溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務(wù)條款》

springboot攔截器過濾token并返回結(jié)果及異常怎么處理

發(fā)布時間:2020-10-30 15:38:26 來源:億速云 閱讀:711 作者:Leah 欄目:開發(fā)技術(shù)

本篇文章給大家分享的是有關(guān)springboot攔截器過濾token并返回結(jié)果及異常怎么處理,小編覺得挺實用的,因此分享給大家學習,希望大家閱讀完這篇文章后可以有所收獲,話不多說,跟著小編一起來看看吧。

1.springboot 攔截器處理過濾token,并且返回結(jié)果

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;

@Component
public class ECInterceptor implements HandlerInterceptor {
  /**
   * @Description 在業(yè)務(wù)處理器處理請求之前被調(diào)用。預(yù)處理,可以進行編碼、安全控制等處理;
   * @Date 2019/5/14 16:04
   * @Version 1.0
   */
  @Override
  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    System.out.println(request.getRequestURL()+"===========preHandle===========");
    String token = request.getParameter("token");
    if(StringUtils.isNotEmpty(token)){
      Subject subject = ShiroUtil.getSubject(token);
      if(subject != null && subject.isAuthenticated()){
        return true;
      } else{
        //返回校驗token結(jié)果
        returnJson(response);
        // return false; //我做的時候返回數(shù)據(jù)后忘記return false了,所以導(dǎo)致異常
      }
    }
    return true;
  }

  @Override
  public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) throws Exception {
    System.out.println(request.getContextPath()+"============postHandle==========");
  }
  /**
   * @Description 在DispatcherServlet完全處理完請求后被調(diào)用,也就是說視圖渲染已經(jīng)完畢或者調(diào)用者已經(jīng)拿到結(jié)果
   * @Date 2019/5/14 16:05
   * @Version 1.0
   */
  @Override
  public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
    System.out.println(request.getContextPath()+"============afterCompletion==========");
  }
  private void returnJson(HttpServletResponse response){
    PrintWriter writer = null;
    response.setCharacterEncoding("UTF-8");
    response.setContentType("application/json; charset=utf-8");
    try {
      writer = response.getWriter();
      Map<String, Object> result = PackageReturnResult.returnJson(400, "用戶令牌token無效");
      result.put("data", null);
      writer.print(result);
    } catch (IOException e){
      LoggerUtil.logError(ECInterceptor.class, "攔截器輸出流異常"+e);
    } finally {
      if(writer != null){
        writer.close();
      }
    }
  }
}

2.java.lang.IllegalStateException: getWriter() has already been called for this response異常

我再做攔截器處理response數(shù)據(jù)后忘記return false返回,導(dǎo)致攔截器被調(diào)用兩次,報java.lang.IllegalStateException: getWriter() has already been called for this response異常,犯這樣低級錯誤花了很長時間才解決,謹記?。?!

[2019-05-27 09:27:17.690] [http-nio-8080-exec-1        ] [ERROR] [o.a.c.c.C.[.[.[.[dispatcherServlet] :175 ] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.lang.IllegalStateException: getWriter() has already been called for this response] with root cause
java.lang.IllegalStateException: getWriter() has already been called for this response
	at org.apache.catalina.connector.Response.getOutputStream(Response.java:548)
	at org.apache.catalina.connector.ResponseFacade.getOutputStream(ResponseFacade.java:210)
	at javax.servlet.ServletResponseWrapper.getOutputStream(ServletResponseWrapper.java:105)
	at org.springframework.http.server.ServletServerHttpResponse.getBody(ServletServerHttpResponse.java:83)
	at org.springframework.http.converter.json.AbstractJackson2HttpMessageConverter.writeInternal(AbstractJackson2HttpMessageConverter.java:255)
	at org.springframework.http.converter.AbstractGenericHttpMessageConverter.write(AbstractGenericHttpMessageConverter.java:103)
	at org.springframework.web.servlet.mvc.method.annotation.AbstractMessageConverterMethodProcessor.writeWithMessageConverters(AbstractMessageConverterMethodProcessor.java:290)
	at org.springframework.web.servlet.mvc.method.annotation.RequestResponseBodyMethodProcessor.handleReturnValue(RequestResponseBodyMethodProcessor.java:180)
	at com.uufund.ecapi.config.returnvalue.HandlerMethodReturnValueHandlerProxy.handleReturnValue(HandlerMethodReturnValueHandlerProxy.java:40)
	at org.springframework.web.method.support.HandlerMethodReturnValueHandlerComposite.handleReturnValue(HandlerMethodReturnValueHandlerComposite.java:82)
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:119)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:892)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:797)
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
	at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:897)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449)
	at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365)
	at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
	at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
	at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:362)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at com.uufund.ecapi.config.filter.ECWebFilter.doFilter(ECWebFilter.java:24)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

補充知識:springboot 攔截器過濾權(quán)限和錯誤處理

先說異常處理,增加一個異常處理的類MyControllerAdvice就可以了,不需要其他地方使用,注意使用注解@ControllerAdvice

@ControllerAdvice
public class MyControllerAdvice {
  @Resource
  GetRootPath getRootPath;
  private static final Logger logger = LoggerFactory.getLogger(MyControllerAdvice.class);

  public void output(Object json, HttpServletRequest request, HttpServletResponse response) throws IOException {
    String header = request.getHeader("Origin");
    response.setContentType("application/json;charset=UTF-8;");
    PrintWriter out = response.getWriter();
    out.println(json);
    out.flush();
    out.close();
  }

