问题
Here is the problem: I can successfully register the Filter, but don't know how to set the mapping URL using this specific configuration.
Here is my Class:
public class WebInitializer extends
AbstractAnnotationConfigDispatcherServletInitializer {
@Override
protected Class<?>[] getRootConfigClasses() {
return new Class<?>[]{AppConfig.class};
}
@Override
protected Class<?>[] getServletConfigClasses() {
return new Class<?>[]{WebConfig.class};
}
@Override
protected Filter[] getServletFilters() {
return new Filter[]{
new DelegatingFilterProxy("springSecurityFilterChain"),
new DelegatingFilterProxy("customFilter")
};
}
@Override
protected String[] getServletMappings() {
return new String[]{"/"};
}
}
P.D.
I had done it using WebApplicationInitializer, but I want to use AbstractAnnotationConfigDispatcherServletInitializer.
回答1:
The only way I was able to do this was to use the FilterRegistration.Dynamic interface. In your WebInitializer class, add your custom filter manually in the onStartup method (an override from a superclass). There is no way that is more elegant at the moment to my knowledge.
@Override
public void onStartup(ServletContext servletContext)
throws ServletException {
FilterRegistration.Dynamic encodingFilter = servletContext.addFilter("my-filter", new MyFilter());
encodingFilter.setInitParameter("blah", "blah");
encodingFilter.addMappingForUrlPatterns(null, false, "/toBeFiltered/*");
super.onStartup(servletContext);
}
If you want this filter to work correctly then it would be best for you to comment out the getServletFilters method you have overridden so that this filter is served back correctly from the servletContext.
回答2:
For the springSecurityFilterChain, simply add this class to the same package as other configuration classes
@Order(2)
public class MyAppSecureWebAppInitializer extends
AbstractSecurityWebApplicationInitializer {
@Override
protected boolean enableHttpSessionEventPublisher() {
return true;
}
}
The AbstractSecurityWebApplicationInitializer (from javadocs)
Registers the DelegatingFilterProxy to use the springSecurityFilterChain before any other registered Filter. When used with AbstractSecurityWebApplicationInitializer(Class), it will also register a ContextLoaderListener. When used with AbstractSecurityWebApplicationInitializer(), this class is typically used in addition to a subclass of AbstractContextLoaderInitializer.
By default the DelegatingFilterProxy is registered without support, but can be enabled by overriding isAsyncSecuritySupported() and getSecurityDispatcherTypes().
Additional configuration before and after the springSecurityFilterChain can be added by overriding afterSpringSecurityFilterChain(ServletContext).
And from the spring security example in Github
@Override
protected Filter[] getServletFilters() {
CharacterEncodingFilter encodingFilter = new CharacterEncodingFilter();
encodingFilter.setEncoding("UTF-8");
encodingFilter.setForceEncoding(true);
DelegatingFilterProxy reconnectDelegate = new DelegatingFilterProxy("apiExceptionHandler");
return new Filter[] { reconnectDelegate, encodingFilter, new HiddenHttpMethodFilter() };
}
来源:https://stackoverflow.com/questions/25209319/how-to-do-filter-mapping-in-abstractannotationconfigdispatcherservletinitializer