新增全局过滤器认证鉴权，增强防渗透扫描处理

2025-10-21 11:07:23 +08:00 · 2021-04-12 03:22:01 +08:00
parent 8c6cd9a668
commit 15b0da6351
17 changed files with 342 additions and 47 deletions
--- a/sa-token-spring-boot-starter/src/main/java/cn/dev33/satoken/filter/SaServletFilter.java
+++ b/sa-token-spring-boot-starter/src/main/java/cn/dev33/satoken/filter/SaServletFilter.java
@@ -0,0 +1,56 @@
+package cn.dev33.satoken.filter;
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+import org.springframework.core.annotation.Order;
+
+import cn.dev33.satoken.SaTokenManager;
+import cn.dev33.satoken.util.SaTokenConsts;
+
+/**
+ * Servlet全局过滤器 
+ * @author kong
+ *
+ */
+@Order(SaTokenConsts.ASSEMBLY_ORDER)
+public class SaServletFilter implements Filter {
+
+	@Override
+	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+			throws IOException, ServletException {
+		
+		try {
+			// 执行全局过滤器 
+			SaTokenManager.getSaFilterStrategy().run(null);
+			
+		} catch (Throwable e) {
+			// 1. 获取异常处理策略结果 
+			Object result = SaTokenManager.getSaFilterErrorStrategy().run(e);
+			String resultString = String.valueOf(result);
+			
+			// 2. 写入输出流 
+			response.setContentType("text/plain; charset=utf-8"); 
+			response.getWriter().print(resultString);
+			return;
+		}
+		
+		// 执行 
+		chain.doFilter(request, response);
+	}
+
+	@Override
+	public void init(FilterConfig filterConfig) throws ServletException {
+	}
+	
+	@Override
+	public void destroy() {
+	}
+
+}