下面列出了org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean#org.springframework.boot.web.servlet.FilterRegistrationBean 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
@Test
public void shouldReadNewPrefixesPropertyAndIncludeOldPrefixProperty() {
this.context.register(EnableAutoConfig.class);
TestPropertyValues
.of("edison.application.management.base-path=/internal")
.and("edison.ldap.enabled=true")
.and("edison.ldap.host=localhost")
.and("edison.ldap.rdn-identifier=test-rdn")
.and("edison.ldap.base-dn=test-dn")
.and("edison.ldap.prefix=/deprecatedTestPrefix")
.and("edison.ldap.prefixes=/newTestPrefix")
.applyTo(context);
this.context.refresh();
final FilterRegistrationBean<?> filterRegistrationBean = this.context.getBean("ldapAuthenticationFilter", FilterRegistrationBean.class);
final ArrayList<String> urlPatterns = new ArrayList<String>(filterRegistrationBean.getUrlPatterns());
assertThat(urlPatterns, hasSize(2));
assertThat(urlPatterns, containsInAnyOrder("/deprecatedTestPrefix/*", "/newTestPrefix/*"));
}
@Bean
@ConditionalOnWebApplication
@ConditionalOnClass(name = "net.hasor.web.startup.RuntimeFilter")
public FilterRegistrationBean<?> hasorRuntimeFilter() {
Objects.requireNonNull(this.appContext, "AppContext is not inject.");
Filter runtimeFilter = null;
if (this.filterWorkAt == WorkAt.Filter) {
runtimeFilter = new RuntimeFilter(this.appContext); // 过滤器模式
} else {
runtimeFilter = new EmptyFilter(); // 拦截器模式
}
//
FilterRegistrationBean<Filter> filterBean = //
new FilterRegistrationBean<>(runtimeFilter);
filterBean.setUrlPatterns(Collections.singletonList(this.filterPath));
filterBean.setOrder(this.filterOrder);
filterBean.setName(RuntimeFilter.class.getName());
return filterBean;
}
@Bean
public FilterRegistrationBean druidWebStatFilter(DruidDataSourceProperties druidProperties) {
log.debug("druid web-stat-filter init...");
DruidWebStatProperties properties = druidProperties.getWebStat();
FilterRegistrationBean registration = new FilterRegistrationBean(new WebStatFilter());
registration.addUrlPatterns(properties.getUrlPatterns());
registration.addInitParameter("exclusions", properties.getExclusions());
registration.addInitParameter("sessionStatEnable", Boolean.toString(properties.isSessionStatEnable()));
if (!StringUtils.isEmpty(properties.getSessionStatMaxCount())) {
registration.addInitParameter("sessionStatMaxCount",Integer.toString(properties.getSessionStatMaxCount()));
}
if (!StringUtils.isEmpty(properties.getPrincipalSessionName())) {
registration.addInitParameter("principalSessionName", properties.getPrincipalSessionName());
}
if (!StringUtils.isEmpty(properties.getPrincipalCookieName())) {
registration.addInitParameter("principalCookieName", properties.getPrincipalCookieName());
}
registration.addInitParameter("profileEnable", Boolean.toString(properties.isProfileEnable()));
return registration;
}
/**
* 默认的登录验证过滤器
*/
@Bean("authc")
public FilterRegistrationBean<TrustableFormAuthenticatingFilter> authenticationFilter(
@Autowired(required = false) List<LoginListener> loginListeners,
ShiroBizProperties properties) {
TrustableFormAuthenticatingFilter authcFilter = new TrustableFormAuthenticatingFilter();
// 是否验证验证码
authcFilter.setCaptchaEnabled(properties.isEnabled());
// 登录监听:实现该接口可监听账号登录失败和成功的状态,从而做业务系统自己的事情,比如记录日志
authcFilter.setLoginListeners(loginListeners);
//authcFilter.setSessionStateless(properties.isSessionStateless());
/*
* * 自定义Filter通过@Bean注解后,被Spring Boot自动注册到了容器的Filter
* chain中,这样导致的结果是,所有URL都会被自定义Filter过滤, 而不是Shiro中配置的一部分URL。下面方式可以解决该问题
*/
FilterRegistrationBean<TrustableFormAuthenticatingFilter> registration = new FilterRegistrationBean<TrustableFormAuthenticatingFilter>(
