Java 如何在筛选器中加密响应数据
我试图在将响应数据写入HttpServletResponse之前对其进行加密,因此我实现了自定义响应包装器、输出streram和一个过滤器类 问题是我需要对整个响应数据加密一次,但没有Java 如何在筛选器中加密响应数据,java,servlets,encryption,filter,Java,Servlets,Encryption,Filter,我试图在将响应数据写入HttpServletResponse之前对其进行加密,因此我实现了自定义响应包装器、输出streram和一个过滤器类 问题是我需要对整个响应数据加密一次,但没有写入(字符串内容)方法,但ServletOutputStream类中有三种方法可用,它们是写入(int b),写入(byte[]b)和写入(byte[]b,int off,int len)当我运行应用程序时,只有一个方法被称为write(intb) 那么,是否有任何方法可以将整个响应数据作为字符串获取,在这里我可以
写入(字符串内容)
方法,但ServletOutputStream类中有三种方法可用,它们是写入(int b)
,写入(byte[]b)
和写入(byte[]b,int off,int len)
当我运行应用程序时,只有一个方法被称为write(intb)
那么,是否有任何方法可以将整个响应数据作为字符串获取,在这里我可以调用encrypt(responseData)
我的课程看起来像:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
BufferedRequestWrapper bufferedReqest = new BufferedRequestWrapper(httpServletRequest);
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(bufferedReqest, bufferedResponse);
}
public class MyServletOutputStream extends ServletOutputStream{
private final Logger LOG = LoggerFactory.getLogger(getClass());
private OutputStream outputStream;
private ByteArrayOutputStream copy;
public MyServletOutputStream(OutputStream outputStream) {
this.outputStream = outputStream;
this.copy = new ByteArrayOutputStream(1024);
}
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
copy.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
copy.write(b);
}
public byte[] getCopy() {
return copy.toByteArray();
}
}
public class BufferedServletResponseWrapper extends HttpServletResponseWrapper {
private final Logger LOG = LoggerFactory.getLogger(getClass());
private ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
private PrintWriter writer = new PrintWriter(outputStream);
public BufferedServletResponseWrapper(HttpServletResponse response)
throws IOException {
super(response);
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
LOG.info("getOutputStream");
return new ServletOutputStream() {
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
}
};
}
@Override
public PrintWriter getWriter() throws IOException {
LOG.info("getWriter");
return writer;
}
@Override
public void flushBuffer() throws IOException {
if (writer != null) {
writer.flush();
} else if (outputStream != null) {
outputStream.flush();
}
}
public String getResponseData() {
return outputStream.toString();
}
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(
httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(httpServletRequest, bufferedResponse);
String responseData = bufferedResponse.getResponseData();
String encryptedResponseData = encrypt(responseData);
OutputStream outputStream = httpServletResponse.getOutputStream();
outputStream.write(encryptedResponseData.getBytes());
outputStream.flush();
outputStream.close();
}
及
我的自定义输出流类如下所示:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
BufferedRequestWrapper bufferedReqest = new BufferedRequestWrapper(httpServletRequest);
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(bufferedReqest, bufferedResponse);
}
public class MyServletOutputStream extends ServletOutputStream{
private final Logger LOG = LoggerFactory.getLogger(getClass());
private OutputStream outputStream;
private ByteArrayOutputStream copy;
public MyServletOutputStream(OutputStream outputStream) {
this.outputStream = outputStream;
this.copy = new ByteArrayOutputStream(1024);
}
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
copy.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
copy.write(b);
}
public byte[] getCopy() {
return copy.toByteArray();
}
}
public class BufferedServletResponseWrapper extends HttpServletResponseWrapper {
private final Logger LOG = LoggerFactory.getLogger(getClass());
private ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
private PrintWriter writer = new PrintWriter(outputStream);
public BufferedServletResponseWrapper(HttpServletResponse response)
throws IOException {
super(response);
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
LOG.info("getOutputStream");
return new ServletOutputStream() {
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
}
};
}
@Override
public PrintWriter getWriter() throws IOException {
LOG.info("getWriter");
return writer;
}
@Override
public void flushBuffer() throws IOException {
if (writer != null) {
writer.flush();
} else if (outputStream != null) {
outputStream.flush();
}
}
public String getResponseData() {
return outputStream.toString();
}
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(
httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(httpServletRequest, bufferedResponse);
String responseData = bufferedResponse.getResponseData();
String encryptedResponseData = encrypt(responseData);
OutputStream outputStream = httpServletResponse.getOutputStream();
outputStream.write(encryptedResponseData.getBytes());
outputStream.flush();
outputStream.close();
}
String str=新字符串(bufferedResponse.getCopy())
这将为您提供outputStream中的数据字符串。我可以在你的代码中看到你正在把字节写出来,就像在复印机上一样。这台复印机以后也可以修改
String encStr=Encrypt(str); // your encryption logic.
