SpingMVC Filter + HttpServletRequestWrapper 實現後臺修改Request請求引數
阿新 • • 發佈:2018-12-15
1、封裝Request請求物件,對外暴露修改請求引數的方法
package edu.mvcdemo.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import edu.mvcdemo.servlet.request.SecurityRiskRequestWrapper; /** * @編寫人: yh.zeng * @編寫時間:2018-9-13 下午11:31:36 * @檔案描述: 封裝SecurityRiskRequestWrapper請求物件 */ public class SecurityRiskRequestWrapperFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { SecurityRiskRequestWrapper requestWrapper = new SecurityRiskRequestWrapper( (HttpServletRequest) request ); chain.doFilter(requestWrapper, response); } @Override public void destroy() { } }
2、通過Filter過濾器攔截請求物件,並進行封裝
package edu.mvcdemo.filter; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import edu.mvcdemo.servlet.request.SecurityRiskRequestWrapper; /** * @編寫人: yh.zeng * @編寫時間:2018-9-13 下午11:31:36 * @檔案描述: 封裝SecurityRiskRequestWrapper請求物件 */ public class SecurityRiskRequestWrapperFilter implements Filter { @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { SecurityRiskRequestWrapper requestWrapper = new SecurityRiskRequestWrapper( (HttpServletRequest) request ); chain.doFilter(requestWrapper, response); } @Override public void destroy() { } }
3. demo
ModifyParamsDemoInterceptor.java
package edu.mvcdemo.interceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import edu.mvcdemo.servlet.request.SecurityRiskRequestWrapper; /** * @編寫人: yh.zeng * @編寫時間:2018-9-16 下午12:39:11 * @檔案描述: todo */ public class ModifyParamsDemoInterceptor implements HandlerInterceptor{ /** * 是否需要將當前請求攔截下來,方法將在Controller處理之前進行呼叫 * 返回false,則請求被攔截下來,即不繼續往下執行 * 返回true,繼續往下執行 */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { SecurityRiskRequestWrapper req = (SecurityRiskRequestWrapper)request; req.addParameter("userName", "被ModifyParamsDemoInterceptor篡改了!"); return true; } /** * postHandle是在Controller的方法呼叫之後執行,但是它會在DispatcherServlet進行檢視的渲染之前執行, * 也就是說在這個方法中你可以對ModelAndView進行操作。 */ @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } /** * afterCompletion將在整個請求完成之後,也就是DispatcherServlet渲染了檢視後執行, * 這個方法的主要作用是用於清理資源的, */ @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } }
ModifyParamsDemoController.java
package edu.mvcdemo.controller;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import edu.mvcdemo.model.User;
/**
* @編寫人: yh.zeng
* @編寫時間:2018-9-16 上午11:52:55
* @檔案描述: 通過SecurityRiskRequestWrapper物件,修改頁面請求引數Demo
*/
@Controller
@RequestMapping(value="/SecurityRiskTest")
public class ModifyParamsDemoController {
@RequestMapping(value="/modiyParams",produces = "text/html; charset=utf-8")
@ResponseBody
private String modiyParams(User user, HttpServletResponse response){
return user.toString();
}
}