authcFilter);
registration.setEnabled(false);
return registration;
}
@Test
public void ensureBackwardsCompatibilityForPrefixesProperty() {
this.context.register(EnableAutoConfig.class);
TestPropertyValues
.of("edison.application.management.base-path=/internal")
.and("edison.ldap.enabled=true")
.and("edison.ldap.host=localhost")
.and("edison.ldap.rdn-identifier=test-rdn")
.and("edison.ldap.base-dn=test-dn")
.and("edison.ldap.prefix=/deprecatedTestPrefix")
.applyTo(context);
this.context.refresh();
final FilterRegistrationBean<?> filterRegistrationBean = this.context.getBean("ldapAuthenticationFilter", FilterRegistrationBean.class);
final ArrayList<String> urlPatterns = new ArrayList<String>(filterRegistrationBean.getUrlPatterns());
assertThat(urlPatterns, hasSize(1));
assertThat(urlPatterns, containsInAnyOrder("/deprecatedTestPrefix/*"));
}
/**
* xss过滤拦截器
*/
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
filterRegistrationBean.setFilter(new XssFilter());
filterRegistrationBean.setOrder(Integer.MAX_VALUE - 1);
filterRegistrationBean.setEnabled(true);
filterRegistrationBean.addUrlPatterns("/*");
Map<String, String> initParameters = new HashMap<>();
// excludes用于配置不需要参数过滤的请求url
initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
// isIncludeRichText主要用于设置富文本内容是否需要过滤 TODO: 好像无效
initParameters.put("isIncludeRichText", "true");
// 配置过滤URL白名单
initParameters.put(Constants.XSS_NOTICE_KEY, "");
filterRegistrationBean.setInitParameters(initParameters);
return filterRegistrationBean;
}
/*********************************************************************************************************/
//shiro设置
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean<DelegatingFilterProxy> registration = new FilterRegistrationBean<>();
registration.setFilter(new DelegatingFilterProxy());
registration.addUrlPatterns("/api/*");
registration.addInitParameter("targetFilterLifecycle", "true");
registration.setName("shiroFilter");//名字必须和ShiroFilterFactoryBean一样
return registration;
}
/**
* 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
*
* @return
*/
@Bean
public FilterRegistrationBean singleSignOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new SingleSignOutFilter());
filterRegistration.setEnabled(casEnabled);
if (autoconfig.getSignOutFilters().size() > 0) {
filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters());
} else {
filterRegistration.addUrlPatterns("/*");
}
filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix());
filterRegistration.setOrder(3);
return filterRegistration;
}
@Bean
public FilterRegistrationBean<CrnFilter> crnFilterRegistrationBean() {
FilterRegistrationBean<CrnFilter> registrationBean = new FilterRegistrationBean<>();
CrnFilter filter = new CrnFilter();
registrationBean.setFilter(filter);
registrationBean.setOrder(CRN_FILTER_ORDER);
return registrationBean;
}
@Bean
public FilterRegistrationBean shiroFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new DelegatingFilterProxy("shiroFilter"));
//该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
registration.addInitParameter("targetFilterLifecycle", "true");
registration.setEnabled(true);
registration.setOrder(Integer.MAX_VALUE - 1);
registration.addUrlPatterns("/*");
return registration;
}
@Bean
public FilterRegistrationBean characterEncodingFilterRegistration() {
FilterRegistrationBean registrationBean =
new FilterRegistrationBean(characterEncodingFilter());
registrationBean.setName("CharacterEncodingFilter");
registrationBean.addUrlPatterns("/*");
registrationBean.setOrder(1);
return registrationBean;
}
/**
* 取消 Shiro Filter 的/*自动注册行为
* @param filter
* @return
*/
@Bean
