Java Code Examples for org.springframework.boot.web.servlet.FilterRegistrationBean#addUrlPatterns()

The following examples show how to use org.springframework.boot.web.servlet.FilterRegistrationBean#addUrlPatterns() . These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: kvf-admin   File: XssFilterConfig.java    License: MIT License 6 votes vote down vote up
/**
 * xss过滤拦截器
 */
@Bean
public FilterRegistrationBean<Filter> xssFilterRegistrationBean() {
    FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
    filterRegistrationBean.setFilter(new XssFilter());
    filterRegistrationBean.setOrder(Integer.MAX_VALUE - 1);
    filterRegistrationBean.setEnabled(true);
    filterRegistrationBean.addUrlPatterns("/*");
    Map<String, String> initParameters = new HashMap<>();
    // excludes用于配置不需要参数过滤的请求url
    initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
    // isIncludeRichText主要用于设置富文本内容是否需要过滤  TODO: 好像无效
    initParameters.put("isIncludeRichText", "true");
    // 配置过滤URL白名单
    initParameters.put(Constants.XSS_NOTICE_KEY, "");
    filterRegistrationBean.setInitParameters(initParameters);
    return filterRegistrationBean;
}
 
Example 2
Source Project: apollo   File: AuthConfiguration.java    License: Apache License 2.0 6 votes vote down vote up
@Bean
public FilterRegistrationBean authenticationFilter() {
  FilterRegistrationBean casFilter = new FilterRegistrationBean();

  Map<String, String> filterInitParam = Maps.newHashMap();
  filterInitParam.put("redisClusterName", "casClientPrincipal");
  filterInitParam.put("serverName", portalConfig.portalServerName());
  filterInitParam.put("casServerLoginUrl", portalConfig.casServerLoginUrl());
  //we don't want to use session to store login information, since we will be deployed to a cluster, not a single instance
  filterInitParam.put("useSession", "false");
  filterInitParam.put("/openapi.*", "exclude");

  casFilter.setInitParameters(filterInitParam);
  casFilter
      .setFilter(filter("com.ctrip.framework.apollo.sso.filter.ApolloAuthenticationFilter"));
  casFilter.addUrlPatterns("/*");
  casFilter.setOrder(2);

  return casFilter;
}
 
Example 3
@Bean
public FilterRegistrationBean xxlSsoFilterRegistration() {

    // xxl-sso, redis init
    JedisUtil.init(xxlSsoRedisAddress);

    // xxl-sso, filter init
    FilterRegistrationBean registration = new FilterRegistrationBean();

    registration.setName("XxlSsoWebFilter");
    registration.setOrder(1);
    registration.addUrlPatterns("/*");
    registration.setFilter(new XxlSsoWebFilter());
    registration.addInitParameter(Conf.SSO_SERVER, xxlSsoServer);
    registration.addInitParameter(Conf.SSO_LOGOUT_PATH, xxlSsoLogoutPath);
    registration.addInitParameter(Conf.SSO_EXCLUDED_PATHS, xxlSsoExcludedPaths);

    return registration;
}
 
Example 4
Source Project: piggymetrics   File: CatFilterConfigure.java    License: MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean catFilter() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    CatServletFilter filter = new CatServletFilter();
    registration.setFilter(filter);
    registration.addUrlPatterns("/*");
    registration.setName("cat-filter");
    registration.setOrder(1);
    return registration;
}
 
Example 5
@Bean
public FilterRegistrationBean requestEncodingFilterRegistration() {
    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(requestEncodingFilter());
    registration.addUrlPatterns("/*");
    registration.addInitParameter("encoding", "UTF-8");
    registration.setName("RequestEncodingFilter");
    registration.setOrder(4);
    return registration;
}
 
Example 6
Source Project: CAS   File: CasCustomConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
 * 比如AssertionHolder.getAssertion().getPrincipal().getName()。
 * 这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
 *
 * @return
 */
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    filterRegistration.setFilter(new AssertionThreadLocalFilter());
    filterRegistration.setEnabled(true);
    if (autoconfig.getAssertionFilters().size() > 0) {
        filterRegistration.setUrlPatterns(autoconfig.getAssertionFilters());
    } else {
        filterRegistration.addUrlPatterns("/*");
    }
    filterRegistration.setOrder(7);
    return filterRegistration;
}
 
Example 7
@Bean
public FilterRegistrationBean<Filter> parameterDecodingFilterRegistration() {
    FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>(parameterDecodingFilter());
    registration.addUrlPatterns("/*");
    registration.setName("ParameterDecodingFilter");
    registration.setOrder(2);
    return registration;
}
 
