How to do filter mapping in AbstractAnnotationConfigDispatcherServletInitializer Spring

7
votes

Here is the problem: I can successfully register the Filter, but don't know how to set the mapping URL using this specific configuration.

Here is my Class:

public class WebInitializer extends
        AbstractAnnotationConfigDispatcherServletInitializer {

    @Override
    protected Class<?>[] getRootConfigClasses() {
        return new Class<?>[]{AppConfig.class};
    }

    @Override
    protected Class<?>[] getServletConfigClasses() {
        return new Class<?>[]{WebConfig.class};
    }

    @Override
    protected Filter[] getServletFilters() {

        return new Filter[]{
            new DelegatingFilterProxy("springSecurityFilterChain"),
            new DelegatingFilterProxy("customFilter")
        };
    }

    @Override
    protected String[] getServletMappings() {
        return new String[]{"/"};
    }
}

P.D. I had done it using WebApplicationInitializer, but I want to use AbstractAnnotationConfigDispatcherServletInitializer.

2
javaspringservlet-filtersspring-java-config
A DelegatingFolterProxy's purpose is to delegate to a Spring bean which implements the Filter interface, hence the filter mappings have to be in the definition of bean names you are passing as argument to DelegatingFilterProxy. - Anadi Misra
Can you show me a sample of how to do that? Its not that clear to me. - Charlires

2 Answers

9
votes

The only way I was able to do this was to use the FilterRegistration.Dynamic interface. In your WebInitializer class, add your custom filter manually in the onStartup method (an override from a superclass). There is no way that is more elegant at the moment to my knowledge.

@Override
public void onStartup(ServletContext servletContext)
        throws ServletException {
      FilterRegistration.Dynamic encodingFilter = servletContext.addFilter("my-filter", new MyFilter());
      encodingFilter.setInitParameter("blah", "blah");
      encodingFilter.addMappingForUrlPatterns(null, false, "/toBeFiltered/*");

    super.onStartup(servletContext);
}

If you want this filter to work correctly then it would be best for you to comment out the getServletFilters method you have overridden so that this filter is served back correctly from the servletContext.

-1
votes

For the springSecurityFilterChain, simply add this class to the same package as other configuration classes

@Order(2)
public class MyAppSecureWebAppInitializer extends
    AbstractSecurityWebApplicationInitializer {

  @Override
  protected boolean enableHttpSessionEventPublisher() {
    return true;
  }
}

The AbstractSecurityWebApplicationInitializer (from javadocs)

Registers the DelegatingFilterProxy to use the springSecurityFilterChain before any other registered Filter. When used with AbstractSecurityWebApplicationInitializer(Class), it will also register a ContextLoaderListener. When used with AbstractSecurityWebApplicationInitializer(), this class is typically used in addition to a subclass of AbstractContextLoaderInitializer.

By default the DelegatingFilterProxy is registered without support, but can be enabled by overriding isAsyncSecuritySupported() and getSecurityDispatcherTypes().

Additional configuration before and after the springSecurityFilterChain can be added by overriding afterSpringSecurityFilterChain(ServletContext).

And from the spring security example in Github

@Override
protected Filter[] getServletFilters() {
    CharacterEncodingFilter encodingFilter = new CharacterEncodingFilter();
    encodingFilter.setEncoding("UTF-8");
    encodingFilter.setForceEncoding(true);

    DelegatingFilterProxy reconnectDelegate = new DelegatingFilterProxy("apiExceptionHandler");

    return new Filter[] { reconnectDelegate, encodingFilter, new HiddenHttpMethodFilter() };
}