public FilterRegistrationBean disableRegistrationLogout(EasyLogoutFilter filter) {
FilterRegistrationBean registration = new FilterRegistrationBean(filter);
registration.setEnabled(false);
return registration;
}
/***
* 异常解释
* @return
*/
// @Bean(BootWebCommonAutoConfig.BEAN_NAME_EXCEPTION_RESOLVER)
/*@Bean
public ResponseEntityExceptionHandler responseEntityExceptionHandler(){
BootWebExceptionHandler handler = new BootWebExceptionHandler();
return handler;
}*/
@Bean
public FilterRegistrationBean requestContextFilter(){
FilterRegistrationBean registration = new FilterRegistrationBean(new BootRequestContextFilter());
registration.setOrder(Ordered.HIGHEST_PRECEDENCE+100);
registration.setName("requestContextFilter");
return registration;
}
@Bean
public FilterRegistrationBean webStatFilter() {
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setFilter(new WebStatFilter());
Map<String, String> initParams = new HashMap<>();
initParams.put("exclusions", "*.js,*.css,/druid/*");
bean.setInitParameters(initParams);
bean.setUrlPatterns(Arrays.asList("/*"));
return bean;
}
@Bean
public FilterRegistrationBean<OAuth2ClientContextFilter> oauth2ClientFilterRegistration(
OAuth2ClientContextFilter filter, SecurityProperties security) {
FilterRegistrationBean<OAuth2ClientContextFilter> registration = new FilterRegistrationBean<>();
registration.setFilter(filter);
registration.setOrder(security.getFilter().getOrder() - 10);
return registration;
}
@SuppressWarnings({ "rawtypes", "unchecked" })
@Bean
public FilterRegistrationBean containerBasedAuthenticationFilter(){
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new ContainerBasedAuthenticationFilter());
filterRegistration.setInitParameters(Collections.singletonMap("authentication-provider", "org.camunda.bpm.extension.keycloak.showcase.sso.KeycloakAuthenticationProvider"));
filterRegistration.setOrder(101); // make sure the filter is registered after the Spring Security Filter Chain
filterRegistration.addUrlPatterns("/app/*");
return filterRegistration;
}
@Bean
public FilterRegistrationBean testFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new MyFilter());
//过滤掉 /getUser 和/hello 的请求
registration.addUrlPatterns("/getUser","/hello");
//过滤掉所有请求
// registration.addUrlPatterns("/*");
registration.addInitParameter("paramName", "paramValue");
registration.setName("MyFilter");
registration.setOrder(1);
return registration;
}
@Bean
@SuppressWarnings({"rawtypes", "unchecked"}) // generic as of Spring Boot 2
public FilterRegistrationBean tracingFilter(
final Tracer tracer) {
final TracingFilter filter = new TracingFilter(tracer, emptyList(), null);
final FilterRegistrationBean bean = new FilterRegistrationBean(filter);
bean.setAsyncSupported(true);
return bean;
}
@Bean
public FilterRegistrationBean filterLoginRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
//注入过滤器
registration.setFilter(new LoginFilter());
//拦截规则
registration.addUrlPatterns("/member.html");
//过滤器名称
registration.setName("LoginFilter");
//是否自动注册 false 取消Filter的自动注册
registration.setEnabled(true);
//过滤器顺序
registration.setOrder(1);
return registration;
}
@Bean
public FilterRegistrationBean catFilter() {
FilterRegistrationBean registration = new FilterRegistrationBean();
CatServletFilter filter = new CatServletFilter();
registration.setFilter(filter);
registration.addUrlPatterns("/*");
registration.setName("cat-filter");
registration.setOrder(1);
return registration;
}
/**
* 注册FilterRegistrationBean
* @return
*/
@Bean
public FilterRegistrationBean<WebStatFilter> druidStatFilter() {
FilterRegistrationBean<WebStatFilter> bean = new FilterRegistrationBean<>(new WebStatFilter());
//添加过滤规则.
