org.springframework.boot.web.servlet.FilterRegistrationBean Java Examples

The following examples show how to use org.springframework.boot.web.servlet.FilterRegistrationBean. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: DruidStatConfiguration.java    From druid-spring-boot with Apache License 2.0 6 votes vote down vote up
@Bean
public FilterRegistrationBean druidWebStatFilter(DruidDataSourceProperties druidProperties) {
    log.debug("druid web-stat-filter init...");
    DruidWebStatProperties properties = druidProperties.getWebStat();
    FilterRegistrationBean registration = new FilterRegistrationBean(new WebStatFilter());
    registration.addUrlPatterns(properties.getUrlPatterns());
    registration.addInitParameter("exclusions", properties.getExclusions());
    registration.addInitParameter("sessionStatEnable", Boolean.toString(properties.isSessionStatEnable()));
    if (!StringUtils.isEmpty(properties.getSessionStatMaxCount())) {
        registration.addInitParameter("sessionStatMaxCount",Integer.toString(properties.getSessionStatMaxCount()));
    }
    if (!StringUtils.isEmpty(properties.getPrincipalSessionName())) {
        registration.addInitParameter("principalSessionName", properties.getPrincipalSessionName());
    }
    if (!StringUtils.isEmpty(properties.getPrincipalCookieName())) {
        registration.addInitParameter("principalCookieName", properties.getPrincipalCookieName());
    }
    registration.addInitParameter("profileEnable", Boolean.toString(properties.isProfileEnable()));
    return registration;
}
 
Example #2
Source File: XssFilterConfig.java    From kvf-admin with MIT License 6 votes vote down vote up
/**
 * xss过滤拦截器
 */
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
    FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
    filterRegistrationBean.setFilter(new XssFilter());
    filterRegistrationBean.setOrder(Integer.MAX_VALUE - 1);
    filterRegistrationBean.setEnabled(true);
    filterRegistrationBean.addUrlPatterns("/*");
    Map<String, String> initParameters = new HashMap<>();
    // excludes用于配置不需要参数过滤的请求url
    initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
    // isIncludeRichText主要用于设置富文本内容是否需要过滤  TODO: 好像无效
    initParameters.put("isIncludeRichText", "true");
    // 配置过滤URL白名单
    initParameters.put(Constants.XSS_NOTICE_KEY, "");
    filterRegistrationBean.setInitParameters(initParameters);
    return filterRegistrationBean;
}
 
Example #3
Source File: WebHasorConfiguration.java    From hasor with Apache License 2.0 6 votes vote down vote up
@Bean
@ConditionalOnWebApplication
@ConditionalOnClass(name = "net.hasor.web.startup.RuntimeFilter")
public FilterRegistrationBean<?> hasorRuntimeFilter() {
    Objects.requireNonNull(this.appContext, "AppContext is not inject.");
    Filter runtimeFilter = null;
    if (this.filterWorkAt == WorkAt.Filter) {
        runtimeFilter = new RuntimeFilter(this.appContext);    // 过滤器模式
    } else {
        runtimeFilter = new EmptyFilter();      // 拦截器模式
    }
    //
    FilterRegistrationBean<Filter> filterBean = //
            new FilterRegistrationBean<>(runtimeFilter);
    filterBean.setUrlPatterns(Collections.singletonList(this.filterPath));
    filterBean.setOrder(this.filterOrder);
    filterBean.setName(RuntimeFilter.class.getName());
    return filterBean;
}
 
Example #4
Source File: SecurityConfig.java    From movie-db-java-on-azure with MIT License 6 votes vote down vote up
@Bean
public FilterRegistrationBean oauth2ClientFilterRegistration(
        OAuth2ClientContextFilter filter) {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(filter);
    registration.setOrder(-100);
    return registration;
}
 
Example #5
Source File: LdapConfigurationTest.java    From edison-microservice with Apache License 2.0 6 votes vote down vote up
@Test
public void ensureBackwardsCompatibilityForPrefixesProperty() {
    this.context.register(EnableAutoConfig.class);
    TestPropertyValues
            .of("edison.application.management.base-path=/internal")
            .and("edison.ldap.enabled=true")
            .and("edison.ldap.host=localhost")
            .and("edison.ldap.rdn-identifier=test-rdn")
            .and("edison.ldap.base-dn=test-dn")
            .and("edison.ldap.prefix=/deprecatedTestPrefix")
            .applyTo(context);
    this.context.refresh();

    final FilterRegistrationBean<?> filterRegistrationBean = this.context.getBean("ldapAuthenticationFilter", FilterRegistrationBean.class);
    final ArrayList<String> urlPatterns = new ArrayList<String>(filterRegistrationBean.getUrlPatterns());
    assertThat(urlPatterns, hasSize(1));
    assertThat(urlPatterns, containsInAnyOrder("/deprecatedTestPrefix/*"));
}
 
