登录
当前位置: 首页 > 工具软件 > SecurityFilter > 使用案例 >

Security Filters顺序

姬实
2023-12-01

Security Filters顺序

Security Filter通过SecurityFilterChain 被插入到FilterChainProxy中。过滤器的顺序很重要,但通常不需要知道Spring Security过滤器的顺序。然而,有些时候,知道顺序是有益的。

你可以通过FilterOrderRegistration查看过滤器的顺序

FilterOrderRegistration.java

FilterOrderRegistration() {
   Step order = new Step(INITIAL_ORDER, ORDER_STEP);
   put(ChannelProcessingFilter.class, order.next());
   order.next(); // gh-8105
   put(WebAsyncManagerIntegrationFilter.class, order.next());
   put(SecurityContextPersistenceFilter.class, order.next());
   put(HeaderWriterFilter.class, order.next());
   put(CorsFilter.class, order.next());
   put(CsrfFilter.class, order.next());
   put(LogoutFilter.class, order.next());
   this.filterToOrder.put(
         "org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter",
         order.next());
   this.filterToOrder.put(
         "org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter",
         order.next());
   put(X509AuthenticationFilter.class, order.next());
   put(AbstractPreAuthenticatedProcessingFilter.class, order.next());
   this.filterToOrder.put("org.springframework.security.cas.web.CasAuthenticationFilter", order.next());
   this.filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter",
         order.next());
   this.filterToOrder.put(
         "org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter",
         order.next());
   put(UsernamePasswordAuthenticationFilter.class, order.next());
   order.next(); // gh-8105
   this.filterToOrder.put("org.springframework.security.openid.OpenIDAuthenticationFilter", order.next());
   put(DefaultLoginPageGeneratingFilter.class, order.next());
   put(DefaultLogoutPageGeneratingFilter.class, order.next());
   put(ConcurrentSessionFilter.class, order.next());
   put(DigestAuthenticationFilter.class, order.next());
   this.filterToOrder.put(
         "org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter",
         order.next());
   put(BasicAuthenticationFilter.class, order.next());
   put(RequestCacheAwareFilter.class, order.next());
   put(SecurityContextHolderAwareRequestFilter.class, order.next());
   put(JaasApiIntegrationFilter.class, order.next());
   put(RememberMeAuthenticationFilter.class, order.next());
   put(AnonymousAuthenticationFilter.class, order.next());
   this.filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter",
         order.next());
   put(SessionManagementFilter.class, order.next());
   put(ExceptionTranslationFilter.class, order.next());
   put(FilterSecurityInterceptor.class, order.next());
   put(AuthorizationFilter.class, order.next());
   put(SwitchUserFilter.class, order.next());
}
//通过next()设置order
//每次的order都是上次order+ORDER_STEP(默认为100)
int next() {
    int value = this.value;
    this.value += this.stepSize;
    return value;
}

 类似资料:

相关阅读

goroutines执行顺序json.dumps弄乱顺序SqlBulkCopy插入顺序MYSQL:顺序号表Postgres自然顺序

相关文章

顺序查找算法三元组顺序表顺序队列(Sequential Queue)顺丰面经顺丰 测开

相关问答

JavaFX:StackPane顺序转换Maven依赖顺序并行排序顺序Tricentis Tosca输入顺序Flyway初始化顺序

相关文档

C 程序设计如何成为优秀的程序员Windows 程序设计十大经典排序算法JavaScript 高级程序设计(第3版)
快捷导航: 新手教程 算法原理 架构设计 Java进阶 数据库进阶 大厂专栏 面试经验 编程笔记 编程问答 所有专题 文档资料 工具软件 电子书籍 小牛导航
在线工具: 房贷计算器 个税计算器 Linux命令查询 Json格式化 正则表达式 颜色转换 AES加解密 SHA1加密 MD5加密 毒鸡汤 字数统计 随机密码生成 进制转换 Base64编解码 励志句子
Copyright © 2019-2024 小牛知识库@xnip.cn. All Rights Reserved.