访问资源文件夹

时间:2017-08-15 05:08:34

标签: java spring filter resources

在我的spring项目中,我编写了一个过滤器来处理所有的request.it工作正常,但在访问资源时发生了无限循环。

我在类扩展WebMvcConfigurerAdapter下定义了我的资源文件夹 这是我用来定义资源文件夹的代码: -

这是我的请求网址:

@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
    registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
http://localhost:8080/abc/resources/images/chart/receivableaccounts.png

通过浏览器访问此URL时,请求在控制台(eclipse)中进行了多次。

我无法确定真正的问题是什么。

这是我的RequestFilter:

package org.abc.app.config;

import java.io.IOException;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.businesscognizance.app.util.Session;

/**
* <b>Custom filter created for handling all incoming,outgoing 
requests</b>
* 
* @author Jishnu
* 
*/

public class RequestFilter implements Filter {

private static Logger logger = 
LogManager.getLogger(RequestFilter.class);

@Override
public void init(FilterConfig filterConfig) throws ServletException {

}

@Override
public void doFilter(ServletRequest request, ServletResponse response, 
FilterChain chain)
        throws IOException, ServletException {
    HttpServletResponse httpServletResponse = (HttpServletResponse) response;
    HttpServletRequest httpServletRequest = (HttpServletRequest) request;
    String context = httpServletRequest.getContextPath();
    String requestUri = httpServletRequest.getRequestURI();
    int status = httpServletResponse.getStatus();
    System.out.println("hey there>>>>" + requestUri + "check this" + context + "/resources");
    if (isAuthenticated(httpServletRequest) || requestUri.equals(context + "/login")
            || requestUri.startsWith(context + "/resources")) {

        logger.info("access granted for a device with ip address" + " '" + httpServletRequest.getRemoteAddr() + "' "
                + "for requested url" + " '" + httpServletRequest.getRequestURL() + "'");

        if (isAuthorized()) {

        } else {
            httpServletResponse.reset();
            httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN);
            return;

        }
        chain.doFilter(request, response);

    }

    else {
        httpServletResponse.reset();
        if (status == HttpServletResponse.SC_ACCEPTED || status == HttpServletResponse.SC_OK) {
            httpServletResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        } else {
            httpServletResponse.setStatus(status);
        }
        httpServletResponse.getWriter().println("server rejected your request");

        return;

    }

}

@Override
public void destroy() {

}

public boolean isAuthorized() {
    return true;
}

public boolean isAuthenticated(HttpServletRequest request) {
    String accessToken = request.getHeader("access_token");
    boolean result = false;
    if (accessToken != null) {
        if (Session.ifTokenExists(accessToken)) {
            result = true;
        }

    }

    return result;
}

}

如果您还有其他需要,请告诉我。

任何建议都会有用。

谢谢

1 个答案:

答案 0 :(得分:0)

这似乎是一个很好的实现:

  1. 预先认证的请求。
  2. 请求静态资源。
  3. 这看起来直接超过2003年的代码库;我建议您首先扩展OncePerRequestFilter并将过滤器设为@Component。由于您的isAuthorized方法不执行任何操作,因此您可以通过覆盖shouldNotFilter方法直接绕过某些网址的过滤器。你读过HttpServletResponse的Javadoc吗?调用reset会重置状态代码,因此这种代码无效status == HttpServletResponse.SC_ACCEPTED || status == HttpServletResponse.SC_OK

    我知道这并没有解决所谓的无限循环问题,但是一旦你清理它,你就可能没有这样的问题了。最后但并非最不重要,请使用调试器来帮助自己;你有代码,我们没有。