第六章 SpringBoot拦截器实战和Servlet3.0自定义Filter和Listener
06-1 深入过滤器Filter和使用Servlet3.0配置自定义Filter实战
简介:讲解SpringBoot里面Filter讲解和使用Servlet3.0配置自定义Filter实战
filter简单理解:人--->检票员(filter)---> 景点
1、SpringBoot启动默认加载的Filter
characterEncodingFilter
hiddenHttpMethodFilter
httpPutFormContentFilter
requestContextFilter
2、Filter优先级
Ordered.HIGHEST_PRECEDENCE
Ordered.LOWEST_PRECEDENCE
低位值意味着更高的优先级 Higher values are interpreted as lower priority
自定义Filter,避免和默认的Filter优先级一样,不然会冲突
注册Filter的bean FilterRegistrationBean
同模块里面有相关默认Filter
web->servlet->filter
3、自定义Filter
1)使用Servlet3.0的注解进行配置
2)启动类里面增加 @ServletComponentScan,进行扫描
3)新建一个Filter类,implements Filter,并实现对应的接口
4) @WebFilter 标记一个类为filter,被spring进行扫描
urlPatterns:拦截规则,支持正则
6)控制chain.doFilter的方法的调用,来实现是否通过放行
不放行,web应用resp.sendRedirect("/index.html");
场景:权限控制、用户登录(非前端后端分离场景)等
1、官网地址:https://docs.spring.io/spring-boot/docs/2.1.0.BUILD-SNAPSHOT/reference/htmlsingle/#boot-features-embedded-container-servlets-filters-listeners
1.Filter简介
过滤器实际上就是对web资源进行拦截,做一些处理后再交给下一个过滤器或servlet处理。通常都是用来拦截request进行处理的,也可以对返回的response进行拦截处理。大概流程图如下:
应用场景:
- 自动登录
- 统一设置编码格式
- 访问权限控制
- 敏感字符过滤等
2.SpringBoot启动默认加载的Filter
- characterEncodingFilter
- hiddenHttpMethodFilter
- httpPutFormContentFilter
- requestContextFilter
3.Filter优先级
- Ordered.HIGHEST_PRECEDENCE
- Ordered.LOWEST_PRECEDENCE
低位值意味着更高的优先级 Higher values are interpreted as lower priority
自定义Filter,避免和默认的Filter优先级一样,不然会冲突注册Filter的bean FilterRegistrationBean
同模块里面有相关默认Filter
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//
package org.springframework.core;
public interface Ordered {
int HIGHEST_PRECEDENCE = -2147483648;
int LOWEST_PRECEDENCE = 2147483647;
int getOrder();
}
4.自定义Filter
(1)Spring Boot基础项目
目录结构
(2)自定义Filter
自定义Filter
1)使用Servlet3.0的注解进行配置
2)启动类里面增加 @ServletComponentScan,进行扫描
3)新建一个Filter类,implements Filter,并实现对应的接口
4) @WebFilter 标记一个类为filter,被spring进行扫描
urlPatterns:拦截规则,支持正则5)控制chain.doFilter的方法的调用,来实现是否通过放行不放行,web应用resp.sendRedirect("/index.html");
场景:权限控制、用户登录(非前端后端分离场景)等
当前目录结构
controller
下的LoginController
package com.lcz.spring_demo10.controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
/**
* @author : codingchao
* @date : 2021-11-23 12:39
* @Description:
**/
@RestController
public class LoginController {
@GetMapping("/login/login_user")
public Object login(@RequestParam String username){
return username+"登录了!";
}
}
filter
下的LoginFilter
package com.lcz.spring_demo10.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @author : codingchao
* @date : 2021-11-23 12:28
* @Description:
**/
@WebFilter(urlPatterns = "/login/*",filterName = "loginFilter")
public class LoginFilter implements Filter {
/**
* 容器加载的时候调用
* @param filterConfig
* @throws ServletException
*/
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("loginfilter创建");
}
/**
* 请求被拦截的时候进行调用
* @param servletRequest
* @param servletResponse
* @param filterChain
* @throws IOException
* @throws ServletException
*/
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("进入loginfilter");
HttpServletRequest req = (HttpServletRequest) servletRequest;
HttpServletResponse resp = (HttpServletResponse) servletResponse;
//获取请求带来的参数
String username = req.getParameter("username");
//进行判断
if("lcz".equals(username)){
//通过
filterChain.doFilter(servletRequest,servletResponse);
}else{
//跳转
resp.sendRedirect("/error.html");
return;
}
}
/**
* 容器被销毁的时候被调用
*/
@Override
public void destroy() {
System.out.println("loginfilter销毁");
}
}
error.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Insert title here</title>
</head>
<body>
账号或密码错误拉!!!
</body>
</html>
测试结果