Springboot使用filter对response内容进行加密方式
目录
- 使用filter对response内容进行加密
- 编写加密类(AES)
- 编写Filter类
- 写配置类
- Springboot数据加密传输
- 创建加解密注解注解
- 创建request解密类
- 创建response加密类
- 创建AES加密工具类
- 创建加解密Filter类
- 定义过滤器的拦截路径
使用filter对response内容进行加密
编写加密类(AES)
/** * aes加密解密 */ public class AesEncryptUtils { //参数分别代表 算法名称/加密模式/数据填充方式 private static String algorithmstr = "AES/ECB/PKCS5Padding"; public static String getAlgorithmstr() { return algorithmstr; } /** * 加密 * @param content 加密的字符串 * @param encryptKey key值 * @return * @throws Exception */ public static String encrypt(String content, String encryptKey) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); Cipher cipher = Cipher.getInstance(algorithmstr); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(encryptKey.getBytes(), "AES")); byte[] b = cipher.doFinal(content.getBytes("utf-8")); return Base64.encodeBase64String(b); } /** * 解密 * @param encryptStr 解密的字符串 * @param decryptKey 解密的key值 * @return * @throws Exception */ public static String decrypt(String encryptStr, String decryptKey) throws Exception { KeyGenerator kgen = KeyGenerator.getInstance("AES"); kgen.init(128); Cipher cipher = Cipher.getInstance(algorithmstr); cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(decryptKey.getBytes(), "AES")); byte[] encryptBytes = Base64.decodeBase64(encryptStr); byte[] decryptBytes = cipher.doFinal(encryptBytes); return new String(decryptBytes); } public static void main(String[] args) throws Exception{ String str = "pp2bQLjabobRWp2T5Ro5/GlqWCigmkwHYnrOK11VZkTkIA2hSwnEi1sijfTV6Ozd/"; System.out.println(decrypt(str,"f8db034bda44rtkb")); } }
编写Filter类
/** * 过滤器拦截请求,实现加密解密功能 * * @Component 将此Filter交给Spring容器管理 * @WebFilter 通过WebFilter进行Filter声明,这样容器在进行部署的时候就会处理该Filter * */ @Component public class EncryptFilter implements Filter { Logger log = LoggerFactory.getLogger(this.getClass()); @Value("${admin.encrypt.excludeUrl}") private String ignoreStr; private String[] ignoreArr; @Override public void init(FilterConfig filterConfig) throws ServletException { // TODO Auto-generated method stub } /** * 有错误相应返回-44 * * @param response * @throws IOException */ private void getFailResponse(HttpServletResponse response) throws IOException { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); PrintWriter out = null; out = response.getWriter(); // out.write("{\n" + // " \"status\":"+ Constant.ENCRYPT_FAIL +",\n" + // " \"message\": null,\n" + // " \"data\": []\n" + // "}"); //加密后的错误消息 out.write("+D+JO8tuwkrNbxnTTLdqStifmQceT+LlYETnIG/JZKrbAn+gIiqIp3VbzBV1y6R8B7aY53VM2xHa7cY3Osbnqw=="); out.flush(); out.close(); } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) { if(ignoreArr==null){ ignoreArr = ignoreStr.split(","); } HttpServletRequest HttpRequest=(HttpServletRequest)request; HttpServletResponse HttpResponse=(HttpServletResponse)response; boolean flag=isIgnore(HttpRequest,ignoreArr); if(flag) { try { chain.doFilter(HttpRequest, HttpResponse); } catch (IOException e) { e.printStackTrace(); } catch (ServletException e) { e.printStackTrace(); } }else{ try{ //响应处理 包装响应对象 res 并缓存响应数据 ResponseWrapper responseWrapper = new ResponseWrapper((HttpServletResponse) response); //执行业务逻辑 交给下一个过滤器或servlet处理 chain.doFilter(request, responseWrapper); byte[] resData = responseWrapper.getResponseData(); //设置响应内容格式,防止解析响应内容时出错 // responseWrapper.setContentType("text/plain;charset=UTF-8"); //加密响应报文并响应 String encryptBASE64 = AesEncryptUtils.encrypt(new String(resData),Constant.ENCRYPT_STR); PrintWriter out = response.getWriter(); out.print(encryptBASE64); out.flush(); out.close(); }catch(Exception e){ try { getFailResponse((HttpServletResponse)response); } catch (IOException ioException) { ioException.printStackTrace(); } e.printStackTrace(); } } } @Override public void destroy() { // TODO Auto-generated method stub } /** * 哪些路径不处理 * @param request * @param strArr * @return */ public boolean isIgnore(HttpServletRequest request,String[] strArr) { String path=request.getRequestURI(); for(String ignore:strArr) { if(path.contains(ignore)) { return true; } } return false; } }
