最近在学习filter,看完理论知识之后,就特地在实际工作中的系统中去验证。
SSP系统实例如下:
1.在web.xml中寻找 filter的配置信息
如下:
<filter>
<filter-name>passoFilter</filter-name>
<filter-class>com.pingan.passo.wls.client.filter.SSOClientFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>passoFilter</filter-name>
<url-pattern>/login</url-pattern>
</filter-mapping>
<filter>
<filter-name>CookieFilter</filter-name>
<filter-class>com.paic.phssp.common.filter.CookieFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CookieFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>SecurityAclFilter</filter-name>
<filter-class>com.paic.phssp.common.filter.SecurityAclFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SecurityAclFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>SecurityAclFilter</filter-name>
<url-pattern>*.screen</url-pattern>
</filter-mapping>
<filter>
<filter-name>AppScanFilter</filter-name>
<filter-class>com.paic.phssp.common.filter.AppScanFilter</filter-class>
<init-param>
<param-name>excludedPages</param-name>
<param-value>/phssp/document.create.check.prop.do,/phssp/document.create.content.do,/phssp/document.create.new.do,/phssp/document.create.update.do,/phssp/document.editPreView.do,/phssp/newDocument.detialPreView.do,/phssp/document.detialPreView.do,/phssp/document.downLoadPdf.do,/phssp/document.detialPreWordView.do,/appsvr/phssp/redis/test</param-value><!-- 匹配不做拦截的请求声明-->
</init-param>
</filter>
<filter-mapping>
<filter-name>AppScanFilter</filter-name>
<url-pattern>*.do</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>AppScanFilter</filter-name>
<url-pattern>*.screen</url-pattern>
</filter-mapping>
<filter>
<filter-name>UMSecurityFilter</filter-name>
<filter-class>
com.pingan.security.client.filter.UMSecurityFilter
</filter-class>
<init-param>
<param-name>SecurityPropertiesName</param-name>
<param-value>um-security.properties</param-value>
</init-param>
<init-param>
<description>不希望被拦截的页面, 默认不拦截js css 图片</description>
<param-name>publicPages</param-name>
<param-value>/login;/login.jsp;/ssologin.jsp;/logout.jsp;/ssp/privilege/ISendUserPrivilege.do;/appsvr/phssp/doc/generate.do;/appsvr/phssp/redis/test;/phssp/newDocument.detialPreView.do;/phssp/pdfsign.manage.getBasemessage.do;/phssp/pdfsign.manage.getBasemessage.do</param-value>
</init-param>
<init-param>
<param-name>UserRoleService</param-name>
<param-value>
com.pingan.security.client.policy.acl.service.UM2UserRoleService
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>UMSecurityFilter</filter-name>
<url-pattern>*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<filter>
<filter-name>Set Character Encoding</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Set Character Encoding</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>RefererFilter</filter-name>
<filter-class>com.paic.phssp.common.filter.RefererFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>RefererFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
其中有四个是在代码中有实现的,其他 都是引用第三方jar包的。
下面我们就来看看这四个实现的filter
AppScanFilter.java
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· 浏览器原生「磁吸」效果!Anchor Positioning 锚点定位神器解析
· 没有源码,如何修改代码逻辑?
· 一个奇形怪状的面试题:Bean中的CHM要不要加volatile?
· 分享4款.NET开源、免费、实用的商城系统
· 全程不用写代码,我用AI程序员写了一个飞机大战
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
· 上周热点回顾(2.24-3.2)