Example #6
Source File: LdapConfigurationTest.java    From edison-microservice with Apache License 2.0 6 votes vote down vote up
@Test
public void shouldReadNewPrefixesPropertyAndIncludeOldPrefixProperty() {
    this.context.register(EnableAutoConfig.class);
    TestPropertyValues
            .of("edison.application.management.base-path=/internal")
            .and("edison.ldap.enabled=true")
            .and("edison.ldap.host=localhost")
            .and("edison.ldap.rdn-identifier=test-rdn")
            .and("edison.ldap.base-dn=test-dn")
            .and("edison.ldap.prefix=/deprecatedTestPrefix")
            .and("edison.ldap.prefixes=/newTestPrefix")
            .applyTo(context);
    this.context.refresh();

    final FilterRegistrationBean<?> filterRegistrationBean = this.context.getBean("ldapAuthenticationFilter", FilterRegistrationBean.class);
    final ArrayList<String> urlPatterns = new ArrayList<String>(filterRegistrationBean.getUrlPatterns());
    assertThat(urlPatterns, hasSize(2));
    assertThat(urlPatterns, containsInAnyOrder("/deprecatedTestPrefix/*", "/newTestPrefix/*"));
}
 
Example #7
Source File: OAuth2RestOperationsConfiguration.java    From spring-security-oauth2-boot with Apache License 2.0 6 votes vote down vote up
@Bean
public FilterRegistrationBean<OAuth2ClientContextFilter> oauth2ClientFilterRegistration(
		OAuth2ClientContextFilter filter, SecurityProperties security) {
	FilterRegistrationBean<OAuth2ClientContextFilter> registration = new FilterRegistrationBean<>();
	registration.setFilter(filter);
	registration.setOrder(security.getFilter().getOrder() - 10);
	return registration;
}
 
Example #8
Source File: ShiroConfig.java    From spring-boot-starter-samples with Apache License 2.0 6 votes vote down vote up
/**
 * 默认的登录验证过滤器
 */
@Bean("authc")
public FilterRegistrationBean<TrustableFormAuthenticatingFilter> authenticationFilter(
		@Autowired(required = false) List<LoginListener> loginListeners,
		ShiroBizProperties properties) {
	
	TrustableFormAuthenticatingFilter authcFilter = new TrustableFormAuthenticatingFilter();

	// 是否验证验证码
	authcFilter.setCaptchaEnabled(properties.isEnabled());
	// 登录监听:实现该接口可监听账号登录失败和成功的状态,从而做业务系统自己的事情,比如记录日志
	authcFilter.setLoginListeners(loginListeners);
	
	//authcFilter.setSessionStateless(properties.isSessionStateless());
	
	/*
	 * * 自定义Filter通过@Bean注解后,被Spring Boot自动注册到了容器的Filter
	 * chain中,这样导致的结果是,所有URL都会被自定义Filter过滤, 而不是Shiro中配置的一部分URL。下面方式可以解决该问题
	 */

	FilterRegistrationBean<TrustableFormAuthenticatingFilter> registration = new FilterRegistrationBean<TrustableFormAuthenticatingFilter>(
			authcFilter);
	registration.setEnabled(false);
	return registration;
}
 
Example #9
Source File: ShiroConfiguration.java    From EasyEE with MIT License 5 votes vote down vote up
/**
 * 取消 Shiro Filter 的/*自动注册行为
 * @param filter
 * @return
 */
@Bean
public FilterRegistrationBean disableRegistrationLogout(EasyLogoutFilter filter) {
    FilterRegistrationBean registration = new FilterRegistrationBean(filter);
    registration.setEnabled(false);
    return registration;
}
 
Example #10
Source File: XsrfAutoConfiguration.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
@Bean
@ConditionalOnBean(XsrfProperties.class)
public FilterRegistrationBean xsrfProtectionSecurityFilterBean(XsrfProtectionSecurityFilter filter) {
	// Register XSRF filter
	FilterRegistrationBean filterBean = new FilterRegistrationBean(filter);
	filterBean.setOrder(ORDER_XSRF_PRECEDENCE);
	// Cannot use '/*' or it will not be added to the container chain (only
	// '/**')
	filterBean.addUrlPatterns("/*");
	return filterBean;
}
 
Example #11
Source File: WebConfig.java    From MeetingFilm with Apache License 2.0 5 votes vote down vote up
/**
 * xssFilter注册
 */
@Bean
public FilterRegistrationBean xssFilterRegistration() {
    XssFilter xssFilter = new XssFilter();
    xssFilter.setUrlExclusion(Arrays.asList("/notice/update", "/notice/add"));
    FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
    registration.addUrlPatterns("/*");
    return registration;
}
 