Example 8
Source Project: frpMgr   File: ShiroConfig.java    License: MIT License 5 votes vote down vote up
/**
 * Apache Shiro Filter
 * @throws Exception 
 */
@Bean
@Order(3000)
@ConditionalOnMissingBean(name="shiroFilterProxy")
public FilterRegistrationBean shiroFilterProxy(ShiroFilterFactoryBean shiroFilter) throws Exception {
	FilterRegistrationBean bean = new FilterRegistrationBean();
	bean.setFilter((Filter) shiroFilter.getInstance());
	bean.addUrlPatterns("/*");
	return bean;
}
 
Example 9
@Bean
public FilterRegistrationBean<Filter> requestEncodingFilterRegistration() {
    FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<>(requestEncodingFilter());
    registration.addUrlPatterns("/*");
    registration.addInitParameter("encoding", "UTF-8");
    registration.setName("RequestEncodingFilter");
    registration.setOrder(4);
    return registration;
}
 
Example 10
Source Project: hellokoding-courses   File: WebApplication.java    License: MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean jwtFilter() {
    final FilterRegistrationBean registrationBean = new FilterRegistrationBean();
    registrationBean.setFilter(new JwtFilter());
    registrationBean.setInitParameters(Collections.singletonMap("services.auth", authService));
    registrationBean.addUrlPatterns("/protected-resource");

    return registrationBean;
}
 
Example 11
Source Project: AuTe-Framework   File: MockApplication.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean corsFilter() {
    FilterRegistrationBean filter = new FilterRegistrationBean(new CorsFilter());
    filter.addUrlPatterns("/*");
    filter.setOrder(1);
    return filter;
}
 
Example 12
Source Project: utils   File: ShiroAutoConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Bean(name = "shiroFilter")
@DependsOn("securityManager")
@ConditionalOnMissingBean
public FilterRegistrationBean filterRegistrationBean(SecurityManager securityManager) throws Exception {
    FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
    //该值缺省为false,表示生命周期由SpringApplicationContext管理,设置为true则表示由ServletContainer管理
    filterRegistration.addInitParameter("targetFilterLifecycle", "true");
    filterRegistration.setFilter((Filter) getShiroFilterFactoryBean(securityManager).getObject());
    filterRegistration.setEnabled(true);
    filterRegistration.addUrlPatterns("/*");

    return filterRegistration;
}
 
Example 13
Source Project: MeetingFilm   File: WebConfig.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * druid监控 配置URI拦截策略
 */
@Bean
public FilterRegistrationBean druidStatFilter() {
    FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter());
    //添加过滤规则.
    filterRegistrationBean.addUrlPatterns("/*");
    //添加不需要忽略的格式信息.
    filterRegistrationBean.addInitParameter(
            "exclusions", "/static/*,*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid,/druid/*");
    //用于session监控页面的用户名显示 需要登录后主动将username注入到session里
    filterRegistrationBean.addInitParameter("principalSessionName", "username");
    return filterRegistrationBean;
}
 
Example 14
Source Project: tutorials   File: FilterRegistrationConfig.java    License: MIT License 5 votes vote down vote up
@Bean
public FilterRegistrationBean<HeaderValidatorFilter> headerValidatorFilter() {
    FilterRegistrationBean<HeaderValidatorFilter> registrationBean = new FilterRegistrationBean<>();
    registrationBean.setFilter(new HeaderValidatorFilter());
    registrationBean.addUrlPatterns("*");
    return registrationBean;
}
 
Example 15
Source Project: cymbal   File: SecurityConfiguration.java    License: Apache License 2.0 5 votes vote down vote up
@Bean
public FilterRegistrationBean casAuthenticationFilterRegistrationBean(
        final CasAuthenticationFilter casAuthenticationFilter) {
    FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
    filterRegistrationBean.setFilter(casAuthenticationFilter);
    filterRegistrationBean.addUrlPatterns("/*");
    filterRegistrationBean.setOrder(3);
    return filterRegistrationBean;
}
 
