Spring-security自定义配置器

定义配置器

public final class MyFilterConfigurer<H extends HttpSecurityBuilder<H>>
        extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, H> {
    
    public void configure(H http) throws Exception {
        http.addFilterBefore(new MyFilter() , SecurityContextPersistenceFilter.class);
    }
    
    public static class MyFilter extends GenericFilterBean{

        @Override
        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
                throws IOException, ServletException {
            System.out.println(request);
            chain.doFilter(request, response);
        }
        
    }
}

配置

@Configuration
    public static class WebSecurityConfigurer extends WebSecurityConfigurerAdapter{

        
        @Override
        protected void configure(HttpSecurity http) throws Exception {
            http
                .apply(new MyFilterConfigurer<>())
            .and()
                .formLogin()
            .and()
                .logout()
                    .invalidateHttpSession(true)
                    .logoutUrl("/logout").logoutSuccessUrl("/")
                    .logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
            .and()
                .sessionManagement()
                    .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
            .and()
                .authorizeRequests()
                    .anyRequest().authenticated();
        }
    }