2013-04-24 966 views
1

我试图实现一个过滤器,最终会记录系统内的用户导航。为什么我的doFilterInternal方法不被调用?

我的春天背景是这样的:

<?xml version="1.0" encoding="UTF-8"?> 
<b:beans xmlns="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://www.springframework.org/schema/beans" 
    xmlns:context="http://www.springframework.org/schema/context" 
    xmlns:sec="http://www.springframework.org/schema/security" 
    xsi:schemaLocation="http://www.springframework.org/schema/beans 
         http://www.springframework.org/schema/beans/spring-beans-3.2.xsd 
         http://www.springframework.org/schema/context 
         http://www.springframework.org/schema/context/spring-context-3.2.xsd 
    http://www.springframework.org/schema/security 
         http://www.springframework.org/schema/security/spring-security-3.1.xsd"> 

<!-- <sec:global-method-security secured-annotations="enabled" /> --> 
<!-- Importa configuracion de seguridad de ldap --> 
<import resource="classpath:/spring/ldap-config.xml" /> 

<sec:http pattern="/resources" security="none" /> 

<sec:http use-expressions="true" auto-config="true"> 

    <sec:intercept-url pattern="/seguridad/login.xhtml" 
     access="permitAll" /> 
    <sec:intercept-url pattern="/*.jsp" access="isAuthenticated()" /> 
    <sec:intercept-url pattern="/" access="isAuthenticated()" /> 
    <sec:intercept-url pattern="/views/**" access="isAuthenticated()" /> 

    <sec:form-login login-page="/seguridad/login.xhtml" 
     authentication-failure-url="/seguridad/login.xhtml" /> 

    <sec:logout invalidate-session="true" /> 

    <sec:access-denied-handler error-page="/seguridad/accesoDenegado.xhtml" /> 

    <sec:custom-filter ref="navegationFilter" after="FILTER_SECURITY_INTERCEPTOR" /> 
</sec:http> 

<sec:authentication-manager alias="authenticationManager"> 
    <sec:authentication-provider 
     user-service-ref="userDetailService" /> 
</sec:authentication-manager> 

<b:bean id="navegationFilter" class="com.praxis.desvucem.web.service.seguridad.NavegationFilter" /> 

和我的过滤器类是这样的:

package com.praxis.desvucem.web.service.seguridad; 

import java.io.IOException; 


import javax.servlet.FilterChain; 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 

import org.apache.log4j.Logger; 

import org.springframework.web.filter.RequestContextFilter; 

import javax.servlet.http.HttpSession; 

public class NavegationFilter extends RequestContextFilter { 

protected static Logger logger = Logger.getLogger("service"); 

@Override 
// @LogMe 
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) 
     throws ServletException, IOException { 

    logger.debug("Running Navegation filter"); 

    HttpSession session = request.getSession(false); 

    if (session != null) { 
     logger.debug("User is trying to access site for the second time"); 
     logger.debug("Request URI: " + request.getRequestURI()); 
    } 
    else { 
     logger.debug("Session is null"); 
    } 

    logger.debug("Continue with remaining filters"); 
    filterChain.doFilter(request, response); 
} 

}

所以,当我运行它,我不没有任何类型的错误,我的过滤器甚至被解雇,但它仍然要求我的doFilterInternal方法。 这里是日志的摘录:

13:33:02.889 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 6 of 11 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter' 
13:33:02.889 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 7 of 11 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter' 
13:33:02.889 [[email protected]] DEBUG o.s.s.w.a.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.sprin[email protected]9054b1a2: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]1c07a: RemoteIpAddress: 192.168.4.148; SessionId: 1v5ehc9tvkn7u1bft3w17n6wtv; Granted Authorities: ROLE_ANONYMOUS' 
13:33:02.889 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 8 of 11 in additional filter chain; firing Filter: 'SessionManagementFilter' 
13:33:02.889 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 9 of 11 in additional filter chain; firing Filter: 'ExceptionTranslationFilter' 
13:33:02.889 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 10 of 11 in additional filter chain; firing Filter: 'FilterSecurityInterceptor' 
13:33:02.889 [[email protected]] DEBUG o.s.s.web.util.AntPathRequestMatcher - Checking match of request : '/seguridad/login.xhtml'; against '/seguridad/login.xhtml' 
13:33:02.889 [[email protected]] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /seguridad/login.xhtml; Attributes: [permitAll] 
13:33:02.889 [[email protected]] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Previously Authenticated: org.sprin[email protected]9054b1a2: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.sprin[email protected]1c07a: RemoteIpAddress: 192.168.4.148; SessionId: 1v5ehc9tvkn7u1bft3w17n6wtv; Granted Authorities: ROLE_ANONYMOUS 
13:33:02.889 [[email protected]] DEBUG o.s.s.access.vote.AffirmativeBased - Voter: org.sp[email protected]9604a9e, returned: 1 
13:33:02.889 [[email protected]] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - Authorization successful 
13:33:02.890 [[email protected]] DEBUG o.s.s.w.a.i.FilterSecurityInterceptor - RunAsManager did not change Authentication object 
13:33:02.890 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml at position 11 of 11 in additional filter chain; firing Filter: 'NavegationFilter' 
13:33:02.890 [[email protected]] DEBUG o.s.security.web.FilterChainProxy - /seguridad/login.xhtml reached end of additional filter chain; proceeding with original chain 

那么,为什么isn't我doFilterInternal被称为? 在此先感谢。

回答

2

为什么要延伸RequestContextFilter

RequestContextFilterOncePerRequestFilter的子类,其中包含的逻辑将防止每个请求多次调用过滤器类。

+0

因此,如果我想要一个通用过滤器,应该扩展哪个类? – linker85 2013-04-24 19:52:21

+0

好吧我不知何故设法通过从RequestContextFilter更改为GenericFilterBean来解决我的问题。 在我的课程的延伸。 – linker85 2013-04-24 20:22:07

相关问题