在web.xml文件中配置

問(wèn)題:為什么DelegatingFilterProxy的filter-name必須是springSecurityFilterChain?

DelegatingFilterProxy并不是真正的Filter，在其initFilterBean方法中會(huì)從WebApplicationContext根據(jù)delegate來(lái)獲取到?

protected void initFilterBean() throws ServletException {synchronized (this.delegateMonitor) {if (this.delegate == null) {// If no target bean name specified, use filter name.if (this.targetBeanName == null) {this.targetBeanName = getFilterName();}// Fetch Spring root application context and initialize the delegate early,// if possible. If the root application context will be started after this// filter proxy, we'll have to resort to lazy initialization.WebApplicationContext wac = findWebApplicationContext();if (wac != null) {this.delegate = initDelegate(wac);}}} }

在上這代碼中this.targetBeanName=getFilterName()就是獲取名稱叫做springSecurityFilterChain

通過(guò)在doFilter就去中我們會(huì)發(fā)現(xiàn)真正干活的其實(shí)是delegate這個(gè)Filter,而delegate其實(shí)就是FilterChainProxy

public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)throws ServletException, IOException {// Lazily initialize the delegate if necessary.Filter delegateToUse = this.delegate;if (delegateToUse == null) {synchronized (this.delegateMonitor) {delegateToUse = this.delegate;if (delegateToUse == null) {WebApplicationContext wac = findWebApplicationContext();if (wac == null) {throw new IllegalStateException("No WebApplicationContext found: " +"no ContextLoaderListener or DispatcherServlet registered?");}delegateToUse = initDelegate(wac);}this.delegate = delegateToUse;}}// Let the delegate perform the actual doFilter operation.invokeDelegate(delegateToUse, request, response, filterChain);}

FilterChainProxy是spring在解析配置文件時(shí)裝配到上下文中，并且beanName為springSecurityFilterChain，

因此在web.xml中需要配置filter-name為springSecurityFilterChain

總結(jié)

以上是生活随笔為你收集整理的springSecurity源码分析-springSecurityFilterChain的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。