1.springboot 拦截器处理过滤token,并且返回结果
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
import org.apache.commons.lang3.StringUtils; import org.apache.shiro.subject.Subject; import org.springframework.lang.Nullable; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.util.Map; @Component public class ECInterceptor implements HandlerInterceptor { /** * @Description 在业务处理器处理请求之前被调用。预处理,可以进行编码、安全控制等处理; * @Date 2019/5/14 16:04 * @Version 1.0 */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println(request.getRequestURL()+ "===========preHandle===========" ); String token = request.getParameter( "token" ); if (StringUtils.isNotEmpty(token)){ Subject subject = ShiroUtil.getSubject(token); if (subject != null && subject.isAuthenticated()){ return true ; } else { //返回校验token结果 returnJson(response); // return false; //我做的时候返回数据后忘记return false了,所以导致异常 } } return true ; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception { System.out.println(request.getContextPath()+ "============postHandle==========" ); } /** * @Description 在DispatcherServlet完全处理完请求后被调用,也就是说视图渲染已经完毕或者调用者已经拿到结果 * @Date 2019/5/14 16:05 * @Version 1.0 */ @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception { System.out.println(request.getContextPath()+ "============afterCompletion==========" ); } private void returnJson(HttpServletResponse response){ PrintWriter writer = null ; response.setCharacterEncoding( "UTF-8" ); response.setContentType( "application/json; charset=utf-8" ); try { writer = response.getWriter(); Map<String, Object> result = PackageReturnResult.returnJson( 400 , "用户令牌token无效" ); result.put( "data" , null ); writer.print(result); } catch (IOException e){ LoggerUtil.logError(ECInterceptor. class , "拦截器输出流异常" +e); } finally { if (writer != null ){ writer.close(); } } } } |
2.java.lang.IllegalStateException: getWriter() has already been called for this response异常
我再做拦截器处理response数据后忘记return false返回,导致拦截器被调用两次,报java.lang.IllegalStateException: getWriter() has already been called for this response异常,犯这样低级错误花了很长时间才解决,谨记!!!
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
[ 2019 - 05 - 27 09 : 27 : 17.690 ] [http-nio- 8080 -exec- 1 ] [ERROR] [o.a.c.c.C.[.[.[.[dispatcherServlet] : 175 ] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.IllegalStateException: getWriter() has already been called for this response] with root cause java.lang.IllegalStateException: getWriter() has already been called for this response at org.apache.catalina.connector.Response.getOutputStream(Response.java: 548 ) at org.apache.catalina.connector.ResponseFacade.getOutputStream(ResponseFacade.java: 210 ) at javax.servlet.ServletResponseWrapper.getOutputStream(ServletResponseWrapper.java: 105 ) at org.springframework.http.server.ServletServerHttpResponse.getBody(ServletServerHttpResponse.java: 83 ) at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.writeInternal(AbstractJackson2HttpMessageConverter.java: 255 ) at org.springframework.http.converter.AbstractGenericHttpMessageConverter.write(AbstractGenericHttpMessageConverter.java: 103 ) at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodProcessor.writeWithMessageConverters(AbstractMessageConverterMethodProcessor.java: 290 ) at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.handleReturnValue(RequestResponseBodyMethodProcessor.java: 180 ) at com.uufund.ecapi.config.returnvalue.HandlerMethodReturnValueHandlerProxy.handleReturnValue(HandlerMethodReturnValueHandlerProxy.java: 40 ) at org.springframework.web.method.support.HandlerMethodReturnValueHandlerComposite.handleReturnValue(HandlerMethodReturnValueHandlerComposite.java: 82 ) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java: 119 ) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java: 892 ) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java: 797 ) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java: 87 ) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java: 1038 ) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java: 942 ) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java: 1005 ) at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java: 897 ) at javax.servlet.http.HttpServlet.service(HttpServlet.java: 634 ) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java: 882 ) at javax.servlet.http.HttpServlet.service(HttpServlet.java: 741 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 231 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java: 53 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java: 449 ) at org.apache.shiro.web.servlet.AbstractShiroFilter$ 1 .call(AbstractShiroFilter.java: 365 ) at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java: 90 ) at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java: 83 ) at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java: 387 ) at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java: 362 ) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 125 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at com.uufund.ecapi.config.filter.ECWebFilter.doFilter(ECWebFilter.java: 24 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java: 99 ) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 107 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java: 92 ) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 107 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java: 93 ) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 107 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java: 200 ) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java: 107 ) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java: 193 ) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java: 166 ) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java: 200 ) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java: 96 ) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java: 490 ) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java: 139 ) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java: 92 ) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java: 74 ) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java: 343 ) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java: 408 ) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java: 66 ) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java: 834 ) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java: 1415 ) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java: 49 ) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java: 1149 ) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java: 624 ) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java: 61 ) at java.lang.Thread.run(Thread.java: 748 ) |
