下面列出了org.springframework.boot.web.servlet.FilterRegistrationBean#addUrlPatterns ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* xss过滤拦截器
*/
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
filterRegistrationBean.setFilter(new XssFilter());
filterRegistrationBean.setOrder(Integer.MAX_VALUE - 1);
filterRegistrationBean.setEnabled(true);
filterRegistrationBean.addUrlPatterns("/*");
Map<String, String> initParameters = new HashMap<>();
// excludes用于配置不需要参数过滤的请求url
initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
// isIncludeRichText主要用于设置富文本内容是否需要过滤 TODO: 好像无效
initParameters.put("isIncludeRichText", "true");
// 配置过滤URL白名单
initParameters.put(Constants.XSS_NOTICE_KEY, "");
filterRegistrationBean.setInitParameters(initParameters);
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean authenticationFilter() {
FilterRegistrationBean casFilter = new FilterRegistrationBean();
Map<String, String> filterInitParam = Maps.newHashMap();
filterInitParam.put("redisClusterName", "casClientPrincipal");
filterInitParam.put("serverName", portalConfig.portalServerName());
filterInitParam.put("casServerLoginUrl", portalConfig.casServerLoginUrl());
//we don't want to use session to store login information, since we will be deployed to a cluster, not a single instance
filterInitParam.put("useSession", "false");
filterInitParam.put("/openapi.*", "exclude");
casFilter.setInitParameters(filterInitParam);
casFilter
.setFilter(filter("com.ctrip.framework.apollo.sso.filter.ApolloAuthenticationFilter"));
casFilter.addUrlPatterns("/*");
casFilter.setOrder(2);
return casFilter;
}
@Bean
public FilterRegistrationBean xxlSsoFilterRegistration() {
// xxl-sso, redis init
JedisUtil.init(xxlSsoRedisAddress);
// xxl-sso, filter init
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setName("XxlSsoWebFilter");
registration.setOrder(1);
registration.addUrlPatterns("/*");
registration.setFilter(new XxlSsoWebFilter());
registration.addInitParameter(Conf.SSO_SERVER, xxlSsoServer);
registration.addInitParameter(Conf.SSO_LOGOUT_PATH, xxlSsoLogoutPath);
registration.addInitParameter(Conf.SSO_EXCLUDED_PATHS, xxlSsoExcludedPaths);
return registration;
}
@Bean
public FilterRegistrationBean catFilter() {
FilterRegistrationBean registration = new FilterRegistrationBean();
CatServletFilter filter = new CatServletFilter();
registration.setFilter(filter);
registration.addUrlPatterns("/*");
registration.setName("cat-filter");
registration.setOrder(1);
return registration;
}
@Bean
public FilterRegistrationBean requestEncodingFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(requestEncodingFilter());
registration.addUrlPatterns("/*");
registration.addInitParameter("encoding", "UTF-8");
registration.setName("RequestEncodingFilter");
registration.setOrder(4);
return registration;
}
/**
* 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
* 比如AssertionHolder.getAssertion().getPrincipal().getName()。
* 这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
*
* @return
*/
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new AssertionThreadLocalFilter());
filterRegistration.setEnabled(true);
if (autoconfig.getAssertionFilters().size() > 0) {
filterRegistration.setUrlPatterns(autoconfig.getAssertionFilters());
} else {
filterRegistration.addUrlPatterns("/*");
}
filterRegistration.setOrder(7);
return filterRegistration;
}
@Bean
public FilterRegistrationBean<Filter> parameterDecodingFilterRegistration() {
FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>(parameterDecodingFilter());
registration.addUrlPatterns("/*");
registration.setName("ParameterDecodingFilter");
registration.setOrder(2);
return registration;
}
/**
* Apache Shiro Filter
* @throws Exception
*/
@Bean
@Order(3000)
@ConditionalOnMissingBean(name="shiroFilterProxy")
public FilterRegistrationBean shiroFilterProxy(ShiroFilterFactoryBean shiroFilter) throws Exception {
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setFilter((Filter) shiroFilter.getInstance());
bean.addUrlPatterns("/*");
return bean;
}
@Bean
public FilterRegistrationBean<Filter> requestEncodingFilterRegistration() {
FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>(requestEncodingFilter());
registration.addUrlPatterns("/*");
registration.addInitParameter("encoding", "UTF-8");
registration.setName("RequestEncodingFilter");
registration.setOrder(4);
return registration;
}
@Bean
public FilterRegistrationBean jwtFilter() {
final FilterRegistrationBean registrationBean = new FilterRegistrationBean();
registrationBean.setFilter(new JwtFilter());
registrationBean.setInitParameters(Collections.singletonMap("services.auth", authService));
registrationBean.addUrlPatterns("/protected-resource");
return registrationBean;
}
@Bean
public FilterRegistrationBean corsFilter() {
FilterRegistrationBean filter = new FilterRegistrationBean(new CorsFilter());
filter.addUrlPatterns("/*");
filter.setOrder(1);
return filter;
}
@Bean(name = "shiroFilter")
@DependsOn("securityManager")
@ConditionalOnMissingBean
public FilterRegistrationBean filterRegistrationBean(SecurityManager securityManager) throws Exception {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
//该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
filterRegistration.addInitParameter("targetFilterLifecycle", "true");
filterRegistration.setFilter((Filter) getShiroFilterFactoryBean(securityManager).getObject());
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
return filterRegistration;
}
/**
* druid监控 配置URI拦截策略
*/
@Bean
public FilterRegistrationBean druidStatFilter() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter());
//添加过滤规则.