下图是对应的application.properties中的配置
其中用到了两个工具类
RequestWrapper
/** * @Description: 请求包装类 * @Date: 2020/5/26 16:29 */ public class RequestWrapper extends HttpServletRequestWrapper { private String requestBody = null; //请求体 private HttpServletRequest req = null; // private final byte[] body;//保存流的字节数组 private final Map<String, String> reqHeaders=new HashMap<>(); public RequestWrapper(HttpServletRequest request) throws IOException { super(request); this.req = request; // this.reqHeaders = new HashMap<String, String>(); // String sessionStream = getRequestBodyStr(request);//读取流中的参数 // body = sessionStream.getBytes(Charset.forName("UTF-8")); } public RequestWrapper(HttpServletRequest request, String requestBody) { super(request); this.requestBody = requestBody; this.req = request; // this.reqHeaders = request.get; } /** * @Description: 获取请求body * @Date: 2020/5/26 10:31 * @Param: [request] * @Return: java.lang.String */ public String getRequestBodyStr(final ServletRequest request) throws IOException { StringBuilder sb = new StringBuilder(); InputStream inputStream = null; BufferedReader reader = null; try { inputStream = cloneInputStream(request.getInputStream()); reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8"))); String line = ""; while ((line = reader.readLine()) != null) { sb.append(line); } } catch (IOException e) { e.printStackTrace(); } finally { if (inputStream != null) { inputStream.close(); } if (reader != null) { reader.close(); } } return sb.toString(); } /** * @Description: 复制输入流 * @Param: [inputStream] * @Return: java.io.InputStream */ public InputStream cloneInputStream(ServletInputStream inputStream) throws IOException { ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); byte[] buffer = new byte[1024]; int len; while ((len = inputStream.read(buffer)) > -1) { byteArrayOutputStream.write(buffer, 0, len); } byteArrayOutputStream.flush(); InputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray()); return byteArrayInputStream; } @Override public BufferedReader getReader() throws IOException { return new BufferedReader(new InputStreamReader(getInputStream())); } @Override public ServletInputStream getInputStream() throws IOException { final ByteArrayInputStream bais = new ByteArrayInputStream(requestBody.getBytes(req.getCharacterEncoding())); return new ServletInputStream() { @Override public boolean isFinished() { return false; } @Override public boolean isReady() { return false; } @Override public void setReadListener(ReadListener readListener) { } @Override public int read() throws IOException { return bais.read(); } }; } /** * 添加header的名称和值 * * @param name * @param value */ public void addHeader(String name, String value) { reqHeaders.put(name, value); } @Override public String getHeader(String name) { // log.info("getHeader --->{}", name); String headerValue = super.getHeader(name); if (reqHeaders.containsKey(name)) { headerValue = reqHeaders.get(name); } return headerValue; } /** * 得到headers的名称 */ @Override public Enumeration<String> getHeaderNames() { List<String> names = Collections.list(super.getHeaderNames()); for (String name : reqHeaders.keySet()) { names.add(name); } return Collections.enumeration(names); } @Override public Enumeration<String> getHeaders(String name) { // log.info("getHeaders name --->>>>>>{}", name); List<String> values = Collections.list(super.getHeaders(name)); // log.info("getHeaders value --->>>>>>{}", values); if (reqHeaders.containsKey(name)) { values = Arrays.asList(reqHeaders.get(name)); } return Collections.enumeration(values); } }
ResponseWrapper
