場景:過濾器中獲取參數Token並添加到請求頭(用戶認證兼容老系統)
請求頭和請求參數是不能直接修改,也沒有提供修改的方法,但是可以在過濾器和攔截器中使用HttpServletRequestWrapper包裝類達到修改的目的。
一、實現HttpServletRequestWrapper接口,下面直接使用匿名類
package com.xxxx.web.filter; import org.apache.commons.lang3.StringUtils; import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import java.io.IOException; import java.util.Enumeration; @WebFilter public class AuthHeaderSettingFilter implements Filter{ @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequestWrapper requestWrapper = new HttpServletRequestWrapper((HttpServletRequest) request) { /** * 當調用request.getHeader("token")時,則獲取請求參數中token值並當做Header的值返回 * @param name * @return */ @Override public String getHeader(String name) { // 先從原本的Request中獲取頭,如果為空且名字為token,則從參數中查找並返回 String superHeader = super.getHeader(name); if("token".equals(name) && StringUtils.isEmpty(superHeader)){ String token = request.getParameter("token"); if (StringUtils.isNotEmpty(token)) { return token ; } } return superHeader; } }; chain.doFilter(requestWrapper,response); } @Override public void destroy() { } } 二、HttpServletRequestWrapper、ServletRequestWrapper和HttpServletRequest接口中的很多方法都可以重寫
- 要想增加一個請求參數可以在
HttpServletRequestWrapper中重寫getParameter(String name)
@Override public String getParameter(String name) { if("newParam".equals(name)){ return "這是我新增加的參數"; } return super.getParameter(name); } @Override public Map<String, String[]> getParameterMap() { HashMap<String, String[]> newMap = new HashMap<>(); newMap.putAll(super.getParameterMap()); newMap.put("newParam",new String[]{"這是我新增加的參數"}) ; return Collections.unmodifiableMap(newMap); } @Override public String[] getParameterValues(String name) { if("newParam".equals(name)){ return new String[]{"這是我新增加的參數"}; } return super.getParameterValues(name); } 注意:
getParameterMap()返回的時一個不可修改的map ,不能直接向里面put值, 所以在重寫這個方法時要自己new 一個HashMap ,然后在新建的map中放值,最后返回時必須調用Collections.unmodifiableMap(Map<? extends K, ? extends V> m)把map改成不可變的
-
結構
image.png
image.png
參考:
- Safely add / modify Servlet request parameter values -- 可能要代理才能訪問
作者:else05
鏈接:https://www.jianshu.com/p/a8c9d45775ea
來源:簡書
簡書著作權歸作者所有,任何形式的轉載都請聯系作者獲得授權並注明出處。
背景
由於環境升級,需要重新設置header中的 一個值,暫設定為 org . http 請求時加入在header中加入org,但在filter中,會通過驗證,生成新的org,需要覆蓋原來header中的org.
修改 filter 。代碼是在網上找的一部分,根據自己的需要進行調整了。
@Component
@Slf4j
@WebFilter(urlPatterns = { "/" }, filterName = "authorFilter")
public class DemoFilter implements Filter {
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) servletRequest;
req.setAttribute("hdd","tttt");
HeaderMapRequestWrapper requestWrapper = new HeaderMapRequestWrapper(req);
requestWrapper.addHeader("realm","test");
log.info("header-->{}",getHeadKeyAndValue(req));
filterChain.doFilter(requestWrapper, servletResponse);
}
private Map<String, String> getHeadKeyAndValue(HttpServletRequest httpRequest) {
Map<String, String> header = new HashMap<>();
Enumeration<String> headerNames = httpRequest.getHeaderNames();
while (headerNames.hasMoreElements()) {
String nextElement = headerNames.nextElement();
header.put(nextElement, httpRequest.getHeader(nextElement));
}
return header;
}
}
@Slf4j
public class HeaderMapRequestWrapper extends HttpServletRequestWrapper {
/**
* construct a wrapper for this request
*
* @param request
*/
public HeaderMapRequestWrapper(HttpServletRequest request) {
super(request);
}
private Map<String, String> headerMap = new HashMap<>();
/**
* add a header with given name and value
*
* @param name
* @param value
*/
public void addHeader(String name, String value) {
headerMap.put(name, value);
}
@Override
public String getHeader(String name) {