filterRegistrationBean.addUrlPatterns("/*");
//添加不需要忽略的格式信息.
filterRegistrationBean.addInitParameter(
"exclusions", "/static/*,*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid,/druid/*");
//用于session监控页面的用户名显示 需要登录后主动将username注入到session里
filterRegistrationBean.addInitParameter("principalSessionName", "username");
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean<HeaderValidatorFilter> headerValidatorFilter() {
FilterRegistrationBean<HeaderValidatorFilter> registrationBean = new FilterRegistrationBean<>();
registrationBean.setFilter(new HeaderValidatorFilter());
registrationBean.addUrlPatterns("*");
return registrationBean;
}
@Bean
public FilterRegistrationBean casAuthenticationFilterRegistrationBean(
final CasAuthenticationFilter casAuthenticationFilter) {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(casAuthenticationFilter);
filterRegistrationBean.addUrlPatterns("/*");
filterRegistrationBean.setOrder(3);
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean openEntityManagerInViewFilter() {
FilterRegistrationBean<OpenEntityManagerInViewFilter> filterRegistrationBean
= new FilterRegistrationBean<>(new OpenEntityManagerInViewFilter());
filterRegistrationBean.addUrlPatterns("/*");
filterRegistrationBean.setName("openEntityManagerInViewFilter");
filterRegistrationBean.setOrder(-200); // 必须在安全过滤器(-100)之前执行
filterRegistrationBean.setDispatcherTypes(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD));
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean urlRewriteFilterRegistration() {
DelegatingFilterProxy proxy = new DelegatingFilterProxy("urlRewriteFilter");
proxy.setTargetFilterLifecycle(true);
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setName("urlRewriteFilter");
registration.setFilter(proxy);
registration.setDispatcherTypes(EnumSet.of(DispatcherType.REQUEST));
registration.addUrlPatterns("/*");
registration.setOrder(0);
return registration;
}
/**
* @return GZIP filter bean
*/
@Bean
public FilterRegistrationBean<?> gzipFilterRegistrationBean() {
String path = Api1.PATH + "*";
FilterRegistrationBean<?> frb = new FilterRegistrationBean<>(new GZipServletFilter());
logger.debug("Initializing GZip filter [{}]...", path);
frb.addUrlPatterns(path);
frb.setAsyncSupported(true);
frb.setEnabled(Config.GZIP_ENABLED);
frb.setMatchAfter(true);
frb.setOrder(20);
return frb;
}
/**
* 去除监控页面底部的广告
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
@Bean
@ConditionalOnProperty(name = "spring.datasource.druid.statViewServlet.enabled", havingValue = "true")
public FilterRegistrationBean removeDruidFilterRegistrationBean(DruidStatProperties properties)
{
// 获取web监控页面的参数
DruidStatProperties.StatViewServlet config = properties.getStatViewServlet();
// 提取common.js的配置路径
String pattern = config.getUrlPattern() != null ? config.getUrlPattern() : "/druid/*";
String commonJsPattern = pattern.replaceAll("\\*", "js/common.js");
final String filePath = "support/http/resources/js/common.js";
// 创建filter进行过滤
Filter filter = new Filter()
{
@Override
public void init(javax.servlet.FilterConfig filterConfig) throws ServletException
{
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException
{
chain.doFilter(request, response);
// 重置缓冲区,响应头不会被重置
response.resetBuffer();
// 获取common.js
String text = Utils.readFromResource(filePath);
// 正则替换banner, 除去底部的广告信息
text = text.replaceAll("<a.*?banner\"></a><br/>", "");
text = text.replaceAll("powered.*?shrek.wang</a>", "");
response.getWriter().write(text);
}
@Override
public void destroy()
{
}
};
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
registrationBean.setFilter(filter);
registrationBean.addUrlPatterns(commonJsPattern);
return registrationBean;
}
/**
* The requirement for using the instruction is that the creation of
* {@link CorsProperties} object beans must precede this</br>
* e.g.
*
* <pre>
* @Bean
* public CorsProperties corsProperties() {
* ...
* }
* </pre>
*
* <b style="color:red;font-size:40px"> ↑</b>
*
* <pre>
* @Bean
* @ConditionalOnBean(CorsProperties.class)
* public FilterRegistrationBean corsResolveSecurityFilterBean(CorsProperties config) {
* ...
* }
* </pre>
*/
@Bean
@ConditionalOnBean(CorsProperties.class)
public FilterRegistrationBean corsResolveSecurityFilterBean(CorsSecurityFilter filter) {
// Register CORS filter
FilterRegistrationBean filterBean = new FilterRegistrationBean(filter);
filterBean.setOrder(ORDER_CORS_PRECEDENCE);
// Cannot use '/*' or it will not be added to the container chain (only
// '/**')
filterBean.addUrlPatterns("/*");
return filterBean;
}