Spring Security3源码分析-FilterChainProxy执行过程分析

扫码关注公众号:Java 技术驿站

发送:vip
将链接复制到本浏览器,永久解锁本站全部文章

【公众号:Java 技术驿站】 【加作者微信交流技术,拉技术群】

通过FilterChainProxy的初始化、自定义标签的分析后,Spring Security需要的运行环境已经准备好了。

这样当用户访问应用时,过滤器就开始工作了。web.xml配置的Filter:org.springframework.web.filter.DelegatingFilterProxy就不介绍了,该类仅仅是初始化一个FilterChainProxy,然后把所有拦截的请求交给FilterChainProxy处理。

FilterChainProxy的doFilter方法如下


        public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
                throws IOException, ServletException {
             //FilterInvocation类封装了request、response、chain
            //在方法中传递        
             FilterInvocation fi = new FilterInvocation(request, response, chain);
            //获取http标签中创建的所有Filter
            List<Filter> filters = getFilters(fi.getRequestUrl());
            if (filters == null || filters.size() == 0) {
                if (logger.isDebugEnabled()) {
                    logger.debug(fi.getRequestUrl() +
                            filters == null ? " has no matching filters" : " has an empty filter list");
                }

                chain.doFilter(request, response);

                return;
            }
            //把实际doFilter任务交给VirtualFilterChain处理
            VirtualFilterChain virtualFilterChain = new VirtualFilterChain(fi, filters);
            virtualFilterChain.doFilter(fi.getRequest(), fi.getResponse());
        }

现在来分析VirtualFilterChain的doFilter方法:


        private static class VirtualFilterChain implements FilterChain {
            private FilterInvocation fi;
            private List<Filter> additionalFilters;
            private int currentPosition = 0;

            private VirtualFilterChain(FilterInvocation filterInvocation, List<Filter> additionalFilters) {
                this.fi = filterInvocation;
                this.additionalFilters = additionalFilters;
            }

            public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
                //判断过滤器的个数是否与当前位置相等
                if (currentPosition == additionalFilters.size()) {
                    if (logger.isDebugEnabled()) {
                        logger.debug(fi.getRequestUrl()
                            + " reached end of additional filter chain; proceeding with original chain");
                    }
                    fi.getChain().doFilter(request, response);
                } else {
                    //当前位置加一
                    currentPosition++;
                    //根据当前位置从过滤器列表中取出一个Filter
                    Filter nextFilter = additionalFilters.get(currentPosition - 1);
                    if (logger.isDebugEnabled()) {
                        logger.debug(fi.getRequestUrl() + " at position " + currentPosition + " of "
                            + additionalFilters.size() + " in additional filter chain; firing Filter: '"
                            + nextFilter + "'");
                    }
                   //执行取出Filter的doFilter方法
                   nextFilter.doFilter(request, response, this);
                }
            }
        }

注意这里


    nextFilter.doFilter(request, response, this);

[color=red]VirtualFilterChain把自身作为参数传递给doFilter方法,这样doFilter方法最后会调用VirtualFilterChain的doFilter方法,这样控制就又回到了VirtualFilterChain,于是VirtualFilterChain又将当前位置currentPosition前移,调用下一个Filter的doFilter方法。当additionalFilters中所有元素的doFilter都执行完毕,VirtualFilterChain执行fi.getChain().doFilter,而fi.getChain()的值就是FilterChainProxy的doFilter方法中的参数chain的值。[/color]

这样我们就理解了FilterChainProxy是如何处理整个Filter链的了。

接下来,就要一一分析每个Filter的功能与作用了。


来源:http://ddrv.cn

赞(0) 打赏
版权归原创作者所有,任何形式的转载请联系博主:daming_90:Java 技术驿站 » Spring Security3源码分析-FilterChainProxy执行过程分析

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

觉得文章有用就打赏一下文章作者

支付宝扫一扫打赏

微信扫一扫打赏