/** * @Description: 响应包装类 * @Date: 2020/5/26 16:29 */ public class ResponseWrapper extends HttpServletResponseWrapper { private ByteArrayOutputStream buffer = null; private ServletOutputStream out = null; private PrintWriter writer = null; public ResponseWrapper(HttpServletResponse response) throws IOException { super(response); buffer = new ByteArrayOutputStream();// 真正存储数据的流 out = new WapperedOutputStream(buffer); writer = new PrintWriter(new OutputStreamWriter(buffer,this.getCharacterEncoding())); } /** 重载父类获取outputstream的方法 */ @Override public ServletOutputStream getOutputStream() throws IOException { return out; } /** 重载父类获取writer的方法 */ @Override public PrintWriter getWriter() throws UnsupportedEncodingException { return writer; } /** 重载父类获取flushBuffer的方法 */ @Override public void flushBuffer() throws IOException { if (out != null) { out.flush(); } if (writer != null) { writer.flush(); } } @Override public void reset() { buffer.reset(); } /** 将out、writer中的数据强制输出到WapperedResponse的buffer里面,否则取不到数据 */ public byte[] getResponseData() throws IOException { flushBuffer(); return buffer.toByteArray(); } /** 内部类,对ServletOutputStream进行包装 */ private class WapperedOutputStream extends ServletOutputStream { private ByteArrayOutputStream bos = null; public WapperedOutputStream(ByteArrayOutputStream stream) throws IOException { bos = stream; } @Override public void write(int b) throws IOException { bos.write(b); } @Override public void write(byte[] b) throws IOException { bos.write(b, 0, b.length); } @Override public boolean isReady() { return false; } @Override public void setWriteListener(WriteListener writeListener) { } } }
写配置类
@Configuration public class WebConfiguration { @Autowired private EncryptFilter encryptFilter; @Bean public FilterRegistrationBean registFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(encryptFilter); registration.addUrlPatterns("/*"); registration.setName("EncryptFilter"); registration.setOrder(1); // registration.setEnabled(false); return registration; } //做跨域处理,跟这个filter没关系 @Bean public WebMvcConfigurer corsConfigurer() { return new WebMvcConfigurer() { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**") .allowedOrigins("*") .allowCredentials(true) .allowedMethods("*") .allowedHeaders("*") .maxAge(3600); } }; } }
Springboot数据加密传输
创建加解密注解注解
对于拦截路径上全部采用数据加解密处理,如果有部分接口不需要加解密处理的话,在方法上或者类上加上此注解即可不做加解密处理
package com.hars.common.infrastructure.validation.security; import java.lang.annotation.Documented; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; /** * 加解密注解 * * @author Huangbigao * @date 2020/8/29 11:02 */ @Documented @Target({ElementType.METHOD, ElementType.TYPE,}) @Retention(RetentionPolicy.RUNTIME) public @interface CryptoDecryptionSecurity { /** * 是否加解密,默认加解密 * * @return */ boolean cryptoDecryption() default true; /** * 是否进行request 解密,默认进行解密 * * @return */ boolean requestDecryption() default true; /** * 是否对输出结果进行加密,默认进行加密 * * @return */ boolean responseCrypto() default true; }
ps:注解使用
@CryptoDecryptionSecurity(responseCrypto = false) @ApiOperation(value = "微信公众号验证业务处理接口") @GetMapping(value = "/handle/{appid}", produces = "text/plain;charset=utf-8") public String authHandle(@PathVariable String appid, @RequestParam(name = "signature", required = false) String signature, @RequestParam(name = "timestamp", required = false) String timestamp, @RequestParam(name = "nonce", required = false) String nonce, @RequestParam(name = "echostr", required = false) String echostr, HttpServletRequest request) { return weChatMpService.authHandle(appid, signature, timestamp, nonce, echostr, request); }
创建request解密类
