springboot中添加自定义filter

springboot中的filter

第一种情况，自定义的filter

方式1

1.实现javax.servlet.Filter

2.重写init，doFilter，destory方法

3.添加component注解

package com.warofcode.securitydemo.filter;
import org.springframework.stereotype.Component;
import javax.servlet.*;
import java.io.IOException;

@Component
public class MyFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println(" myfilter init");
    }
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        System.out.println("myfilter execute");
    }
    @Override
    public void destroy() {
        System.out.println("myfilter destroy");
    }
}
方式2
1.实现javax.servlet.Filter
2添加webfilter注解，可以设定过滤的路径
3在配置类加上注解@ServletComponentScan

1.编写过滤器代码

package com.mrsaber.security;

import org.springframework.core.annotation.Order;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@Order(1)
@WebFilter(filterName = "MSecurity",urlPatterns = {"*.html"})
public class MSecurityFilter implements Filter {
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response= (HttpServletResponse) servletResponse;
        System.out.println(request.getRequestURI());
        //检查是否是登录页面
        if(request.getRequestURI().equals("/web/index.html"))
            filterChain.doFilter(servletRequest,servletResponse);

        //检测用户是否登录
        HttpSession session =request.getSession();
        String status= (String) session.getAttribute("isLogin");
        if(status==null || !status.equals("true"))
        {
            try{  response.sendRedirect("/web/index.html");}catch (Exception e){}
        }
        filterChain.doFilter(servletRequest,servletResponse);
    }

    @Override
    public void destroy() {

    }
}

说明：

　　重点在于两个注解！

　　When using an embedded container, automatic registration of @WebServlet, @WebFilter, and @WebListener annotated classes can be enabled using @ServletComponentScan.

　　使用嵌入式容器时，可以使用@ServletComponentScan启用@WebServlet，@ WebFilter和@WebListener注释类的自动注册。

@ServletComponentScan will have no effect in a standalone container, where the container’s built-in discovery mechanisms will be used instead.

　　如果使用外置容器的话，容器的内置发现机制将会被使用，而不需要使用这条注解。

2.添加@ServletComponentScan注解

@SpringBootApplication
@ServletComponentScan(basePackages = "com.mrsaber.security")
public class MsSupplyAndSaleApplication {
    public static void main(String[] args) {
        SpringApplication.run(MsSupplyAndSaleApplication.class, args);
    }

}