在spring-boot应用程序中,我创建了一些API调用。我想为几个网址添加一个过滤器。安全配置如下:
@Configuration
@EnableWebMvc
public class SecurityConfig extends WebSecurityConfigurerAdapter
{
@Override
protected void configure(HttpSecurity http) throws Exception
{
http.addFilterBefore(authenticationFilter(), BasicAuthenticationFilter.class)
.authorizeRequests().anyRequest().denyAll();
http.authorizeRequests().antMatchers("/api/user").permitAll();
}
AuthenticationFilter authenticationFilter() throws Exception
{
AuthenticationFilter filter = new AuthenticationFilter();
return filter;
}
}
我不希望将过滤器应用于除/api/user之外的任何api调用,因此我拒绝了所有网址并允许使用/api/user。
AuthorizationFilter类如下:
public class AuthenticationFilter extends OncePerRequestFilter
{
public AuthenticationFilter()
{
super();
}
@Override
public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException
{
Enumeration<String> headerNames = request.getHeaderNames();
while(headerNames.hasMoreElements()){
String headerName = headerNames.nextElement();
System.out.println("headerName " + headerName);
System.out.println("headerVal " + request.getHeader(headerName));
}
chain.doFilter(request,response);
}
}
这只打印所有标题信息。目前它正在打印所有api调用的标题信息,但我希望仅在/api/user的情况下打印,而不是在任何其他api调用上打印。请说明我应该做出哪些改变?