导读 | 在springBoot中,过滤器和拦截器的使用。 |
过滤器是什么? 简单的来说,过滤器就是过滤的作用,在web开发中过滤一些我们指定的url。
过滤器主要做什么? 过滤掉一些不需要的东西,例如一些错误的请求。 也可以修改请求和相应的内容。
过滤器(filter)有三个方法,其中初始化(init)和摧毁(destroy)方法一般不会用到,主要用到的是doFilter这个方法。
而至于怎么过滤呢?
如果过滤通过,则在doFilter执行filterChain.doFilter(request,response);该方法。
这里我们在过滤器中设置下请求的时间, 符合就通过。否则返回错误信息!
代码示例:
class MyFilter implements Filter { @Override public void doFilter(ServletRequest srequest, ServletResponse sresponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) srequest; //执行过滤操作... System.out.println("请求的url :"+request.getRequestURI()); // 获取系统时间 Calendar ca = Calendar.getInstance(); int hour = ca.get(Calendar.HOUR_OF_DAY); // 设置限制运行时间 if (0messageMap = new HashMap<>(); messageMap.put("status", "1"); messageMap.put("message", "此接口可以请求时间为:18-24点"); ObjectMapper objectMapper=new ObjectMapper(); String writeValueAsString = objectMapper.writeValueAsString(messageMap); response.getWriter().write(writeValueAsString); return; } filterChain.doFilter(srequest, sresponse); } @Override public void init(FilterConfig filterConfig) throws ServletException { System.out.println("参数初始化:"+filterConfig); } @Override public void destroy() { System.out.println("开始销毁..."); } }
那么在springBoot中如何使用过滤器呢?
一般是使用Component和WebFilter 这两个注解,但是这里我们就直接方法调用。
在该方法中添加Bean注解,springBoot会在启动的时候进行调用。并指定需要过滤的请求。
代码示例:
@Bean public FilterRegistrationBean testFilterRegistration() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new MyFilter()); //过滤掉 /getUser 和/hello 的请求 registration.addUrlPatterns("/getUser","/hello"); //过滤掉所有请求 // registration.addUrlPatterns("/*"); registration.setName("MyFilter"); registration.setOrder(1); return registration; }
说明: registration.setOrder() 方法是设置优先级,数值越大,优先级越高。
拦截器是什么? 简单的来说,就是一道阀门,拦截不需要的东西。
拦截器主要做什么?对正在运行的流程进行干预。
拦截器也主要有三个方法,其中preHandle是在请求之前就进行调用,如果该请求需要被拦截,则返回false,否则true; postHandle是在请求之后进行调用,无返回值;afterCompletion是在请求结束的时候进行调用,无返回值。
这里我们就简单的模拟下拦截非白名单的IP请求。
代码示例:
class MyInterceptor implements HandlerInterceptor { @Autowired private IpConfig ipconfig; public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception { String ip = getIpAddr(request); // 获取可以访问系统的白名单 String ipStr = ipconfig.getIpWhiteList(); String[] ipArr = ipStr.split("\\|"); ListipList = Arrays.asList(ipArr); if (ipList.contains(ip)) { System.out.println("该IP: " + ip+"通过!"); return true; } else { System.out.println("该IP: " + ip+"不通过!"); response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); // 消息 Map messageMap = new HashMap<>(); messageMap.put("status", "1"); messageMap.put("message", "您好,ip为" + ip + ",暂时没有访问权限,请联系管理员开通访问权限。"); ObjectMapper objectMapper=new ObjectMapper(); String writeValueAsString = objectMapper.writeValueAsString(messageMap); response.getWriter().write(writeValueAsString); return false; } } public String getIpAddr(HttpServletRequest request) { String ip = request.getHeader("X-Forwarded-For"); if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_CLIENT_IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_X_FORWARDED_FOR"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } return ip; } @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { System.out.println("postHandle被调用"); } @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { System.out.println("afterCompletion被调用"); } }
依旧再启动springBoot的时候启动拦截器,并指定拦截的请求。
代码示例:
import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; import com.fasterxml.jackson.databind.ObjectMapper; import com.pancm.springboot_config.config.IpConfig; @Configuration public class MyWebAppConfigurer extends WebMvcConfigurerAdapter { @Bean public HandlerInterceptor getMyInterceptor(){ return new MyInterceptor(); } @Override public void addInterceptors(InterceptorRegistry registry) { // addPathPatterns 用于添加拦截规则, 这里假设拦截 /url 后面的全部链接 // excludePathPatterns 用户排除拦截 registry.addInterceptor(getMyInterceptor()).addPathPatterns("/**"); super.addInterceptors(registry); } }
原文来自:
本文地址://q13zd.cn/springboot-filters-interceptors.html编辑:薛鹏旭,审核员:逄增宝
Linux大全:
Linux系统大全: