1.@ServletComponentScan用法
在 Spring Boot啓動類上使用@ServletComponentScan 註解後,使用@WebServlet、@WebFilter、@WebListener標記的 Servlet、Filter、Listener 就可以自動註冊到Servlet容器中,無需其他代碼。
2.錯誤用法示例:
package cn.rivamed.um.filter;
import cn.rivamed.common.exception.ExeceptionDto;
import cn.rivamed.common.util.Constants;
import cn.rivamed.entity.AccessToken;
import cn.rivamed.framework.common.BaseConstants;
import cn.rivamed.framework.common.config.PropertiesBean;
import cn.rivamed.service.OauthService;
import cn.rivamed.um.common.TokenUtils;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.OutputStream;
@Component
@ServletComponentScan
@WebFilter()
public class LoginFilter implements Filter {
@Resource
private OauthService oauthService;
@Resource
private TokenUtils tokenUtils;
private String[] ignoreUrls = null;
// 刷新患者的地址
private static final String IGNORE_URL = PropertiesBean.getInstance()
.getProperty("rivamed.security.cas.app-pattern.ignoring");
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse response2 = (HttpServletResponse) response;
response2.setHeader("Access-Control-Allow-Origin","*");
response2.setHeader("Access-Control-Allow-Credentials", "true");
response2.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response2.setHeader("Access-Control-Max-Age", "5000");
response2.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since," +
" Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,Authorization,Token,tokenId,tokenid");
HttpServletRequest request2 = (HttpServletRequest) request;
String tokenId = request2.getHeader("tokenId");
for (String ignoreUrl : ignoreUrls) {
if (request2.getRequestURI().contains(ignoreUrl)) {
chain.doFilter(request, response2);
return;
}
}
// Long startTime=System.currentTimeMillis();
AccessToken token = oauthService.findAccessToken(tokenId);
// Long endTime=System.currentTimeMillis();
// System.out.println(request2.getRequestURI()+"獲取token用時---used time---"+(endTime-startTime));
if (null != token) {
if (token.tokenExpired() && token.refreshTokenExpired()) {
writeResponse(response2, Constants.LOGIN_EXPIRED);
return;
}
if (token.tokenExpired() && !token.refreshTokenExpired()) {
writeResponse(response2, Constants.TOKEN_EXPIRED);
return;
} else {
tokenUtils.initRequestUserInfo(token);
chain.doFilter(request, response2);
}
} else {
writeResponse(response2, Constants.LOGIN_EXPIRED);
return;
}
}
private void writeResponse(ServletResponse response, String status) throws IOException {
HttpServletResponse response2 = (HttpServletResponse) response;
OutputStream outputStream = response2.getOutputStream();// 獲取
ExeceptionDto dto = new ExeceptionDto();
dto.setOpFlg(status);
dto.setOperateSuccess(BaseConstants.OPERATE_FAIL);
response2.setHeader("content-type", "application/json;charset=UTF-8");// 通過設置響應頭控制瀏覽器以UTF-8的編碼顯示數據,如果不加這句話,那麼瀏覽器顯示的將是亂碼
byte[] bs = JSONObject.toJSONBytes(dto, SerializerFeature.EMPTY);
outputStream.write(bs);// 使用OutputStream流向客戶端輸出字節數組
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
ignoreUrls = IGNORE_URL.split(",");
}
@Override
public void destroy() {
}
}
@Component、@ServletComponentScan、@WebFilter()這三個註解連用會導致doFilter方法執行兩次,解決方法就是將@ServletComponentScan註解去掉,這個註解不是在這裏的!