Example #12
Source File: WebApplication.java    From hellokoding-courses with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean jwtFilter() {
    final FilterRegistrationBean registrationBean = new FilterRegistrationBean();
    registrationBean.setFilter(new JwtFilter());
    registrationBean.setInitParameters(Collections.singletonMap("services.auth", authService));
    registrationBean.addUrlPatterns("/protected-resource", "/logout");

    return registrationBean;
}
 
Example #13
Source File: WebConfig.java    From Sentinel-Dashboard-Nacos with Apache License 2.0 5 votes vote down vote up
/**
 * Add {@link CommonFilter} to the server, this is the simplest way to use Sentinel
 * for Web application.
 */
@Bean
public FilterRegistrationBean sentinelFilterRegistration() {
    FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>();
    registration.setFilter(new CommonFilter());
    registration.addUrlPatterns("/*");
    registration.setName("sentinelFilter");
    registration.setOrder(1);

    logger.info("Sentinel servlet CommonFilter registered");

    return registration;
}
 
Example #14
Source File: ShiroConfiguration.java    From chronus with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<Filter> filterRegistrationBean(ShiroFilterFactoryBean shiroFilterFactoryBean) throws Exception {
    FilterRegistrationBean<Filter> filterRegistration = new FilterRegistrationBean<>();
    filterRegistration.setFilter((Filter) shiroFilterFactoryBean.getObject());
    filterRegistration.addInitParameter("targetFilterLifecycle", "true");
    filterRegistration.setAsyncSupported(true);
    filterRegistration.setEnabled(true);
    //这里添加一下对DispatcherType.ASYNC的支持就可以了
    filterRegistration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);
    return filterRegistration;
}
 
Example #15
Source File: SecurityConfig.java    From HIS with Apache License 2.0 5 votes vote down vote up
/**
 * 允许跨域调用的过滤器
 */
@Bean
public CorsFilter corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return new CorsFilter(source);
}
 
Example #16
Source File: MyFilterConfig.java    From springboot-guide with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<MyFilter2> setUpMyFilter2() {
    FilterRegistrationBean<MyFilter2> filterRegistrationBean = new FilterRegistrationBean<>();
    filterRegistrationBean.setOrder(1);
    filterRegistrationBean.setFilter(myFilter2);
    filterRegistrationBean.setUrlPatterns(new ArrayList<>(Arrays.asList("/api/*")));
    return filterRegistrationBean;
}
 
Example #17
Source File: AppConfiguration.java    From SMSC with Apache License 2.0 5 votes vote down vote up
/**
 * Define filter to force UTF-8 encoding.
 *
 * @return filter
 */
@Bean
public FilterRegistrationBean characterEncodingFilterRegistrationBean() {
    FilterRegistrationBean registrationBean = new FilterRegistrationBean();
    registrationBean.setFilter(new org.springframework.web.filter.CharacterEncodingFilter());
    registrationBean.addUrlPatterns("/*");
    registrationBean.addInitParameter("encoding", "UTF-8");
    registrationBean.addInitParameter("forceEncoding", "true");
    registrationBean.setName("CharacterEncodingFilter");

    return registrationBean;
}
 
Example #18
Source File: WebConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean<ShallowEtagHeaderFilter> shallowEtagHeaderFilter() {
    FilterRegistrationBean<ShallowEtagHeaderFilter> filterRegistrationBean = new FilterRegistrationBean<>( new ShallowEtagHeaderFilter());
    filterRegistrationBean.addUrlPatterns("/foos/*");
    filterRegistrationBean.setName("etagFilter");
    return filterRegistrationBean;
}
 
Example #19
Source File: WebMvcConfig.java    From DrivingAgency with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean loginFilterRegistration() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(loginFilter());
    registration.addUrlPatterns("/manage/*","/agent/add","/agent/update","/agent/get","/student/*");
    registration.setName("loginFilter");
    registration.setOrder(1);
    return registration;
}
 
Example #20
Source File: ZuulApiGatewayApplication.java    From Spring-5.0-Projects with MIT License 5 votes vote down vote up
public FilterRegistrationBean<CorsFilter> simpleCorsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.setAllowCredentials(true);
    config.setAllowedOrigins(Collections.singletonList("*"));
    config.setAllowedMethods(Collections.singletonList("*"));
    config.setAllowedHeaders(Collections.singletonList("*"));
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean<CorsFilter> bean = new FilterRegistrationBean<>(new CorsFilter(source));
    bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
    return bean;
}
 
Example #21
Source File: ApplicationConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    CorsConfiguration config = new CorsConfiguration();
    config.addAllowedOrigin("*");
    config.setAllowCredentials(true);
    config.addAllowedHeader("*");
    config.addAllowedMethod("*");
    source.registerCorsConfiguration("/**", config);
    FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
    bean.setOrder(0);
    return bean;
}
 
