在我的spring项目中,我编写了一个过滤器来处理所有的request.it工作正常,但在访问资源时发生了无限循环。
我在类扩展WebMvcConfigurerAdapter下定义了我的资源文件夹 这是我用来定义资源文件夹的代码: -
这是我的请求网址:
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
http://localhost:8080/abc/resources/images/chart/receivableaccounts.png
通过浏览器访问此URL时,请求在控制台(eclipse)中进行了多次。
我无法确定真正的问题是什么。
这是我的RequestFilter:
package org.abc.app.config;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.businesscognizance.app.util.Session;
/**
* <b>Custom filter created for handling all incoming,outgoing
requests</b>
*
* @author Jishnu
*
*/
public class RequestFilter implements Filter {
private static Logger logger =
LogManager.getLogger(RequestFilter.class);
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String context = httpServletRequest.getContextPath();
String requestUri = httpServletRequest.getRequestURI();
int status = httpServletResponse.getStatus();
System.out.println("hey there>>>>" + requestUri + "check this" + context + "/resources");
if (isAuthenticated(httpServletRequest) || requestUri.equals(context + "/login")
|| requestUri.startsWith(context + "/resources")) {
logger.info("access granted for a device with ip address" + " '" + httpServletRequest.getRemoteAddr() + "' "
+ "for requested url" + " '" + httpServletRequest.getRequestURL() + "'");
if (isAuthorized()) {
} else {
httpServletResponse.reset();
httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
chain.doFilter(request, response);
}
else {
httpServletResponse.reset();
if (status == HttpServletResponse.SC_ACCEPTED || status == HttpServletResponse.SC_OK) {
httpServletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
} else {
httpServletResponse.setStatus(status);
}
httpServletResponse.getWriter().println("server rejected your request");
return;
}
}
@Override
public void destroy() {
}
public boolean isAuthorized() {
return true;
}
public boolean isAuthenticated(HttpServletRequest request) {
String accessToken = request.getHeader("access_token");
boolean result = false;
if (accessToken != null) {
if (Session.ifTokenExists(accessToken)) {
result = true;
}
}
return result;
}
}
如果您还有其他需要,请告诉我。
任何建议都会有用。
谢谢
答案 0 :(得分:0)
这似乎是一个很好的实现:
这看起来直接超过2003年的代码库;我建议您首先扩展OncePerRequestFilter并将过滤器设为@Component。由于您的isAuthorized方法不执行任何操作,因此您可以通过覆盖shouldNotFilter方法直接绕过某些网址的过滤器。你读过HttpServletResponse的Javadoc吗?调用reset会重置状态代码,因此这种代码无效status == HttpServletResponse.SC_ACCEPTED || status == HttpServletResponse.SC_OK。
我知道这并没有解决所谓的无限循环问题,但是一旦你清理它,你就可能没有这样的问题了。最后但并非最不重要,请使用调试器来帮助自己;你有代码,我们没有。