<!-- AuthFilter --> <filter> <filter-name>authFilter</filter-name> <filter-class>com.crm.filter.AuthFilter</filter-class> <init-param> <param-name>encoding</param-name> <param-value>utf-8</param-value> </init-param> </filter> <filter-mapping> <filter-name>authFilter</filter-name> <url-pattern>/crm/*</url-pattern> </filter-mapping>
2、Filter类
import java.io.IOException; import java.io.PrintWriter; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; import com.alibaba.fastjson.JSONObject; /** * 权限校验过滤器 */ public class AuthFilter implements Filter{ private static final Logger logger = LoggerFactory.getLogger(AuthFilter.class); private CrmService crmService; private static String encoding;//不能用final修饰 @Override public void init(FilterConfig filterConfig) throws ServletException { String logStr="AuthFilter.init..."; encoding=filterConfig.getInitParameter("encoding"); logger.info(logStr+"初始化encoding="+encoding); //Filter中不能直接获取spring中的service //用注解的方式无法注入crmService,打印日志如下:“AuthFilter.doFilter...过滤处理, commonService=null” ApplicationContext context=WebApplicationContextUtils.getRequiredWebApplicationContext(filterConfig.getServletContext()); crmService=(CrmService) context.getBean("crmService"); } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { String logStr="AuthFilter.doFilter..."; logger.info(logStr+"过滤处理"); HttpServletRequest request=(HttpServletRequest) servletRequest; HttpServletResponse response=(HttpServletResponse) servletResponse; request.setCharacterEncoding(encoding); // PrintWriter out=null; try{ UserInfo userInfo=crmService.validateMethod(request); logger.info(logStr+String.format("过滤校验通过:token=%s, servletPath=%s, uri=%s, url=%s", request.getHeader("TOKEN_KEY_NAME_DEMO"),request.getServletPath(),request.getRequestURI(),request.getRequestURL()));//serveletPath拿不到 request.setAttribute("CRM_REQUEST_USERINFO_DEMO", userInfo); filterChain.doFilter(request, response); }catch(DemoValidateException e){ //公共校验异常 logger.error(logStr+"接口公共校验异常"); BaseResponse rsp=new BaseResponse(); rsp.setErrCode(e.getCode()); rsp.setErrMsg(e.getMessage()); //响应 response.setContentType("application/json"); response.setCharacterEncoding(encoding); out = response.getWriter(); out.print(JSONObject.toJSONString(rsp)); logger.info(logStr+String.format("过滤校验未通过:token=%s, rsp=%s", request.getHeader("TOKEN_KEY_NAME_DEMO"),JSONObject.toJSONString(rsp))); out.flush(); }finally { if(null!=out){ out.close(); } } } @Override public void destroy() { String logStr="AuthFilter.destroy..."; logger.info(logStr+"销毁过滤器"); } }