我需要在过滤器中使用自动装配.所以我使用@Component注释我的过滤器类,
import org.springframework.web.filter.GenericFilterBean;
@Component
public class TokenAuthorizationFilter extends GenericFilterBean {
@Autowired
public EnrollCashRepository enrollCashRepository;
}
然后我在SecurityConfig中添加我的过滤器,如下所示
@Configuration
@EnableWebMvcSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(WebSecurity webSecurity) throws Exception
{
webSecurity.ignoring().antMatchers(HttpMethod.GET, "/health");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterBefore(new TokenAuthorizationFilter(), BasicAuthenticationFilter.class);
http.authorizeRequests().antMatchers("/api/**").authenticated();
}
我的问题是我的过滤器被@Component注释调用了两次.如果我删除@Component注释,它只调用一次.
然后我在下面添加我的Spring启动主类中的修复程序.然后我在SecurityConfig中评论addFilterBefore行.
@Bean
public FilterRegistrationBean tokenAuthFilterRegistration() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(new PITokenAuthorizationFilter());
filterRegistrationBean.setOrder(1);
filterRegistrationBean.setEnabled(false);
return filterRegistrationBean;
}
但是我的过滤器被调用了一次.但即使我使setEnabled为true或false,当我调用我的rest api时,我得到403 Forbiddon错误,http:// localhost:8080/api/myservice
我怎样才能解决这种情况,我可以在Spring Filter中使用@Autowired?
编辑:添加控制器和Filter类,
@RestController
@RequestMapping(value = "/api")
public …