package com.hars.common.infrastructure.utils.filter; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.TypeReference; import com.hars.common.infrastructure.utils.aes.AesUtil; import com.hars.common.infrastructure.utils.http.HttpContextUtil; import com.hars.common.infrastructure.utils.string.StringUtil; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStream; import java.util.Collections; import java.util.Enumeration; import java.util.HashMap; import java.util.LinkedHashSet; import java.util.Map; import java.util.Set; import javax.servlet.ReadListener; import javax.servlet.ServletInputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import org.springframework.util.Assert; /** * @author Huangbigao * @date 2020/8/29 10:12 */ public class DecryptionRequestUtil extends HttpServletRequestWrapper { private static final String APPLICATION_JSON = "application/json"; /** * 所有参数的Map集合 */ private Map<String, String[]> parameterMap; /** * 输入流 */ private InputStream inputStream; private final boolean valueValid = true; public DecryptionRequestUtil(HttpServletRequest request, String password) { super(request); String encrypt; String contentType = request.getHeader("Content-Type"); if (contentType != null && contentType.contains(APPLICATION_JSON)) { //json String bodyStr = HttpContextUtil.getBodyString(request); if (StringUtil.isBlank(bodyStr)){ return; } encrypt = (String) JSON.parseObject(bodyStr).get("encrypt"); } else { // url encrypt = request.getParameter("encrypt"); } String jsonData = AesUtil.decrypt(encrypt, password); if (StringUtil.isBlank(jsonData)){ return; } if (contentType != null && contentType.contains(APPLICATION_JSON)) { if (this.inputStream == null) { this.inputStream = new DecryptionInputStream(new ByteArrayInputStream(jsonData.getBytes())); } } parameterMap = buildParams(jsonData); } private Map<String, String[]> buildParams(String src) { Map<String, String[]> map = new HashMap<>(); Map<String, String> params = JSONObject.parseObject(src, new TypeReference<Map<String, String>>() { }); for (String key : params.keySet()) { map.put(key, new String[]{params.get(key)}); } return map; } @Override public String getParameter(String name) { String[] values = getParameterMap().get(name); if (valueValid){ if (values != null) { return (values.length > 0 ? values[0] : null); } return super.getParameter(name); }else { return (values.length > 0 ? values[0] : null); } } @Override public String[] getParameterValues(String name) { String[] values = getParameterMap().get(name); if (valueValid){ if (values != null) { return values; } return super.getParameterValues(name); }else { return values; } } @Override public Enumeration<String> getParameterNames() { Map<String, String[]> multipartParameters = getParameterMap(); if (valueValid){ if (multipartParameters.isEmpty()) { return super.getParameterNames(); } }else { if (multipartParameters.isEmpty()) { return null; } } Set<String> paramNames = new LinkedHashSet<>(); Enumeration<String> paramEnum = super.getParameterNames(); while (paramEnum.hasMoreElements()) { paramNames.add(paramEnum.nextElement()); } paramNames.addAll(multipartParameters.keySet()); return Collections.enumeration(paramNames); } @Override public Map<String, String[]> getParameterMap() { if (valueValid){ return parameterMap == null ? super.getParameterMap() : parameterMap; }else { return parameterMap == null ? new HashMap<>() : parameterMap; } } @Override public ServletInputStream getInputStream() throws IOException { if (valueValid){ return this.inputStream == null ? super.getInputStream() : (ServletInputStream) this.inputStream; }else { return this.inputStream == null ? null : (ServletInputStream) this.inputStream; } } /** * 自定义ServletInputStream */ private class DecryptionInputStream extends ServletInputStream { private final InputStream sourceStream; /** * Create a DelegatingServletInputStream for the given source stream. * * @param sourceStream the source stream (never {@code null}) */ public DecryptionInputStream(InputStream sourceStream) { Assert.notNull(sourceStream, "Source InputStream must not be null"); this.sourceStream = sourceStream; } @Override public int read() throws IOException { return this.sourceStream.read(); } @Override public void close() throws IOException { super.close(); this.sourceStream.close(); } @Override public boolean isFinished() { return false; } @Override public boolean isReady() { return false; } @Override public void setReadListener(ReadListener readListener) { } } }