log.info("getHeader --->{}",name);
String headerValue = super.getHeader(name);
if (headerMap.containsKey(name)) {
headerValue = headerMap.get(name);
}
return headerValue;
}
/**
* get the Header names
*/
@Override
public Enumeration<String> getHeaderNames() {
List<String> names = Collections.list(super.getHeaderNames());
for (String name : headerMap.keySet()) {
names.add(name);
}
return Collections.enumeration(names);
}
@Override
public Enumeration<String> getHeaders(String name) {
log.info("getHeaders --->>>>>>{}",name);
List<String> values = Collections.list(super.getHeaders(name));
log.info("getHeaders --->>>>>>{}",values);
if (headerMap.containsKey(name)) {
log.info("getHeaders --->{}",headerMap.get(name));
values = Arrays.asList(headerMap.get(name));
}
return Collections.enumeration(values);
}
}
經過測試,在header解析時,是通過getHeaders方法,這個地方原來的時候是通過,values直接添加新的header,組成了一個 header的數組,而不是覆蓋。
https://www.liangzl.com/get-article-detail-35965.html
HttpServletRequest修改/添加header和cookie參數
實現功能:
所有接口經過過濾器,獲取每個接口的自定義頭部(token)
判斷如果是app訪問,則給頭部設置cookie,值為自定義token的值。
即:使用過濾器實現修改請求頭headers
實現步驟:
1.自定義過濾器 ModifyParametersFilter.java 並繼承 OncePerRequestFilter
package com.mobile.web.common;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
/**
* 自定義的過濾器,
* Created by Administrator on 2017/6/19 0019.
*/
public class ModifyParametersFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
// 修改cookie
ModifyHttpServletRequestWrapper mParametersWrapper = new ModifyHttpServletRequestWrapper(request);
String token = request.getHeader("token");
if (token != null && !"".equals(token)) {
mParametersWrapper.putCookie("JSESSIONID", token);
}
// finish
filterChain.doFilter(mParametersWrapper, response);
}
/**
* 修改cookie信息
*/
private class ModifyHttpServletRequestWrapper extends HttpServletRequestWrapper {
private Map<String, String> mapCookies;
ModifyHttpServletRequestWrapper(HttpServletRequest request) {
super(request);
this.mapCookies = new HashMap<>();
}
void putCookie(String name, String value) {
this.mapCookies.put(name, value);
}
public Cookie[] getCookies() {
HttpServletRequest request = (HttpServletRequest) getRequest();
Cookie[] cookies = request.getCookies();
if (mapCookies == null || mapCookies.isEmpty()) {
return cookies;
}
if (cookies == null || cookies.length == 0) {
List<Cookie> cookieList = new LinkedList<>();
for (Map.Entry<String, String> entry : mapCookies.entrySet()) {
String key = entry.getKey();
if (key != null && !"".equals(key)) {
cookieList.add(new Cookie(key, entry.getValue()));
}
}
if (cookieList.isEmpty()) {
return cookies;
}
return cookieList.toArray(new Cookie[cookieList.size()]);
} else {
List<Cookie> cookieList = new ArrayList<>(Arrays.asList(cookies));
for (Map.Entry<String, String> entry : mapCookies.entrySet()) {
String key = entry.getKey();
if (key != null && !"".equals(key)) {
for (int i = 0; i < cookieList.size(); i++) {
if(cookieList.get(i).getName().equals(key)){
cookieList.remove(i);
}
}
cookieList.add(new Cookie(key, entry.getValue()));
}
}
return cookieList.toArray(new Cookie[cookieList.size()]);
}
}
}
}
2.在web.xml中注冊該過濾器:
<filter>
<filter-name>ModifyParametersFilter</filter-name>
<filter-class>com.xiyinli.web.common.ModifyParametersFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ModifyParametersFilter</filter-name>
<url-pattern>/*</url-pattern>
<!-- 直接從客戶端過來的請求以及通過forward過來的請求都要經過該過濾器 -->
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
如:
參考文章:
繼承HttpServletRequestWrapper以實現在Filter中修改HttpServletRequest的參數
https://www.cnblogs.com/007sx/p/7049514.html