补充知识:springboot 拦截器过滤权限和错误处理
先说异常处理,增加一个异常处理的类MyControllerAdvice就可以了,不需要其他地方使用,注意使用注解@ControllerAdvice
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
@ControllerAdvice public class MyControllerAdvice { @Resource GetRootPath getRootPath; private static final Logger logger = LoggerFactory.getLogger(MyControllerAdvice. class ); public void output(Object json, HttpServletRequest request, HttpServletResponse response) throws IOException { String header = request.getHeader( "Origin" ); response.setContentType( "application/json;charset=UTF-8;" ); PrintWriter out = response.getWriter(); out.println(json); out.flush(); out.close(); } /*** * 404处理 * @param e * @return */ @ExceptionHandler (NoHandlerFoundException. class ) public void notFountHandler(HttpServletRequest request, HttpServletResponse response, Model model, NoHandlerFoundException e) throws IOException, JSONException { JSONObject json = new JSONObject(); json.put( "code" , 500 ); json.put( "content" , null ); json.put( "msg" , "未找到路径:" +request.getServletPath()); output(json,request,response); } /** * 运行时异常 * * @param exception * @return */ @ExceptionHandler ({RuntimeException. class }) @ResponseStatus (HttpStatus.OK) public void processException(HttpServletRequest request, HttpServletResponse response, Model model, RuntimeException exception) throws JSONException, IOException { JSONObject json = new JSONObject(); json.put( "code" , 500 ); json.put( "content" , null ); json.put( "msg" , exception.getMessage()); output(json,request,response); } /** * Excepiton异常 * * @param exception * @return */ @ExceptionHandler ({Exception. class }) @ResponseStatus (HttpStatus.OK) public void processException(HttpServletRequest request, HttpServletResponse response, Model model, Exception exception) throws JSONException, IOException { JSONObject json = new JSONObject(); json.put( "code" , 500 ); json.put( "content" , null ); json.put( "msg" , exception.getMessage()); output(json,request,response); } } |
再来权限验证的,接手的项目框架中只有验证是否登录的,没有验收权限的,增加一个类WebMvcConfig,注意使用注解@Configuration, 不需要在其他地方引用即可起作用,并注意使用excludePathPatterns去掉不需要拦截的部分,否则会拦截掉静态资源。
1
2
3
4
5
6
7
8
9
10
11
12
|
@Configuration public class WebMvcConfig implements WebMvcConfigurer { /** * 添加拦截器 */ @Override public void addInterceptors(InterceptorRegistry registry) { //静态资源不拦截 registry.addInterceptor( new LoginInterceptor()).addPathPatterns( "/**" ).excludePathPatterns( "/static/**" ); } } |
增加拦截器类LoginInterceptor
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
public class LoginInterceptor extends HandlerInterceptorAdapter { /** * 检查是否已经登录 */ @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { Object username = request.getSession().getAttribute(Constants.LOGIN_USER); String servletPath = request.getServletPath(); String type = request.getHeader( "X-Requested-With" ) == null ? "" : request.getHeader( "X-Requested-With" ); if (username != null ) { //检查页面访问的权限 if (! "XMLHttpRequest" .equals(type)) { int userId = Integer.valueOf(request.getSession().getAttribute(Constants.LOGIN_USERID).toString()); List<ModuleEntity> moduleList = (List<ModuleEntity>) request.getSession().getAttribute(Constants.USER_MODULE); boolean chkResult = methodPermissionLimit(moduleList, servletPath); if (!chkResult){ JSONObject outputMSg = new JSONObject(); outputMSg.put( "code" , 500 ); outputMSg.put( "content" , "" ); outputMSg.put( "msg" , "没有权限" ); output(outputMSg, request, response); return false ; } else { return true ; } } else { //如果是json访问,则不做检查 return true ; } } else { //检查是否登录允许 if (methodLoginLimit(handler)) { return true ; } else { if ( "XMLHttpRequest" .equals(type)) { JSONObject outputMSg = new JSONObject(); outputMSg.put( "code" , 500 ); outputMSg.put( "content" , "" ); outputMSg.put( "msg" , "登录过期,请重新登陆" ); output(outputMSg, request, response); return false ; } else { String redirectUrl = request.getContextPath() + "/login" ; response.sendRedirect(redirectUrl); return false ; } } } } public boolean methodLoginLimit(Object handler) { HandlerMethod method = (HandlerMethod) handler; //获取当前方法PermessionLimit LoginLimit loginLimit = method.getMethodAnnotation(LoginLimit. class ); if (loginLimit == null ) { //获取控制器的PermessionLimit loginLimit = method.getMethod().getDeclaringClass().getAnnotation(LoginLimit. class ); } if (loginLimit != null && !loginLimit.limit()) { return true ; } else { return false ; } } /** * 检查权限 * * @param moduleList * @param path * @return */ public boolean methodPermissionLimit(List<ModuleEntity> moduleList, String path) { boolean havePermission = moduleList.stream().anyMatch(f->f.getPath().toLowerCase().equals(path.toLowerCase())); return havePermission; } public void output(Object json, HttpServletRequest request, HttpServletResponse response) throws IOException { String header = request.getHeader( "Origin" ); response.setContentType( "application/json;charset=UTF-8;" ); PrintWriter out = response.getWriter(); out.println(json); out.flush(); out.close(); } } |
这样的拦截器只对页面地址进行拦截,对ajax提交的数据不做处理,做普通项目的权限过滤是可以了。
以上这篇springboot拦截器过滤token,并返回结果及异常处理操作就是小编分享给大家的全部内容了,希望能给大家一个参考,也希望大家多多支持服务器之家。
原文链接:https://blog.csdn.net/yaomingyang/article/details/90597659