创建response加密类
package com.hars.common.infrastructure.utils.filter; import java.io.ByteArrayOutputStream; import java.io.IOException; import javax.servlet.ServletOutputStream; import javax.servlet.WriteListener; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponseWrapper; /** * @author Huangbigao * @date 2020/8/29 13:11 */ public class ResponseWrapperUtil extends HttpServletResponseWrapper { private ByteArrayOutputStream buffer; private ServletOutputStream out; public ResponseWrapperUtil(HttpServletResponse httpServletResponse) { super(httpServletResponse); buffer = new ByteArrayOutputStream(); out = new WrapperOutputStream(buffer); } @Override public ServletOutputStream getOutputStream() throws IOException { return out; } @Override public void flushBuffer() throws IOException { if (out != null) { out.flush(); } } public byte[] getContent() throws IOException { flushBuffer(); return buffer.toByteArray(); } private static class WrapperOutputStream extends ServletOutputStream { private ByteArrayOutputStream bos; WrapperOutputStream(ByteArrayOutputStream bos) { this.bos = bos; } @Override public void write(int b) throws IOException { bos.write(b); } @Override public boolean isReady() { // TODO Auto-generated method stub return false; } @Override public void setWriteListener(WriteListener arg0) { // TODO Auto-generated method stub } } }
创建AES加密工具类
package com.hars.common.infrastructure.utils.aes; import com.hars.common.infrastructure.utils.string.StringUtil; import java.nio.charset.StandardCharsets; import java.util.Base64; import javax.crypto.Cipher; import javax.crypto.spec.SecretKeySpec; import lombok.extern.slf4j.Slf4j; /** * AES 加解密 工具类 * * @author Huangbigao * @date 2020/8/28 15:17 */ @Slf4j public class AesUtil { /** * AES解密 * * @param content 密文 * @param password 秘钥,必须为16个字符组成 * @return 明文 */ public static String decrypt(String content, String password) { try { if (StringUtil.isBlank(content) || StringUtil.isBlank(password)) { return null; } byte[] encryptByte = Base64.getDecoder().decode(content); Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(password.getBytes(), "AES")); byte[] decryptBytes = cipher.doFinal(encryptByte); return new String(decryptBytes); } catch (Exception e) { log.error(e.getMessage(), e); return null; } } /** * AES加密 * * @param content 明文 * @param password 秘钥,必须为16个字符组成 * @return 密文 */ public static String encrypt(String content, String password) { try { if (StringUtil.isBlank(content) || StringUtil.isBlank(password)) { return null; } Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(password.getBytes(), "AES")); byte[] encryptStr = cipher.doFinal(content.getBytes(StandardCharsets.UTF_8)); return Base64.getEncoder().encodeToString(encryptStr); } catch (Exception e) { log.error(e.getMessage(), e); return null; } }
创建加解密Filter类
package com.hars.user.infrastructure.filter; import com.alibaba.fastjson.JSON; import com.hars.common.infrastructure.utils.aes.AesUtil; import com.hars.common.infrastructure.utils.filter.DecryptionRequestUtil; import com.hars.common.infrastructure.utils.filter.ResponseWrapperUtil; import com.hars.common.infrastructure.validation.security.CryptoDecryptionSecurity; import com.hars.result.infrastructure.advice.Response; import java.io.IOException; import java.util.ArrayList; import java.util.List; import java.util.Map; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.BeanFactoryUtils; import org.springframework.context.ApplicationContext; import org.springframework.core.annotation.AnnotationAwareOrderComparator; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.HandlerExecutionChain; import