我想知道,如何在web.xml中设置每个请求都调用的Filter?
只需创建一个过滤器,并将其映射到/ *
EG
<filter>
<filter-name>MyFilter</filter-name>
<filter-class>com.mycompany.MyFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>MyFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
使用'*'通配符添加过滤器映射。
<filter-mapping>
<filter-name>TestFilter</filter-name>
<url-pattern>*</url-pattern>
</filter-mapping>
Spring Security Web将所有URL定义为/**。所以它应该适用于所有请求。
见 - org.springframework.security.web.util.matcher.AntPathRequestMatcher
它将MATCH_ALL常量定义为/**,这个最终变量用于matches方法。
粘贴在org.springframework.security.web.util.matcher.AntPathRequestMatcher的方法定义下面,它决定某些请求url是否匹配。如果模式设置为MATCH_ALL aka /**,则返回true。
public boolean matches(HttpServletRequest request) {
if (this.httpMethod != null && StringUtils.hasText(request.getMethod())
&& this.httpMethod != valueOf(request.getMethod())) {
if (logger.isDebugEnabled()) {
logger.debug("Request '" + request.getMethod() + " "
+ getRequestPath(request) + "'" + " doesn't match '"
+ this.httpMethod + " " + this.pattern + "'");
}
return false;
}
if (this.pattern.equals(MATCH_ALL)) {
if (logger.isDebugEnabled()) {
logger.debug("Request '" + getRequestPath(request)
+ "' matched by universal pattern '/**'");
}
return true;
}
String url = getRequestPath(request);
if (logger.isDebugEnabled()) {
logger.debug("Checking match of request : '" + url + "'; against '"
+ this.pattern + "'");
}
return this.matcher.matches(url);
}
你确定请求是在击中控制器/ servlet吗?如果它正在进行Ajax调用或运行一些JS,那么过滤器就不会命中。