Contents :
shiro (1) - architecture
shiro (2) - There are state and non-state identity authentication
shiro (3) -DelegatingFilterProxy role
shiro (4) - have state certification -sessionManager session
shiro (5) - have state certification - Realm authentication implementation
Shiro (6) - have state certification - session management (Redis integration sharing the session)
shiro (7) - have state certification - session management (login single place - improved version)
org.springframework.web.filter.DelegatingFilterProxy
Under normal circumstances, create a Filter is handed over themselves to achieve. Servlet-based specifications, in web.xml configuration, custom filter Filter interface implemented:
public interface Filter {
void init(FilterConfig var1) throws ServletException;
void doFilter(ServletRequest var1, ServletResponse var2, FilterChain var3) throws IOException, ServletException;
void destroy();
}
And DelegatingFilterProxy is a servlet filter agent. Its advantages are as follows:
- By spring container to manage the life cycle of servlet filter.
- Example If required filter Spring container can be directly injected through the spring.
- Reads the configuration file to facilitate these operations can be implemented by configuring Spring.
First in web.xml configuration:
<filter>
<filter-name>myFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>myFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
Then Spring configuration file, the configuration of the Filter class specific examples.
<bean name="myFilter"class="com.*.MyFilter"></bean>
Note that: disposed in Spring name to the bean and the web.xml <filter-name> remains the same.
1. filter configuration
- If and <filter-name> remains the same
It can be configured in the initialization parameters for DelegatingFilterProxy filter: targetBeanName, corresponding to the configuration Spring beanName.
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<!-- 设置spring容器filter的bean id,如果不设置则找与filter-name一致的bean-->
<init-param>
<param-name>targetBeanName</param-name>
<param-value>shiroFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
- If the original init Filter reservations, destory method calls
If you leave Filter call the original init, destory method, also you need to configure initialization parameter targetFilterLifecycleto true, this parameter defaults to false.
<filter>
<filter-name>shiroFilter</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>shiroFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
2. shiro configuration
Under normal circumstances, create a Filter is handed over themselves to achieve. But the operation shiro point of view, this in turn: spring is provided as general DelegatingFilterProxy Filter agent class, shiro form factoryBean to construct your own filter.
- Obtain the proxy object initialization method using the delegate.
protected Filter initDelegate(WebApplicationContext wac) throws ServletException {
Filter delegate = wac.getBean(getTargetBeanName(), Filter.class);
if (isTargetFilterLifecycle()) {
delegate.init(getFilterConfig());
}
return delegate;
}
- Call target filter through doFilter method doFilter method
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
// Lazily initialize the delegate if necessary.
Filter delegateToUse = this.delegate;
if (delegateToUse == null) {
synchronized (this.delegateMonitor) {
if (this.delegate == null) {
WebApplicationContext wac = findWebApplicationContext();
if (wac == null) {
throw new IllegalStateException("No WebApplicationContext found: no ContextLoaderListener registered?");
}
this.delegate = initDelegate(wac);
}
delegateToUse = this.delegate;
}
}
// Let the delegate perform the actual doFilter operation.
invokeDelegate(delegateToUse, request, response, filterChain);
}
//以factoryBean的形式来构造自己的filter。
protected void invokeDelegate(
Filter delegate, ServletRequest request, ServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
delegate.doFilter(request, response, filterChain);
}
- Free up some resources destory method
@Override
public void destroy() {
Filter delegateToUse = this.delegate;
if (delegateToUse != null) {
destroyDelegate(delegateToUse);
}
}
protected void destroyDelegate(Filter delegate) {
if (isTargetFilterLifecycle()) {
delegate.destroy();
}
}
By the above operation, the full implementation of the agent is transferred to Filter.
Reproduced in: https: //www.jianshu.com/p/a7cd47f38d0c