过滤导致POST请求正文变空

时间:2015-05-07 05:27:21

标签: java spring-mvc request servlet-filters

我正在使用HMAC身份验证过滤器。在我访问POST Request Body的过滤器中,我能够获取XML。当我尝试访问控制器中的XML时,我得到一个空白字符串。过滤器中的xmlString提供了正确的XML,但控制器中的xmlString给出了空白字符串。我正在使用Spring MVC。

我的过滤器是:

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest) request;
        HttpServletResponse httpResponse = (HttpServletResponse) response;

        String authorisation = httpRequest.getHeader("authorization");
        String accessKeyId = authorisation.split(":")[0].split(" ")[1];
        String signature = authorisation.split(":")[1];
        String secretAccessKey = getSecretAccessKey(accessKeyId);

        InputStream xmlStream = httpRequest.getInputStream();
        String xmlString = IOUtils.toString(xmlStream, "UTF-8");
        String encodedXml = new String();
        try {
            encodedXml = HMACEncoder.calculateHMAC(xmlString, secretAccessKey);
        } catch (SignatureException e) {
            e.printStackTrace();
        }
        if (!signature.equals(encodedXml))
            httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        else
            chain.doFilter(request, response);
    }

我的控制器是:

@RequestMapping(value = "/user", method = RequestMethod.POST)
public String fetchUserString(HttpServletRequest request) {
    InputStream xml = null;
    String xmlString = null;
    try {
        xml = request.getInputStream();
        xmlString = IOUtils.toString(xml, "UTF-8");
    } catch (IOException e) {
        e.printStackTrace();
    }
    return xmlString;
}

2 个答案:

答案 0 :(得分:1)

正如praki建议的那样,我将XML放在请求属性中,在我的控制器中,我从请求属性中获取它,然后将XML放在ProgramPeriod中。这是我的代码:

我的过滤器:

ModelAttribute

和我的控制员:

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;
    if (httpRequest.getMethod().equalsIgnoreCase("POST")) {    
        String authorisation = httpRequest.getHeader("authorization");
        String accessKeyId = authorisation.split(":")[0].split(" ")[1];
        String signature = authorisation.split(":")[1];
        String secretAccessKey = getSecretAccessKey(accessKeyId);    
        ServletInputStream servletStream = httpRequest.getInputStream();
        String xmlString = IOUtils.toString(servletStream);
        String encodedXml = new String();
        try {
            encodedXml = HMACEncoder.calculateHMAC(xmlString, secretAccessKey);
        } catch (SignatureException e) {
            e.printStackTrace();
        }
        httpRequest.setAttribute("content", xmlString);
        if (!signature.equals(encodedXml))
            httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        else
            chain.doFilter(request, response);
    } else
        chain.doFilter(request, response);
}

答案 1 :(得分:0)

您无法读取流两次,在过滤器中注释代码并仅在控制器中读取。

相关问题
最新问题