该类继承 AbstractSecurityInterceptor 类,实现 Filter 接口,代码如下:
@Component public class MyFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter { //注入上面编写的两个类 @Autowired private MySecurityMetadataSource mySecurityMetadataSource; @Autowired public void setMyAccessDecisionManager(MyAccessDecisionManager myAccessDecisionManager) { super.setAccessDecisionManager(myAccessDecisionManager); } @Override public void init(FilterConfig arg0) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { FilterInvocation fi = new FilterInvocation(request, response, chain); invoke(fi); } public void invoke(FilterInvocation fi) throws IOException, ServletException { //这里进行权限验证 InterceptorStatusToken token = super.beforeInvocation(fi); try { fi.getChain().doFilter(fi.getRequest(), fi.getResponse()); } finally { super.afterInvocation(token, null); } } @Override public void destroy() { } @Override public Class<?> getSecureObjectClass() { return FilterInvocation.class; } @Override public SecurityMetadataSource obtainSecurityMetadataSource() { return this.mySecurityMetadataSource; } } 四、 加入到 security 的过滤器链中 .addFilterBefore(urlFilterSecurityInterceptor,FilterSecurityInterceptor.class)完成
本篇原创发布于:https://www.tapme.top/blog/detail/2018-08-22-10-38