Example 16
@Bean
public FilterRegistrationBean openEntityManagerInViewFilter() {
    FilterRegistrationBean<OpenEntityManagerInViewFilter> filterRegistrationBean
            = new FilterRegistrationBean<>(new OpenEntityManagerInViewFilter());
    filterRegistrationBean.addUrlPatterns("/*");
    filterRegistrationBean.setName("openEntityManagerInViewFilter");
    filterRegistrationBean.setOrder(-200); // 必须在安全过滤器(-100)之前执行
    filterRegistrationBean.setDispatcherTypes(EnumSet.of(DispatcherType.REQUEST, DispatcherType.FORWARD));

    return filterRegistrationBean;
}
 
Example 17
@Bean
public FilterRegistrationBean urlRewriteFilterRegistration() {
	DelegatingFilterProxy proxy = new DelegatingFilterProxy("urlRewriteFilter");
	proxy.setTargetFilterLifecycle(true);

	FilterRegistrationBean registration = new FilterRegistrationBean();
	registration.setName("urlRewriteFilter");
	registration.setFilter(proxy);
	registration.setDispatcherTypes(EnumSet.of(DispatcherType.REQUEST));
	registration.addUrlPatterns("/*");
	registration.setOrder(0);
	return registration;
}
 
Example 18
Source Project: para   File: ParaServer.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * @return GZIP filter bean
 */
@Bean
public FilterRegistrationBean<?> gzipFilterRegistrationBean() {
	String path = Api1.PATH + "*";
	FilterRegistrationBean<?> frb = new FilterRegistrationBean<>(new GZipServletFilter());
	logger.debug("Initializing GZip filter [{}]...", path);
	frb.addUrlPatterns(path);
	frb.setAsyncSupported(true);
	frb.setEnabled(Config.GZIP_ENABLED);
	frb.setMatchAfter(true);
	frb.setOrder(20);
	return frb;
}
 
Example 19
Source Project: supplierShop   File: DruidConfig.java    License: MIT License 4 votes vote down vote up
/**
 * 去除监控页面底部的广告
 */
@SuppressWarnings({ "rawtypes", "unchecked" })
@Bean
@ConditionalOnProperty(name = "spring.datasource.druid.statViewServlet.enabled", havingValue = "true")
public FilterRegistrationBean removeDruidFilterRegistrationBean(DruidStatProperties properties)
{
    // 获取web监控页面的参数
    DruidStatProperties.StatViewServlet config = properties.getStatViewServlet();
    // 提取common.js的配置路径
    String pattern = config.getUrlPattern() != null ? config.getUrlPattern() : "/druid/*";
    String commonJsPattern = pattern.replaceAll("\\*", "js/common.js");
    final String filePath = "support/http/resources/js/common.js";
    // 创建filter进行过滤
    Filter filter = new Filter()
    {
        @Override
        public void init(javax.servlet.FilterConfig filterConfig) throws ServletException
        {
        }
        @Override
        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
                throws IOException, ServletException
        {
            chain.doFilter(request, response);
            // 重置缓冲区,响应头不会被重置
            response.resetBuffer();
            // 获取common.js
            String text = Utils.readFromResource(filePath);
            // 正则替换banner, 除去底部的广告信息
            text = text.replaceAll("<a.*?banner\"></a><br/>", "");
            text = text.replaceAll("powered.*?shrek.wang</a>", "");
            response.getWriter().write(text);
        }
        @Override
        public void destroy()
        {
        }
    };
    FilterRegistrationBean registrationBean = new FilterRegistrationBean();
    registrationBean.setFilter(filter);
    registrationBean.addUrlPatterns(commonJsPattern);
    return registrationBean;
}
 
Example 20
/**
 * The requirement for using the instruction is that the creation of
 * {@link CorsProperties} object beans must precede this</br>
 * e.g.
 *
 * <pre>
 * &#64;Bean
 * public CorsProperties corsProperties() {
 * 	...
 * }
 * </pre>
 *
 * <b style="color:red;font-size:40px">&nbsp;↑</b>
 *
 * <pre>
 * &#64;Bean
 * &#64;ConditionalOnBean(CorsProperties.class)
 * public FilterRegistrationBean corsResolveSecurityFilterBean(CorsProperties config) {
 * 	...
 * }
 * </pre>
 */
@Bean
@ConditionalOnBean(CorsProperties.class)
public FilterRegistrationBean corsResolveSecurityFilterBean(CorsSecurityFilter filter) {
	// Register CORS filter
	FilterRegistrationBean filterBean = new FilterRegistrationBean(filter);
	filterBean.setOrder(ORDER_CORS_PRECEDENCE);
	// Cannot use '/*' or it will not be added to the container chain (only
	// '/**')
	filterBean.addUrlPatterns("/*");
	return filterBean;
}