區別
1.使用范圍和規范不同
- filter是servlet規范規定的,只能用在web程序中.
- 攔截器即可以用在web程序中, 也可以用於application, swing程序中, 是Spring容器內的, 是Spring框架支持的
2.觸發時機不同
順序: Filter-->Servlet-->Interceptor-->Controller
- 過濾器是在請求進入容器后,但請求進入servlet之前進行預處理的。請求結束返回也是,是在servlet處理完后,返回給前端之前過濾器處理。
- 攔截器是方法到達Controller層之前生效的
3.過濾器的實現基於回調函數。而攔截器(代理模式)的實現基於反射,代理分靜態代理和動態代理,動態代理是攔截器的簡單實現。
何時使用攔截器?何時使用過濾器?
- 如果是非spring項目,那么攔截器不能用,只能使用過濾器。
- 如果是處理controller前后,既可以使用攔截器也可以使用過濾器。
- 如果是處理dispaterServlet前后,只能使用過濾器。
4.在action的生命周期中,攔截器可以多次被調用,而過濾器只能在容器初始化時被調用一次。
5.攔截器可以訪問action上下文、值棧里的對象,而過濾器不能訪問。
6.攔截器只能對action請求起作用,而過濾器則可以對幾乎所有的請求起作用。
7.攔截器可以獲取IOC容器中的各個bean,而過濾器就不行,在攔截器里注入一個service,可以調用業務邏輯。
SpringBoot使用過濾器
兩種方式:
1、使用spring boot提供的FilterRegistrationBean注冊Filter
2、使用原生servlet注解定義Filter
兩種方式的本質都是一樣的,都是去FilterRegistrationBean注冊自定義Filter
封裝Filter
package com.theeternity.common.baseFilter;
import javax.servlet.Filter;
/**
* @program: ApiBoot
* @description: 封裝Filter
* @author: TheEternity Zhang
* @create: 2019-02-17 13:08
*/
public interface MappingFilter extends Filter {
String[] addUrlPatterns();
int order();
}
自定義Filter
package com.theeternity.beans.filterConfig;
import com.theeternity.common.baseFilter.MappingFilter;
import lombok.extern.slf4j.Slf4j;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.servlet.*;
import javax.servlet.FilterConfig;
import java.io.IOException;
/**
* @program: ApiBoot
* @description: 權限過濾器
* @author: TheEternity Zhang
* @create: 2019-02-17 13:14
*/
public class AuthFilter implements MappingFilter {
@Override
public String[] addUrlPatterns() {
return new String[]{"/*"};
}
@Override
public int order() {
return 0;
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
注冊過濾器
package com.theeternity.beans.filterConfig;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @program: ApiBoot
* @description: 注冊過濾器
* @author: TheEternity Zhang
* @create: 2019-02-17 13:10
*/
@Configuration
public class FilterConfig {
@Bean
public FilterRegistrationBean registFilter() {
FilterRegistrationBean registration = new FilterRegistrationBean();
AuthFilter authFilter=new AuthFilter();
registration.setFilter(authFilter);
registration.addUrlPatterns(authFilter.addUrlPatterns());
registration.setOrder(authFilter.order());
registration.setName("AuthFilter");
return registration;
}
}
SpringBoot使用攔截器
封裝Interceptor
package com.theeternity.common.baseInterceptor;
import org.springframework.web.servlet.HandlerInterceptor;
/**
* @program: ApiBoot
* @description: 封裝Interceptor
* @author: TheEternity Zhang
* @create: 2019-02-15 17:49
*/
public interface MappingInterceptor extends HandlerInterceptor {
String[] addPathPatterns();
String[] excludePathPatterns();
int order();
}
自定義Interceptor
package com.theeternity.beans.interceptorConfig;
import com.theeternity.common.baseInterceptor.MappingInterceptor;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @program: BoxApi
* @description: 跨域攔截器
* @author: tonyzhang
* @create: 2018-12-21 14:44
*/
@Component
public class CrossOriginInterceptor implements MappingInterceptor {
@Override
public String[] addPathPatterns() {
return new String[]{"/**"};
}
@Override
public String[] excludePathPatterns() {
return new String[0];
}
@Override
public int order() {
return 0;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
logger.info("允許的頭信息"+request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "*");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
//是否允許瀏覽器攜帶用戶身份信息(cookie)
response.setHeader("Access-Control-Allow-Credentials","true");
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,Exception ex) throws Exception {
}
}
注冊Interceptor
package com.theeternity.beans.interceptorConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* @program: ApiBoot
* @description: 攔截器注冊
* @author: TheEternity Zhang
* @create: 2019-02-15 17:55
*/
@Configuration
public class InterceptorConfig implements WebMvcConfigurer {
@Autowired
private CrossOriginInterceptor crossOriginInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(crossOriginInterceptor).addPathPatterns(crossOriginInterceptor.addPathPatterns());
}
}
站在巨人的肩膀上摘蘋果:
https://blog.csdn.net/heweimingming/article/details/79993591