我编写了一个自定义Spring Security过滤器,需要使用发布给它的用户XML数据。过滤器如何获取发布的数据?
答案 0 :(得分:1)
这不是真正针对Spring Security的问题,因为您可能只是实现了javax.servlet.Filter
接口。在这种情况下,您正在实施该方法:
public void doFilter ( ServletRequest request, ServletResponse response,
FilterChain chain ) throws IOException, ServletException;
如果您需要特定于HTTP的数据(通常需要),您可以将ServletRequest
转换为HttpServletRequest
:
import javax.servlet.http.HttpServletRequest;
// ...
HttpServletRequest httpRequest = (HttpServletRequest) request;
String xml = httpRequest.getParameter("xml");
如果您要扩展其中一个标准的Spring Security过滤器,请务必查看您要扩展的过滤器的来源!其中许多已经覆盖doFilter
并期望您将覆盖另一种方法来增强其行为。
答案 1 :(得分:0)
阅读AbstractAuthenticationProcessingFilter的文档(基于您之前的问题,我想这是您的自定义过滤器扩展的类),要实现的抽象方法是attemptAuthentication,它接收HttpServletRequest和HttpServletResponse作为参数:
Parameters:
request - from which to extract parameters and perform the authentication
response - the response, which may be needed if the implementation has to do a redirect as part of a multi-stage authentication process (such as OpenID).