我已经讨论了与onceperrequestfilter相关的其他问题,但从技术上讲并不清楚。
基本上,我已经实现了一个启用了安全性的spring引导项目。使用jpa、h2数据库对用户进行身份验证。
我已经读到,onceperrequestfilter每个请求只执行一次,所以我在我的定制过滤器中扩展了它。
public class AuthFilter extends OncePerRequestFilter{
public static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
log.info(" ##### INSIDE AUTH FILTER ####");
log.info(" ##### INSIDE AUTH FILTER #### method::"+request.getMethod());
log.info(" ##### INSIDE AUTH FILTER #### Servlet path::"+request.getServletPath());
log.info(" ##### INSIDE AUTH FILTER #### attibute names ::"+getAlreadyFilteredAttributeName());
log.info(" ##### INSIDE AUTH FILTER #### URI ::" +request.getRequestURI());
log.info(" ##### INSIDE AUTH FILTER #### URL ::"+request.getRequestURL());
filterChain.doFilter(request, response);
}
}
我的控制器方法如下所示:
@GetMapping("/hello")
public String hello() {
log.info(" ######## INSIDE SIGN IN ########");
Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken("jay", "root"));
SecurityContextHolder.getContext().setAuthentication(authentication);
log.info(" ######## INSIDE SIGN IN ######## Authentication completed");
return "Hello World !!";
}
当项目启动并运行时,当我打电话时[http://localhost:8080/hello]我的自定义筛选器被多次调用。我如何才能确保只执行一次?
我的身份验证筛选器的配置:
@Override
protected void configure(HttpSecurity http) throws Exception {
System.out.println(" ########## inside configure HHTTP ##########");
http.cors().and().csrf().disable()
.authorizeRequests()
.antMatchers("/admin").hasAuthority("ADMIN")
.antMatchers("/helloAll").hasAuthority("ADMIN")
.antMatchers("/hello").hasAuthority("ADMIN")
.antMatchers("/user").hasAnyAuthority("USER","ADMIN")
.antMatchers("/**").permitAll()
.and().formLogin();
http.addFilterBefore(getAuthFilter(), UsernamePasswordAuthenticationFilter.class);
//http.addFilterBefore(getFilterTestBean(), UsernamePasswordAuthenticationFilter.class);
}
@Bean
public AuthFilter getAuthFilter() {
return new AuthFilter();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
System.out.println(" ########## inside configure ##########");
auth.userDetailsService(userDetailsServiceImpl).passwordEncoder(passwordEncoder());
}
下面是我的日志堆栈:
2021-06-30 15:31:54.223 DEBUG 9220 --- [nio-8080-exec-3] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to spring.security.spring.token.jwttoken.security.HelloWorldController#hello()
2021-06-30 15:31:54.223 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER ####
2021-06-30 15:31:54.223 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### method::GET
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### Servlet path::/hello
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### attibute names ::getAuthFilter.FILTERED
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URI ::/hello
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URL ::http://localhost:8080/hello
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.FilterTest : ###### Inside Filter Test ####
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### method::GET
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### Servlet path::/hello
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URI ::/hello
2021-06-30 15:31:54.224 INFO 9220 --- [nio-8080-exec-3] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URL ::http://localhost:8080/hello
2021-06-30 15:31:54.265 DEBUG 9220 --- [nio-8080-exec-4] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped to ResourceHttpRequestHandler [Classpath [META-INF/resources/], Classpath [resources/], Classpath [static/], Classpath [public/], ServletContext [/]]
2021-06-30 15:31:54.266 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER ####
2021-06-30 15:31:54.266 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### method::GET
2021-06-30 15:31:54.266 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### Servlet path::/login
2021-06-30 15:31:54.266 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### attibute names ::getAuthFilter.FILTERED
2021-06-30 15:31:54.266 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URI ::/login
2021-06-30 15:31:54.266 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URL ::http://localhost:8080/login
2021-06-30 15:31:54.267 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.FilterTest : ###### Inside Filter Test ####
2021-06-30 15:31:54.267 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### method::GET
2021-06-30 15:31:54.267 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### Servlet path::/login
2021-06-30 15:31:54.267 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URI ::/login
2021-06-30 15:31:54.267 INFO 9220 --- [nio-8080-exec-4] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URL ::http://localhost:8080/login
2021-06-30 15:32:05.252 DEBUG 9220 --- [nio-8080-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping : Mapped to ResourceHttpRequestHandler [Classpath [META-INF/resources/], Classpath [resources/], Classpath [static/], Classpath [public/], ServletContext [/]]
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER ####
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### method::POST
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### Servlet path::/login
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### attibute names ::getAuthFilter.FILTERED
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URI ::/login
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URL ::http://localhost:8080/login
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.FilterTest : ###### Inside Filter Test ####
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### method::POST
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### Servlet path::/login
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URI ::/login
2021-06-30 15:32:05.267 INFO 9220 --- [nio-8080-exec-5] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URL ::http://localhost:8080/login
########## Retreiving from DB ##########
2021-06-30 15:32:05.561 DEBUG 9220 --- [nio-8080-exec-5] org.hibernate.SQL : select users0_.user_id as user_id1_0_, users0_.password as password2_0_, users0_.roles as roles3_0_, users0_.username as username4_0_ from users users0_ where users0_.username=?