ServletOutputStream out= response.getOutputStream();
out.write(encStr.getByte()); //adding your encrypted data to response
out.flush();
out.close();
我用这种方法解决了这个问题:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
BufferedRequestWrapper bufferedReqest = new BufferedRequestWrapper(httpServletRequest);
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(bufferedReqest, bufferedResponse);
}
public class MyServletOutputStream extends ServletOutputStream{
private final Logger LOG = LoggerFactory.getLogger(getClass());
private OutputStream outputStream;
private ByteArrayOutputStream copy;
public MyServletOutputStream(OutputStream outputStream) {
this.outputStream = outputStream;
this.copy = new ByteArrayOutputStream(1024);
}
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
copy.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
copy.write(b);
}
public byte[] getCopy() {
return copy.toByteArray();
}
}
public class BufferedServletResponseWrapper extends HttpServletResponseWrapper {
private final Logger LOG = LoggerFactory.getLogger(getClass());
private ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
private PrintWriter writer = new PrintWriter(outputStream);
public BufferedServletResponseWrapper(HttpServletResponse response)
throws IOException {
super(response);
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
LOG.info("getOutputStream");
return new ServletOutputStream() {
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
}
};
}
@Override
public PrintWriter getWriter() throws IOException {
LOG.info("getWriter");
return writer;
}
@Override
public void flushBuffer() throws IOException {
if (writer != null) {
writer.flush();
} else if (outputStream != null) {
outputStream.flush();
}
}
public String getResponseData() {
return outputStream.toString();
}
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(
httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(httpServletRequest, bufferedResponse);
String responseData = bufferedResponse.getResponseData();
String encryptedResponseData = encrypt(responseData);
OutputStream outputStream = httpServletResponse.getOutputStream();
outputStream.write(encryptedResponseData.getBytes());
outputStream.flush();
outputStream.close();
}
doFilter()看起来像:
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest)request;
HttpServletResponse httpServletResponse = (HttpServletResponse)response;
BufferedRequestWrapper bufferedReqest = new BufferedRequestWrapper(httpServletRequest);
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(bufferedReqest, bufferedResponse);
}
public class MyServletOutputStream extends ServletOutputStream{
private final Logger LOG = LoggerFactory.getLogger(getClass());
private OutputStream outputStream;
private ByteArrayOutputStream copy;
public MyServletOutputStream(OutputStream outputStream) {
this.outputStream = outputStream;
this.copy = new ByteArrayOutputStream(1024);
}
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
copy.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
copy.write(b);
}
public byte[] getCopy() {
return copy.toByteArray();
}
}
public class BufferedServletResponseWrapper extends HttpServletResponseWrapper {
private final Logger LOG = LoggerFactory.getLogger(getClass());
private ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
private PrintWriter writer = new PrintWriter(outputStream);
public BufferedServletResponseWrapper(HttpServletResponse response)
throws IOException {
super(response);
}
@Override
public ServletOutputStream getOutputStream() throws IOException {
LOG.info("getOutputStream");
return new ServletOutputStream() {
@Override
public void write(int b) throws IOException {
LOG.info("write int");
outputStream.write(b);
}
@Override
public void write(byte[] b) throws IOException {
LOG.info("write byte[]");
outputStream.write(b);
}
};
}
@Override
public PrintWriter getWriter() throws IOException {
LOG.info("getWriter");
return writer;
}
@Override
public void flushBuffer() throws IOException {
if (writer != null) {
writer.flush();
} else if (outputStream != null) {
outputStream.flush();
}
}
public String getResponseData() {
return outputStream.toString();
}
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
BufferedServletResponseWrapper bufferedResponse = new BufferedServletResponseWrapper(
httpServletResponse);
// pass the wrappers on to the next entry
chain.doFilter(httpServletRequest, bufferedResponse);
String responseData = bufferedResponse.getResponseData();
String encryptedResponseData = encrypt(responseData);
OutputStream outputStream = httpServletResponse.getOutputStream();
outputStream.write(encryptedResponseData.getBytes());
outputStream.flush();
outputStream.close();
}
您可以将每个字节单独放入,然后得到最终结果。或者通过一些密码流想知道这里的
CipherOutputStream
是否有用@谢谢你的快速回复,任何例子我如何使用它。谢谢你的回答。但您必须传递自定义输出流,而不是原始输出流。我怀疑doFilter中的outputStream是否会包含响应数据以及末尾附加的编码数据,即使您使用的是自定义outputStreams。我觉得你需要一个假作家来处理这件事。如果错了,请纠正我。