Example #22
Source File: CasConfig.java    From Spring-Security-Third-Edition with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean characterEncodingFilterRegistration() {
    FilterRegistrationBean registrationBean =
            new FilterRegistrationBean(characterEncodingFilter());
    registrationBean.setName("CharacterEncodingFilter");
    registrationBean.addUrlPatterns("/*");
    registrationBean.setOrder(1);
    return registrationBean;
}
 
Example #23
Source File: ApplicationStarter.java    From oneplatform with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean<SecurityDelegatingFilter> someFilterRegistration() {
    FilterRegistrationBean<SecurityDelegatingFilter> registration = new FilterRegistrationBean<>();
    registration.setFilter(new SecurityDelegatingFilter());
    registration.addUrlPatterns("/*");
   // registration.addInitParameter("urlPrefix", "/s");
    registration.setName("authFilter");
    registration.setOrder(0);
    return registration;
}
 
Example #24
Source File: CorsConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
     UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
     CorsConfiguration config = new CorsConfiguration();
     config.addAllowedOrigin("*");
     config.setAllowCredentials(true);
     config.addAllowedHeader("*");
     config.addAllowedMethod("*");
     source.registerCorsConfiguration("/**", config);
     FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
     bean.setOrder(0);
     return bean;
}
 
Example #25
Source File: DruidConfig.java    From ZTuoExchange_framework with MIT License 5 votes vote down vote up
/**
 * 注册一个:filterRegistrationBean
 * @return
 */
@Bean
public FilterRegistrationBean druidStatFilter(){
    FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter());
    //添加过滤规则.
    filterRegistrationBean.addUrlPatterns("/*");
    //添加不需要忽略的格式信息.
    filterRegistrationBean.addInitParameter("exclusions","*.js,*.gif,*.jpg,*.png,*.css,*.ico,/my/druid/*");
    return filterRegistrationBean;
}
 
Example #26
Source File: SecurityManagedConfiguration.java    From hawkbit with Eclipse Public License 1.0 5 votes vote down vote up
/**
 * Filter to protect the hawkBit server Management interface against to
 * many requests.
 * 
 * @param securityProperties
 *            for filter configuration
 *
 * @return the spring filter registration bean for registering a denial
 *         of service protection filter in the filter chain
 */
@Bean
@ConditionalOnProperty(prefix = "hawkbit.server.security.dos.filter", name = "enabled", matchIfMissing = true)
public FilterRegistrationBean<DosFilter> dosMgmtFilter(final HawkbitSecurityProperties securityProperties) {

    final FilterRegistrationBean<DosFilter> filterRegBean = dosFilter(null,
            securityProperties.getDos().getFilter(), securityProperties.getClients());
    filterRegBean.setUrlPatterns(Arrays.asList("/rest/*", "/api/*"));
    filterRegBean.setOrder(DOS_FILTER_ORDER);
    filterRegBean.setName("dosMgmtFilter");

    return filterRegBean;
}
 
Example #27
Source File: IamAutoConfiguration.java    From super-cloudops with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean authenticatorFilterRegistrationBean(
		@Qualifier(BEAN_AUTH_FILTER) AuthenticatorAuthenticationFilter filter) {
	FilterRegistrationBean registration = new FilterRegistrationBean(filter);
	registration.setEnabled(false);
	return registration;
}
 
Example #28
Source File: DruidConfiguration.java    From springBoot-study with Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean druidStatFilter() {
	FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(
			new WebStatFilter());
	// 添加过滤规则
	filterRegistrationBean.addUrlPatterns("/*");
	// 添加不需要忽略的格式信息
	filterRegistrationBean.addInitParameter("exclusions",
			"*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*");
	System.out.println("druid初始化成功!");
	return filterRegistrationBean;

}
 
Example #29
Source File: DruidMonitorConfigurer.java    From mySpringBoot with Apache License 2.0 5 votes vote down vote up
/**
 * 注册FilterRegistrationBean
 * @return
 */
@Bean
public FilterRegistrationBean druidStatFilter() {
    FilterRegistrationBean bean = new FilterRegistrationBean(new WebStatFilter());
    //添加过滤规则.
    bean.addUrlPatterns("/*");
    //添加不需要忽略的格式信息.
    bean.addInitParameter("exclusions","*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid/*");
    return bean;
}
 
Example #30
Source File: CatFilterConfigure.java    From piggymetrics with MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean catFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    CatServletFilter filter = new CatServletFilter();
    registration.setFilter(filter);
    registration.addUrlPatterns("/*");
    registration.setName("cat-filter");
    registration.setOrder(1);
    return registration;
}