org.springframework.web.servlet.HandlerMapping; /** * @author Huangbigao * @date 2020/8/28 16:26 */ public class CryptoDecryptionFilter implements Filter { //方法映射集 private List<HandlerMapping> handlerMappings; public CryptoDecryptionFilter(ApplicationContext applicationContext) { Map<String, HandlerMapping> matchingBeans = BeanFactoryUtils.beansOfTypeIncludingAncestors(applicationContext, HandlerMapping.class, true, false); if (!matchingBeans.isEmpty()) { this.handlerMappings = new ArrayList<>(matchingBeans.values()); AnnotationAwareOrderComparator.sort(this.handlerMappings); } } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletResponse httpServletResponse = (HttpServletResponse) response; //判断方法上是否存在注解,如果不存在,默认加解密 //类上的注解 CryptoDecryptionSecurity classFlag = null; //方法上的注解 CryptoDecryptionSecurity methodFlag = null; try { HandlerExecutionChain handlerExecutionChain = getHandler(httpServletRequest); Object handler = handlerExecutionChain != null ? handlerExecutionChain.getHandler() : null; if (handler instanceof HandlerMethod) { HandlerMethod method = (HandlerMethod) handler; classFlag = method.getBeanType().getAnnotation(CryptoDecryptionSecurity.class); methodFlag = method.getMethodAnnotation(CryptoDecryptionSecurity.class); //如果方法注解存在,且不加密,则直接返回 if (methodFlag != null && !methodFlag.cryptoDecryption()) { chain.doFilter(request, response); return; } //如果类注解存在,且不加密,则直接返回 if (classFlag != null && !classFlag.cryptoDecryption()) { chain.doFilter(request, response); return; } } } catch (Exception e) { response.setContentType("application/json; charset=UTF-8"); response.getWriter().write(JSON.toJSONString(Response.error("该请求无效", 601))); return; } CryptoDecryptionSecurity currentFlag = null; if (methodFlag != null) { currentFlag = methodFlag; } else if (classFlag != null) { currentFlag = classFlag; } //加解密密码 String password = "Hbg584782648!@hb"; ResponseWrapperUtil responseWrapper = null; //加解密处理 if (currentFlag == null || (currentFlag.requestDecryption() && currentFlag.responseCrypto())) { ServletRequest requestWrapper = new DecryptionRequestUtil(httpServletRequest, password); responseWrapper = new ResponseWrapperUtil(httpServletResponse); chain.doFilter(requestWrapper, responseWrapper); } else if (currentFlag.requestDecryption() && !currentFlag.responseCrypto()) { ServletRequest requestWrapper = new DecryptionRequestUtil(httpServletRequest, password); chain.doFilter(requestWrapper, response); } else if (!currentFlag.requestDecryption() && currentFlag.responseCrypto()) { responseWrapper = new ResponseWrapperUtil(httpServletResponse); chain.doFilter(request, responseWrapper); } else { chain.doFilter(request, response); } if (responseWrapper != null) { byte[] content = responseWrapper.getContent();//获取返回值 //判断是否有值 if (content.length > 0) { String result = new String(content, "UTF-8"); //加密 String encryptStr = AesUtil.encrypt(result, password); //把返回值输出到客户端 ServletOutputStream out = response.getOutputStream(); out.write(encryptStr.getBytes()); out.flush(); } } } /** * 获取访问目标方法 * * @param request * @return HandlerExecutionChain * @throws Exception */ private HandlerExecutionChain getHandler(HttpServletRequest request) throws Exception { if (this.handlerMappings != null) { for (HandlerMapping hm : this.handlerMappings) { HandlerExecutionChain handler = hm.getHandler(request); if (handler != null) { return handler; } } } return null; } }
定义过滤器的拦截路径
@Autowired private ApplicationContext applicationContext; /** * 添加加解密过滤器 * * @return */ @Bean public FilterRegistrationBean encryptionDataFilterRegistration() { FilterRegistrationBean<CryptoDecryptionFilter> registration = new FilterRegistrationBean<>(); registration.setFilter(new CryptoDecryptionFilter(applicationContext)); registration.addUrlPatterns("/*"); registration.setName("cryptoDecryptionFilter"); registration.setOrder(2); return registration; }
以上为个人经验,希望能给大家一个参考,也希望大家多多支持我们。
赞 (0)