SpringBoot:绕过OncePerRequestFilter 过滤器 [英] SpringBoot: Bypass OncePerRequestFilter filters

问题描述

我有一个基本的 SpringBoot 2.0.5.RELEASE 应用程序.使用 Spring Initializer、JPA、嵌入式 Tomcat、Thymeleaf 模板引擎，并打包为可执行 JAR 文件.

I have a basic SpringBoot 2.0.5.RELEASE app. Using Spring Initializer, JPA, embedded Tomcat, Thymeleaf template engine, and package as an executable JAR file.

我创建了一个基于自定义 JWT 的安全过滤器 JwtFilter :

I have created a Custom JWT based security filter JwtFilter :

@Provider
public class JwtAuthorizationTokenFilter extends OncePerRequestFilter {
...
}

但我只想为 1 个特定请求/方法绕过此过滤器:"/api/v1/menus"，什么时候是POST

But I want to Bypass this filter only for 1 specific request / method: "/api/v1/menus", when is a POST

但我不知道在 WebSecurityConfigurerAdapter 中是否可行:

But I don't know if it is possible in the WebSecurityConfigurerAdapter :

 JwtAuthorizationTokenFilter authenticationTokenFilter = new JwtAuthorizationTokenFilter(userDetailsService(), jwtTokenUtil, tokenHeader);
     httpSecurity
         .addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
          .antMatcher("/api/v1/menus")

推荐答案

您可以覆盖来自 OncePerRequestFilter 的 shouldNotFilter 方法，如下所示:

You can override the shouldNotFilter method from the OncePerRequestFilter as below:

@Provider
public class JwtAuthorizationTokenFilter extends OncePerRequestFilter {
    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
        return new AntPathMatcher().match("/api/v1/menus", request.getServletPath());
    }

}

这篇关于SpringBoot:绕过OncePerRequestFilter 过滤器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！