将@Autowired与在SpringBoot中配置的过滤器一起使用 [英] Use @Autowired with a Filter configured in SpringBoot

查看:364
本文介绍了将@Autowired与在SpringBoot中配置的过滤器一起使用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我需要在过滤器中使用自动装配。所以我使用@Component注释我的过滤器类,

I need to use autowired in a filter. So i annotate my filter class using @Component,

import org.springframework.web.filter.GenericFilterBean;
@Component
public class TokenAuthorizationFilter extends GenericFilterBean {
    @Autowired
    public EnrollCashRepository enrollCashRepository;
}

然后我在SecurityConfig中添加我的过滤器,

Then i add my filter as below in SecurityConfig,

   @Configuration
    @EnableWebMvcSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {

        @Override
        public void configure(WebSecurity webSecurity) throws Exception
        {
            webSecurity.ignoring().antMatchers(HttpMethod.GET, "/health");
        }
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http.addFilterBefore(new TokenAuthorizationFilter(), BasicAuthenticationFilter.class);  
            http.authorizeRequests().antMatchers("/api/**").authenticated();    
    }

我的问题是我的过滤器被@Component注释调用了两次。如果我删除@Component注释它只调用一次。

My problem is my filter get invoked twice with the @Component annotation. If i remove the @Component annotation it only invoke once.

然后我在下面添加我的Spring启动主类中的修复。然后我在SecurityConfig中注释addFilterBefore行。

Then i add below as a fix in my Spring boot main class. Then i comment the line of addFilterBefore in SecurityConfig.

 @Bean
    public FilterRegistrationBean tokenAuthFilterRegistration() {
        FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
        filterRegistrationBean.setFilter(new PITokenAuthorizationFilter());
        filterRegistrationBean.setOrder(1);
        filterRegistrationBean.setEnabled(false);
        return filterRegistrationBean;
    }

然后我的过滤器被调用一次。但即使我使setEnabled为true或false,当我调用我的rest api时,我得到403 Forbiddon错误, http:// localhost:8080 / api / myservice

But then my filter get invoked once. But even i make the setEnabled true or false, i get a 403 Forbiddon Error when i invoke my rest api, http://localhost:8080/api/myservice

如何解决这种情况,我可以在Spring Filter中使用@Autowired?

How can i fix this situation where i can use @Autowired in my Spring Filter?

编辑:添加控制器和过滤器类,

Add controller and Filter class,

@RestController
@RequestMapping(value = "/api")
public class SpringToolController { 
    @RequestMapping(value = "/myservice", method = RequestMethod.GET)
    public HttpEntity<String> myService() {
        System.out.println("-----------myService invoke-----------");
        return new ResponseEntity<String>(HttpStatus.OK);
    }
}



public class TokenAuthorizationFilter extends GenericFilterBean {
    public TokenAuthorizationFilter(EnrollCashRepository enrollCashRepository) {
        this.enrollCashRepository = enrollCashRepository;
    }

    public EnrollCashRepository enrollCashRepository;

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
            throws IOException, ServletException {
        System.out.println("before PITokenAuthorizationFilter");
        chain.doFilter(servletRequest, servletResponse);
        System.out.println("after PITokenAuthorizationFilter");
    }

    public EnrollCashRepository getEnrollCashRepository() {
        return enrollCashRepository;
    }

    public void setEnrollCashRepository(EnrollCashRepository enrollCashRepository) {
        this.enrollCashRepository = enrollCashRepository;
    }

}


推荐答案

删除 FilterRegistrationBean 并在 SecurityConfig TokenAuthorizationFilter >喜欢这样:

Remove your FilterRegistrationBean and initialize TokenAuthorizationFilter inside your SecurityConfig like this:

@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    public EnrollCashRepository enrollCashRepository;

    @Override
    public void configure(WebSecurity webSecurity) throws Exception
    {
        webSecurity.ignoring().antMatchers(HttpMethod.GET, "/health");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception 
    {
        http.addFilterBefore(tokenAuthorizationFilter(), BasicAuthenticationFilter.class);  
        http.authorizeRequests().antMatchers("/api/**").authenticated();    
    }

    private TokenAuthorizationFilter tokenAuthorizationFilter() 
    {
        return new TokenAuthorizationFilter(enrollCashRepository);
    }
}

删除 @Autowired @Component 注释并使用构造函数注入设置 EnrollCashRepository

Remove @Autowired and @Component annotation and set your EnrollCashRepository with constructor injection:

import org.springframework.web.filter.GenericFilterBean;

public class TokenAuthorizationFilter extends GenericFilterBean {

    private final EnrollCashRepository enrollCashRepository;

    public TokenAuthorizationFilter(EnrollCashRepository enrollCashRepository) 
    {
        this.enrollCashRepository = enrollCashRepository
    }
}

这篇关于将@Autowired与在SpringBoot中配置的过滤器一起使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