  /***
   * 404處理
   * @param e
   * @return
   */
  @ExceptionHandler(NoHandlerFoundException.class)
  public void notFountHandler(HttpServletRequest request, HttpServletResponse response, Model model, NoHandlerFoundException e) throws IOException, JSONException {
    JSONObject json = new JSONObject();
    json.put("code", 500);
    json.put("content", null);
    json.put("msg", "未找到路徑:"+request.getServletPath());
    output(json,request,response);
  }

  /**
   * 運行時異常
   *
   * @param exception
   * @return
   */
  @ExceptionHandler({RuntimeException.class})
  @ResponseStatus(HttpStatus.OK)
  public void processException(HttpServletRequest request, HttpServletResponse response, Model model, RuntimeException exception) throws JSONException, IOException {
    JSONObject json = new JSONObject();
    json.put("code", 500);
    json.put("content", null);
    json.put("msg", exception.getMessage());
    output(json,request,response);
  }

  /**
   * Excepiton異常
   *
   * @param exception
   * @return
   */
  @ExceptionHandler({Exception.class})
  @ResponseStatus(HttpStatus.OK)
  public void processException(HttpServletRequest request, HttpServletResponse response, Model model, Exception exception) throws JSONException, IOException {
    JSONObject json = new JSONObject();
    json.put("code", 500);
    json.put("content", null);
    json.put("msg", exception.getMessage());
    output(json,request,response);
  }
}

再來權(quán)限驗證的,接手的項目框架中只有驗證是否登錄的,沒有驗收權(quán)限的,增加一個類WebMvcConfig,注意使用注解@Configuration, 不需要在其他地方引用即可起作用,并注意使用excludePathPatterns去掉不需要攔截的部分,否則會攔截掉靜態(tài)資源。

@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
 
  /**
   * 添加攔截器
   */
  @Override
  public void addInterceptors(InterceptorRegistry registry) {
    //靜態(tài)資源不攔截
    registry.addInterceptor(new LoginInterceptor()).addPathPatterns("/**").excludePathPatterns("/static/**");
  }
}

增加攔截器類LoginInterceptor

public class LoginInterceptor extends HandlerInterceptorAdapter {

  /**
   * 檢查是否已經(jīng)登錄
   */
  @Override
  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    Object username = request.getSession().getAttribute(Constants.LOGIN_USER);
    String servletPath = request.getServletPath();
    String type = request.getHeader("X-Requested-With") == null &#63; "" : request.getHeader("X-Requested-With");

    if (username != null) {
      //檢查頁面訪問的權(quán)限
      if (!"XMLHttpRequest".equals(type)) {
        int userId = Integer.valueOf(request.getSession().getAttribute(Constants.LOGIN_USERID).toString());
        List<ModuleEntity> moduleList = (List<ModuleEntity>) request.getSession().getAttribute(Constants.USER_MODULE);
        boolean chkResult = methodPermissionLimit(moduleList, servletPath);
        if(!chkResult){
          JSONObject outputMSg = new JSONObject();
          outputMSg.put("code", 500);
          outputMSg.put("content", "");
          outputMSg.put("msg", "沒有權(quán)限");
          output(outputMSg, request, response);
          return false;
        }else{
          return true;
        }
      } else {
        //如果是json訪問,則不做檢查
        return true;
      }
    } else {
      //檢查是否登錄允許
      if (methodLoginLimit(handler)) {
        return true;
      } else {
        if ("XMLHttpRequest".equals(type)) {
          JSONObject outputMSg = new JSONObject();
          outputMSg.put("code", 500);
          outputMSg.put("content", "");
          outputMSg.put("msg", "登錄過期,請重新登陸");
          output(outputMSg, request, response);
          return false;
        } else {
          String redirectUrl = request.getContextPath() + "/login";
          response.sendRedirect(redirectUrl);
          return false;
        }
      }
    }
  }

  public boolean methodLoginLimit(Object handler) {
    HandlerMethod method = (HandlerMethod) handler;
    //獲取當前方法PermessionLimit
    LoginLimit loginLimit = method.getMethodAnnotation(LoginLimit.class);
    if (loginLimit == null) {
      //獲取控制器的PermessionLimit
      loginLimit = method.getMethod().getDeclaringClass().getAnnotation(LoginLimit.class);
    }
    if (loginLimit != null && !loginLimit.limit()) {
      return true;
    } else {
      return false;
    }
  }

  /**
   * 檢查權(quán)限
   *
   * @param moduleList
   * @param path
   * @return
   */
  public boolean methodPermissionLimit(List<ModuleEntity> moduleList, String path) {
    boolean havePermission = moduleList.stream().anyMatch(f->f.getPath().toLowerCase().equals(path.toLowerCase()));
    return havePermission;
  }

  public void output(Object json, HttpServletRequest request, HttpServletResponse response) throws IOException {
    String header = request.getHeader("Origin");
    response.setContentType("application/json;charset=UTF-8;");
    PrintWriter out = response.getWriter();
    out.println(json);
    out.flush();
    out.close();
  }
}

這樣的攔截器只對頁面地址進行攔截,對ajax提交的數(shù)據(jù)不做處理,做普通項目的權(quán)限過濾是可以了。

以上就是springboot攔截器過濾token并返回結(jié)果及異常怎么處理,小編相信有部分知識點可能是我們?nèi)粘9ぷ鲿姷交蛴玫降摹OM隳芡ㄟ^這篇文章學到更多知識。更多詳情敬請關(guān)注億速云行業(yè)資訊頻道。

向AI問一下細節(jié)

免責聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點不代表本網(wǎng)站立場,如果涉及侵權(quán)請聯(lián)系站長郵箱:is@yisu.com進行舉報,并提供相關(guān)證據(jù),一經(jīng)查實,將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI