SpringBoot: Bypass OncePerRequestFilter filters

别等时光非礼了梦想. 提交于 2020-01-23 02:16:07

问题


I have a basic SpringBoot 2.0.5.RELEASE app. Using Spring Initializer, JPA, embedded Tomcat, Thymeleaf template engine, and package as an executable JAR file.

I have created a Custom JWT based security filter JwtFilter :

@Provider
public class JwtAuthorizationTokenFilter extends OncePerRequestFilter {
...
}

But I want to Bypass this filter only for 1 specific request / method: "/api/v1/menus", when is a POST

But I don't know if it is possible in the WebSecurityConfigurerAdapter :

 JwtAuthorizationTokenFilter authenticationTokenFilter = new JwtAuthorizationTokenFilter(userDetailsService(), jwtTokenUtil, tokenHeader);
     httpSecurity
         .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
          .antMatcher("/api/v1/menus")

回答1:


You can override the shouldNotFilter method from the OncePerRequestFilter as below:

@Provider
public class JwtAuthorizationTokenFilter extends OncePerRequestFilter {
    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
        return new AntPathMatcher().match("/api/v1/menus", request.getServletPath());
    }

}


来源:https://stackoverflow.com/questions/52370411/springboot-bypass-onceperrequestfilter-filters

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!