Class SecurityAuthenticationFilter

java.lang.Object
org.springframework.web.filter.GenericFilterBean
org.springframework.web.filter.OncePerRequestFilter
com.codeupsoft.component.security.filter.SecurityAuthenticationFilter
All Implemented Interfaces:
jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware
public class SecurityAuthenticationFilter extends org.springframework.web.filter.OncePerRequestFilter
安全认证过滤器.

拦截每个请求,从请求中提取用户令牌,验证令牌有效性, 并将用户认证信息设置到Spring Security的安全上下文中. 每个请求只执行一次.

Author:
Liu,Dongdong

  • Field Summary

    Fields inherited from class org.springframework.web.filter.OncePerRequestFilter

    ALREADY_FILTERED_SUFFIX

    Fields inherited from class org.springframework.web.filter.GenericFilterBean

    logger

  • Constructor Summary

    Constructors
    Constructor
    Description
    SecurityAuthenticationFilter()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    protected void
    doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain)
    执行过滤逻辑.

    Methods inherited from class org.springframework.web.filter.OncePerRequestFilter

    doFilter, doFilterNestedErrorDispatch, getAlreadyFilteredAttributeName, isAsyncDispatch, isAsyncStarted, shouldNotFilter, shouldNotFilterAsyncDispatch, shouldNotFilterErrorDispatch

    Methods inherited from class org.springframework.web.filter.GenericFilterBean

    addRequiredProperty, afterPropertiesSet, createEnvironment, destroy, getEnvironment, getFilterConfig, getFilterName, getServletContext, init, initBeanWrapper, initFilterBean, setBeanName, setEnvironment, setServletContext

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • SecurityAuthenticationFilter

      public SecurityAuthenticationFilter()

  • Method Details

    • doFilterInternal

      protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException
      执行过滤逻辑.

      1. 从请求中获取登录用户信息 2. 验证用户令牌的有效性 3. 创建认证令牌并设置到安全上下文中 4. 继续执行过滤器链

      Specified by:
      doFilterInternal in class org.springframework.web.filter.OncePerRequestFilter
      Parameters:
      request - HTTP请求对象
      response - HTTP响应对象
      filterChain - 过滤器链
      Throws:
      jakarta.servlet.ServletException - Servlet异常
      IOException - IO异常