springSecurity之新增自定義過濾器
阿新 • • 發佈:2019-01-22
我們知道,springSecurity其實就是將過濾器和aop進行整合。其實我們也可以新增自己的過濾器。
很簡單,配置如下
<http use-expressions="false" entry-point-ref="loginEntryPoint"> <intercept-url pattern="/user.jsp" access="ROLE_USER,ROLE_ADMIN"/> <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN"/> <intercept-url pattern="/**" access="IS_AUTHENTICATED_FULLY"/> <form-login/> <custom-filter ref="myFilter" position="LAST"/> </http> <beans:bean id="myFilter" class="com.ezhiyang.springSecurity.MyFilter"/>
然後再來看看myFilter
public class MyFilter implements Filter{ @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { System.out.println("進來了我自定義的過濾器了"); filterChain.doFilter(servletRequest,servletResponse); } @Override public void destroy() { System.out.println("自定義過濾器鏈銷燬了"); } }
其實只要實現了javax.servlet.Filter就可以了,很low.