spring boot 会按照order值的大小,从大到小的顺序来依次过滤。
贴下代码:
package com.osp.ucenter;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.web.filter.DelegatingFilterProxy;
import com.osp.ucenter.filter.CrossDomainFilter;
import com.osp.ucenter.filter.Initfilter;
import com.osp.ucenter.filter.SecurityFilter;
@EnableAutoConfiguration
@SpringBootApplication
public class UcenterMain {
public static void main(String[] args) {
SpringApplication.run(UcenterMain.class, args);
}
/**
* 跨域处理Filter(最先执行此过滤器,避免跨域请求调用两次而执行后续的过滤器链)
*
* @return
*/
@Bean
@Order(Integer.MAX_VALUE)
public FilterRegistrationBean crossDomainFilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new CrossDomainFilter());
registration.addUrlPatterns("/*");
registration.setName("CrossDomainFilter");
return registration;
}
/**
* 初始化
*
* @return
*/
@Bean
@Order(Integer.MAX_VALUE-1)
public FilterRegistrationBean InitfilterRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new Initfilter());
registration.addUrlPatterns("/no");
registration.setName("Initfilter");
return registration;
}
/**
* 安全权限 DelegatingFilterProxy servlet容器与IOC容器关联
*
* @return
*/
@Bean
@Order(Integer.MAX_VALUE-2)
public FilterRegistrationBean securityFilter() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new DelegatingFilterProxy("SecurityFilter"));
registration.addInitParameter("targetFilterLifecycle", "true");
registration.addUrlPatterns("/*");
return registration;
}
@Bean(name = "SecurityFilter")
public SecurityFilter getSecurityFilter(){
return new SecurityFilter();
}
}
随便贴一个过滤器
package com.osp.ucenter.filter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.web.filter.OncePerRequestFilter;
/**
* 处理跨域的filter
*
*/
public class CrossDomainFilter extends OncePerRequestFilter {
Logger logger = Logger.getLogger(CrossDomainFilter.class);
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
try {
// 跨域
String origin = request.getHeader("Origin");
if (origin == null) {
response.addHeader("Access-Control-Allow-Origin", "*");
} else {
response.addHeader("Access-Control-Allow-Origin", origin);
}
response.addHeader("Access-Control-Allow-Headers",
"Origin, x-requested-with, Content-Type, Accept,X-Cookie, token");
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Methods", "GET,POST,PUT,OPTIONS,DELETE");
if (request.getMethod().equals("OPTIONS")) {
response.setStatus(HttpServletResponse.SC_OK);
return;
}
filterChain.doFilter(request, response);
} catch (Exception e) {
logger.error("Exception in crossDomainFilter.doFilter", e);
throw e;
}
}
@Override
public void destroy() {
}
}