springSecurity源码分析——DelegatingFilterProxy类的作用

转自：http://www.cnblogs.com/hzhuxin/archive/2011/12/19/2293730.html

 

使用过springSecurity的朋友都知道，首先需要在web.xml进行以下配置，

<filter>
  <filter-name>springSecurityFilterChain</filter-name>
  <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 

  <init-param>

        <param-name>targetFilterLifecycle</param-name>
        <param-value>true</param-value>  <!-- 默认是false -->
    </init-param>

 </filter>

<filter-mapping>
  <filter-name>springSecurityFilterChain</filter-name>
  <url-pattern>/*</url-pattern>

 </filter-mapping>

从这个配置中，可能会给我们造成一个错觉，以为DelegatingFilterProxy类就是springSecurity的入口，但其实这个类位于spring-web-3.0.5.RELEASE.jar这个jar下面，说明这个类本身是和springSecurity无关。DelegatingFilterProxy类继承于抽象类GenericFilterBean,间接地implement 了javax.servlet.Filter接口，Servlet容器在启动时，首先会调用Filter的init方法,GenericFilterBean的作用主要是可以把Filter的初始化参数自动地set到继承于GenericFilterBean类的Filter中去。在其init方法的如下代码就是做了这个事：

1 2 3 4 5 6

PropertyValues pvs =  new  FilterConfigPropertyValues(filterConfig,  this .requiredProperties); BeanWrapper bw = PropertyAccessorFactory.forBeanPropertyAccess( this ); ResourceLoader resourceLoader =  new  ServletContextResourceLoader(filterConfig.getServletContext()); bw.registerCustomEditor(Resource. class ,  new  ResourceEditor(resourceLoader)); initBeanWrapper(bw); bw.setPropertyValues(pvs,  true );

 另外在init方法中调用了initFilterBean()方法，该方法是GenericFilterBean类是特地留给子类扩展用的，

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

protected  void  initFilterBean()  throws  ServletException {          // If no target bean name specified, use filter name.          if  ( this .targetBeanName ==  null ) {              this .targetBeanName = getFilterName();          }            // Fetch Spring root application context and initialize the delegate early,          // if possible. If the root application context will be started after this          // filter proxy, we'll have to resort to lazy initialization.          synchronized  ( this .delegateMonitor) {              WebApplicationContext wac = findWebApplicationContext();              if  (wac !=  null ) {                  this .delegate = initDelegate(wac);              }          }      }

 可以看出上述代码首先看Filter是否提供了targetBeanName初始化参数，如果没有提供则直接使用filter的name做为beanName,产生了beanName后，由于我们在web.xml的filter的name是springSecurityFilterChain,从spring的IOC容器中取出bean的代码是initDelegate方法，下面是该方法代码：

1 2 3 4 5 6 7

protected  Filter initDelegate(WebApplicationContext wac)  throws  ServletException {          Filter delegate = wac.getBean(getTargetBeanName(), Filter. class );          if  (isTargetFilterLifecycle()) {              delegate.init(getFilterConfig());          }          return  delegate; }

 通过跟踪代码，发现取出的bean是org.springframework.security.FilterChainProxy，该类也是继承于GenericFilterBean,取出bean后，判断targetFilterLifecycle属性是false还是true,决定是否调用该类的init方法。这个FilterChainProxy bean实例最终被保存在DelegatingFilterProxy类的delegate属性里,

下面看一下DelegatingFilterProxy类的doFilter方法

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

public  void  doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)              throws  ServletException, IOException {            // Lazily initialize the delegate if necessary.          Filter delegateToUse =  null ;          synchronized  ( this .delegateMonitor) {              if  ( this .delegate ==  null ) {                  WebApplicationContext wac = findWebApplicationContext();                  if  (wac ==  null ) {                      throw  new  IllegalStateException( "No WebApplicationContext found: no ContextLoaderListener registered?" );                  }                  this .delegate = initDelegate(wac);              }              delegateToUse =  this .delegate;          }            // Let the delegate perform the actual doFilter operation.          invokeDelegate(delegateToUse, request, response, filterChain);      }

 真正要关注invokeDelegate(delegateToUse, request, response, filterChain);这句代码,在下面可以看出DelegatingFilterProxy类实际是用其delegate属性即org.springframework.security.FilterChainProxy实例的doFilter方法来响应请求。

1 2 3 4 5 6

protected  void  invokeDelegate(              Filter delegate, ServletRequest request, ServletResponse response, FilterChain filterChain)              throws  ServletException, IOException {            delegate.doFilter(request, response, filterChain);      }

 

以上就是DelegatingFilterProxy类的一些内部运行机制，其实主要作用就是一个代理模式的应用,可以把servlet 容器中的filter同spring容器中的bean关联起来。

此外还要注意一个DelegatingFilterProxy的一个初始化参数：targetFilterLifecycle ,其默认值为false 。 但如果被其代理的filter的init()方法和destry()方法需要被调用时，需要设置targetFilterLifecycle为true。具体可见DelegatingFilterProxy中的如下代码：

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

protected  void  initFilterBean()  throws  ServletException {          synchronized  ( this .delegateMonitor) {              if  ( this .delegate ==  null ) {                  // If no target bean name specified, use filter name.                  if  ( this .targetBeanName ==  null ) {                      this .targetBeanName = getFilterName();                  }                  // Fetch Spring root application context and initialize the delegate early,                  // if possible. If the root application context will be started after this                  // filter proxy, we'll have to resort to lazy initialization.                  WebApplicationContext wac = findWebApplicationContext();                  if  (wac !=  null ) {                      this .delegate = initDelegate(wac);                  }              }          }      }     protected  Filter initDelegate(WebApplicationContext wac)  throws  ServletException {          Filter delegate = wac.getBean(getTargetBeanName(), Filter. class );          if  (isTargetFilterLifecycle()) {     //注意这行              delegate.init(getFilterConfig());          }          return  delegate;      }