0
我正在尝试添加一个需要FilterConfig参数的过滤器。我将它添加到WebApplicationInitializer :: onStartup(ServletContext容器)方法中,并且配置合理(init方法使用正确的FilterConfig调用)。如何使用WebSecurityConfigurerAdapter配置过滤器?
@Override
public void onStartup(ServletContext container) throws ServletException {
super.onStartup(container);
FilterRegistration.Dynamic urlRewriteFilter = container.addFilter("UrlRewriteFilter", UrlRewriteFilter.class);
urlRewriteFilter.addMappingForServletNames(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD), false, "/*");
urlRewriteFilter.setInitParameter("confPath", "WEB-INF/urlrewrite-prod.xml");
}
的一点是,我使用Spring Security的WebSecurityConfigurerAdapter和我的过滤器不会被调用(不存在的过滤器链)。 如果我添加它与addFilterAfter没有办法给他一个FilterConfig。
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.exceptionHandling()
.authenticationEntryPoint(spnegoEntryPoint())
.and()
.authorizeRequests()
.antMatchers("/").permitAll()
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.logout()
.and()
.addFilterBefore(spnegoAuthenticationProcessingFilter(authenticationManagerBean()), BasicAuthenticationFilter.class)
.addFilterAfter(new CsrfHeaderFilter(), CsrfFilter.class)
.addFilterAfter(new CacheFilter(), CsrfFilter.class)
.addFilterAfter(new UrlRewriteFilter(), CsrfFilter.class);
}
我在哪里错了?