SoFunction
Updated on 2025-03-08

Spring Security Use the OncePerRequestFilter filter to verify log expired, request logs and other operations

Preface

OncePerRequestFilterIt is a filter, and each request will be executed once; in general, it is mainly used to check whether the login is logged in, whether the token has expired and authorized, and each operation is a filter, which will be demonstrated below.

OncePerRequestFilter

Check whether to log in to the expired filter

import .slf4j.Slf4j;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
/**
  * Check whether the login expires
  *
  * @author francis
  * @create: 2023-08-30 16:45
  **/
@Component
@Slf4j
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        ("Enter JwtAuthenticationTokenFilter...");
        /**
          * Take out the token from the request header
          */
        String token = ("token");
        if (token == null || ()) {
            // If you don't carry a token, then release it            (request, response);
            return;
        }
        /**
          * Check whether the token expires logic...
          */
        // Release        (request, response);
    }
}

Check whether to log in to the expired filter

import .slf4j.Slf4j;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
/**
  * Request log
  *
  * @author francis
  * @create: 2023-08-31 10:15
  **/
@Component
@Slf4j
public class OperationLogFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        ("OperationLogFilter ...");
        /**
          * Operation logging...
          */
        // Release        (request, response);
    }
}

SecurityConfiguration Configuration

import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
/**
  * Security Configuration Class
  *
  * @author francis
  * @create: 2023-08-30 14:19
  **/
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Autowired
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
    @Autowired
    private OperationLogFilter operationLogFilter;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                // Close csrf                .csrf().disable()
                // Not to obtain SecurityContext through Session                .sessionManagement().sessionCreationPolicy()
                .and()
                    .authorizeRequests()
                        // For login interface, allow anonymous access                        .antMatchers("/login")
                            .permitAll()
                        // All requests except the above require authentication                        .anyRequest()
                            .authenticated();
        //Execute before UsernamePasswordAuthenticationFilter        // TODO It should be noted that the order of the filters below is the order of execution, and it is impossible to change it with @Order        http
        		// Whether the login expires                .addFilterBefore(jwtAuthenticationTokenFilter, )
                // Request log                .addFilterBefore(operationLogFilter, );
    }
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return ();
    }
}

This is the article about Spring Security using the OncePerRequestFilter filter to verify login expiration, request logs, etc. This is the end. For more related Spring Security OncePerRequestFilter filter content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!