####### Authorities #######ADMIN
2021-06-30 15:32:05.580 DEBUG 9220 --- [nio-8080-exec-6] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to spring.security.spring.token.jwttoken.security.HelloWorldController#hello()
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER ####
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### method::GET
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### Servlet path::/hello
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### attibute names ::getAuthFilter.FILTERED
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URI ::/hello
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.AuthFilter : ##### INSIDE AUTH FILTER #### URL ::http://localhost:8080/hello
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ###### Inside Filter Test ####
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### method::GET
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### Servlet path::/hello
2021-06-30 15:32:05.580 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URI ::/hello
2021-06-30 15:32:05.592 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URL ::http://localhost:8080/hello
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ###### Inside Filter Test ####
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### method::GET
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### Servlet path::/hello
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URI ::/hello
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URL ::http://localhost:8080/hello
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ###### Inside Filter Test ####
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### method::GET
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### Servlet path::/hello
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URI ::/hello
2021-06-30 15:32:05.594 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.filter.FilterTest : ##### INSIDE FilterTest #### URL ::http://localhost:8080/hello
2021-06-30 15:32:05.597 DEBUG 9220 --- [nio-8080-exec-6] o.s.web.servlet.DispatcherServlet : GET "/hello", parameters={}
2021-06-30 15:32:05.599 DEBUG 9220 --- [nio-8080-exec-6] s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to spring.security.spring.token.jwttoken.security.HelloWorldController#hello()
2021-06-30 15:32:05.601 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.HelloWorldController : ######## INSIDE SIGN IN ########
########## Retreiving from DB ##########
2021-06-30 15:32:05.602 DEBUG 9220 --- [nio-8080-exec-6] org.hibernate.SQL : select users0_.user_id as user_id1_0_, users0_.password as password2_0_, users0_.roles as roles3_0_, users0_.username as username4_0_ from users users0_ where users0_.username=?
####### Authorities #######ADMIN
2021-06-30 15:32:05.604 INFO 9220 --- [nio-8080-exec-6] s.s.s.t.j.security.HelloWorldController : ######## INSIDE SIGN IN ######## Authentication completed
2021-06-30 15:32:05.607 DEBUG 9220 --- [nio-8080-exec-6] m.m.a.RequestResponseBodyMethodProcessor : Using 'text/html', given [text/html, application/xhtml+xml, image/avif, image/webp, image/apng, application/xml;q=0.9, application/signed-exchange;v=b3;q=0.9, */*;q=0.8] and supported [text/plain, */*, text/plain, */*, application/json, application/*+json, application/json, application/*+json]
2021-06-30 15:32:05.608 DEBUG 9220 --- [nio-8080-exec-6] m.m.a.RequestResponseBodyMethodProcessor : Writing ["Hello World !!"]
2021-06-30 15:32:05.618 DEBUG 9220 --- [nio-8080-exec-6] o.s.web.servlet.DispatcherServlet : Completed 200 OK
从日志中可以明显看出,getalreadyfilteredattributename正在将筛选器类标记为已筛选,但为什么它会针对同一请求重复执行,而不是按照文档中的说明执行。
请澄清我的困惑。如果你能举出一个例子,我们将不胜感激。
暂无答案!
目前还没有任何答案,快来回答吧!