Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/12.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如果在fitler类中删除@component,则不会调用Spring引导筛选器_Spring_Spring Boot_Spring Security_Servlet Filters - Fatal编程技术网
Fatal编程技术网
  • spring/
  • 如果在fitler类中删除@component,则不会调用Spring引导筛选器

如果在fitler类中删除@component,则不会调用Spring引导筛选器

spring spring-boot spring-security

如果在fitler类中删除@component,则不会调用Spring引导筛选器,spring,spring-boot,spring-security,servlet-filters,Spring,Spring Boot,Spring Security,Servlet Filters,我有两个端点,/health和/save。我不想为/health端点调用MyFilter。 下面是代码 @Component public class MyFilter implements Filter { @Autowired private JwtConfig jwtConfig; @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletRe

我有两个端点,/health和/save。我不想为/health端点调用MyFilter。 下面是代码

@Component
public class MyFilter implements Filter {

    @Autowired
    private JwtConfig jwtConfig;

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
            throws IOException, ServletException {
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        HttpServletRequest request = (HttpServletRequest) servletRequest;

        // do something

        filterChain.doFilter(servletRequest, servletResponse);
    }
}

@Configuration
@Order(2)
public class WebSecurityConfig extends DefaultSecurityConfig {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.cors().and().csrf().disable().addFilterAfter(new MyFilter(), BasicAuthenticationFilter.class)
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }

    @Override
    public void configure(WebSecurity webSecurity) throws Exception {
        super.configure(webSecurity);
        webSecurity.ignoring().antMatchers("/health/**");
    }

    @Bean
    CorsConfigurationSource corsConfigurationSource() {
        final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
        return source;
    }
}
问题是,如果我从MyFilter中删除@component,则不会为任何端点调用该筛选器,如果我将其放回,则会在两个端点中调用该筛选器。如何使其仅适用于/health endpoint?

仅在
//执行某些操作
部分,检查请求的url是否为度量,如果不是,则仅执行操作。该信息在
HttpServletRequest
对象中随时可用

我不确定是否还有更直接的方法。使用FilterRegistrationBean只允许添加要包括的URL,而不允许添加要排除的URL

如果您确实认为只有这两个端点,那么当然可以使用FilterRegistrationBean只添加您的保存端点:

@Bean
public FilterRegistrationBean<MyFilter> myFilter() {
    FilterRegistrationBean<MyFilter> registrationBean = new FilterRegistrationBean<>();
    registrationBean.setFilter(new MyFilter());
    registrationBean.addUrlPatterns("/save");
    return registrationBean;
}

@Bean
公共过滤器注册bean myFilter(){
FilterRegistrationBean registrationBean=新的FilterRegistrationBean();
setFilter(新的MyFilter());
registrationBean.addUrlPatterns(“/save”);
返回注册bean;
}
在这种情况下,您可以删除组件注释。

定义一个返回过滤器的
@Bean
方法(而不是使用
@Component
),并添加一个额外的
FilterRegistrationBean
,以选择应该响应的URL。如果这需要成为Spring安全过滤器链的一部分,请检查过滤器内的URL,并决定您是否需要做一件事或另一件事。谢谢。但在将来,除了/save之外,还会有更多端点。。那么,我们需要添加所有内容吗?@sagarkancherla你读了我答案的第一部分了吗?“仅在//执行某些操作部分,检查请求的url是否为度量值,如果不是,则仅执行操作。该信息在HttpServletRequest对象中随时可用。”。