org.apache.tomcat.websocket.server.WsFilter]
]
5 -> FilterChainProxy doFilter#doFilterInternal
(
依次执行VirtualFilterChain的additionalFilters
0 = {WebAsyncManagerIntegrationFilter@15872}
1 = {SecurityContextPersistenceFilter@18435}
2 = {HeaderWriterFilter@18436}
3 = {CorsFilter@16274}
4 = {LogoutFilter@18437}
5 = {AuthenticationFilter@15990}
6 = {JwtLoginFilter@15979}
7 = {RequestCacheAwareFilter@18438}
8 = {SecurityContextHolderAwareRequestFilter@18439}
9 = {AnonymousAuthenticationFilter@18440}
10 = {SessionManagementFilter@16073}
11 = {ExceptionTranslationFilter@18441}
12 = {FilterSecurityInterceptor@16313} 最后对请求进行投票 beforeInvocation
org.springframework.security.access.vote.AffirmativeBased#decide 如果结果是1 则请求通过,如果结果是-1 则被拦截
)