bean.addUrlPatterns("/*");
//添加不需要忽略的格式信息.
bean.addInitParameter("exclusions","*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*");
return bean;
}
@Bean
@ConditionalOnMissingBean(name = "juiserForwardedUserFilter")
public FilterRegistrationBean juiserForwardedUserFilter() {
ForwardedUserFilterConfig cfg = juiserForwardedUserFilterConfig();
Filter filter = new SpringForwardedUserFilter(forwardedHeaderConfig().getName(),
juiserRequestUserFactory(),
cfg.getRequestAttributeNames());
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setFilter(filter);
bean.setEnabled(cfg.isEnabled());
bean.setMatchAfter(cfg.isMatchAfter());
bean.setOrder(cfg.getOrder());
Set<DispatcherType> dispatcherTypes = cfg.getDispatcherTypes();
if (!CollectionUtils.isEmpty(dispatcherTypes)) {
bean.setDispatcherTypes(EnumSet.copyOf(dispatcherTypes));
}
Set<String> set = cfg.getServletNames();
if (!CollectionUtils.isEmpty(set)) {
bean.setServletNames(set);
}
set = cfg.getUrlPatterns();
if (!CollectionUtils.isEmpty(set)) {
bean.setUrlPatterns(set);
}
return bean;
}
@Bean
public FilterRegistrationBean<NakedDomainFilter> nakedDomainFilterRegistrationBean(EnvConfig envConfig) {
FilterRegistrationBean<NakedDomainFilter> registrationBean =
new FilterRegistrationBean<>(new NakedDomainFilter(envConfig));
registrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE + 90); // before ReverseProxyFilter
return registrationBean;
}
@Bean
public FilterRegistrationBean casAuthenticationFilterRegistrationBean(
final CasAuthenticationFilter casAuthenticationFilter) {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(casAuthenticationFilter);
filterRegistrationBean.addUrlPatterns("/*");
filterRegistrationBean.setOrder(3);
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean<AssertionThreadLocalFilter> assertionThreadLocalFilter() {
FilterRegistrationBean<AssertionThreadLocalFilter> filterRegistration = new FilterRegistrationBean<AssertionThreadLocalFilter>();
filterRegistration.setFilter(new AssertionThreadLocalFilter());
filterRegistration.setEnabled(casProperties.isEnabled());
filterRegistration.addUrlPatterns(casProperties.getAssertionThreadLocalFilterUrlPatterns());
filterRegistration.setOrder(6);
return filterRegistration;
}
@Bean
public FilterRegistrationBean<HealthCheckFilter> healthCheckFilterRegistrationBean() {
FilterRegistrationBean<HealthCheckFilter> registrationBean =
new FilterRegistrationBean<>(new HealthCheckFilter());
registrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE + 70); // before faviconFilter
return registrationBean;
}
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean<Filter> bean = new FilterRegistrationBean<>();
bean.addUrlPatterns("/*");
bean.setFilter(resourceServerFilter);
return bean;
}
@Bean
public FilterRegistrationBean profilerFilterRegistration() {
FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
registration.setFilter(new PerfFilter());
registration.addUrlPatterns("/*");
registration.setName("profilerHttpFilter");
registration.setOrder(1);
return registration;
}
/**
* druid监控 配置URI拦截策略
*/
@Bean
public FilterRegistrationBean druidStatFilter() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter());
//添加过滤规则.
filterRegistrationBean.addUrlPatterns("/*");
//添加不需要忽略的格式信息.
filterRegistrationBean.addInitParameter(
"exclusions", "/static/*,*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid,/druid/*");
//用于session监控页面的用户名显示 需要登录后主动将username注入到session里
filterRegistrationBean.addInitParameter("principalSessionName", "username");
return filterRegistrationBean;
}
@Bean
public FilterRegistrationBean<CorsFilter> corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<>(new CorsFilter(source));
bean.setOrder(0);
return bean;
}