Spring boot:如何为静态资源添加拦截器? [英] Spring boot: How to add interceptors to static resources?

问题描述

我在 /static/img/** 中有几个文件夹，我需要向其中一些添加拦截器以检查用户权限.我之前使用过拦截器并以这种方式添加它们:

I have several folders in /static/img/** and I need to add interceptors to some of them to check user permissions. I've used interceptors earlier and added them this way:

@SpringBootApplication
@EnableTransactionManagement
public class Application extends WebMvcConfigurerAdapter {

  ...

  @Override
  public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry
      .addResourceHandler("/static/**")
      .addResourceLocations("classpath:/static/");
  }

  @Bean
  public AuthHeaderInterceptor authHeaderInterceptor() {
    return new AuthHeaderInterceptor();
  }

  @Bean
  public AuthCookieInterceptor authCookieInterceptor() {
    return new AuthCookieInterceptor();
  }

  @Override
  public void addInterceptors(InterceptorRegistry registry) {
    registry
      .addInterceptor(authHeaderInterceptor())
      .addPathPatterns(REST_URL)
      .excludePathPatterns(
        new String[] {
          REST_SECURITY_URL,
          REST_SETTINGS_URL,
          REST_REPORTS_URL
        }
      );

    registry
      .addInterceptor(authCookieInterceptor())
      .addPathPatterns(REST_REPORTS_URL);
  }
}

对于 rest 控制器及其 URL 来说一切正常，但现在我需要保护一些静态资源，我添加了这个:

All works fine for rest controllers and their URLs, but now I need to secure some static resources and I added this:

@SpringBootApplication
@EnableTransactionManagement
public class Application extends WebMvcConfigurerAdapter {

  ...

  @Bean 
  public RoleAdminInterceptor roleAdminInterceptor() {
    return new RoleAdminInterceptor();
  }

  @Override
  public void addInterceptors(InterceptorRegistry registry) {
    registry
      .addInterceptor(authHeaderInterceptor())
      .addPathPatterns(REST_URL)
      .excludePathPatterns(
        new String[] {
          REST_SECURITY_URL,
          REST_SETTINGS_URL,
          REST_REPORTS_URL
        }
      );

    //THIS NOT WORK
    registry
      .addInterceptor(roleAdminInterceptor())
      .addPathPatterns("/static/img/admin/**");

    registry
      .addInterceptor(authCookieInterceptor())
      .addPathPatterns(REST_REPORTS_URL);
  }
}

注释行不起作用.当我向 /static/img/admin/test.png 发送请求时 RoleAdminInterceptor 永远不会被调用.

Commented line doesn't work. When I send request to /static/img/admin/test.png RoleAdminInterceptor is never called.

我做错了什么?

推荐答案

我知道这是一个老问题，但由于它没有得到解答，它可能会帮助其他人搜索它.

I know this is an old question, but since it's unanswered it might help others searching for it.

这对我有用:

1- 声明一个拦截器类:

1- Declare an interceptor class:

class RoleBasedAccessInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        AntPathMatcher matcher = new AntPathMatcher();
        String pattern = "/static/img/admin/**";

        String requestURI = request.getRequestURI();

        if (matcher.match(pattern, requestURI)) {
            //Do whatever you need 
            return validateYourLogic();
        }

        return true;
    }

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }
}

2- 配置 WebMvcConfigurer

public class WebMvcConfiguration implements WebMvcConfigurer {
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new RoleBasedAccessInterceptor());
    }
}

这篇关于Spring boot:如何为静态资源添加拦截器?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！