关于Filter中获取请求体body后再次读取的问题
更新时间:2022年03月15日 10:50:58 作者:fayeyiwang
这篇文章主要介绍了关于Filter中获取请求体body后再次读取的问题,具有很好的参考价值,希望对大家有所帮助。如有错误或未考虑完全的地方,望不吝赐教
Filter获取请求体body再次读取
工作需要,要将请求和响应做一些处理,写一个filter拦截请求,拦截request中body内容后,字符流关闭,controller取到的请求体内容为空。
从Request中获取输入流,InputStream只能被读取一次。
解决方案
给request添加一个包装类BodyWrapper,继承HttpServletRequestWrapper,
先从request中取输入流,读取流中的数据,然后重写getInputStream()和getReader()方法。
chain.doFilter(requestWrapper, response);
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.util.Enumeration;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import com.xera.fsafesso.HttpHelper;
public class BodyWrapper extends HttpServletRequestWrapper {undefined
private final byte[] body;
public BodyWrapper(HttpServletRequest request) throws IOException {undefined
super(request);
body = HttpHelper.getBodyString(request).getBytes(Charset.forName("UTF-8"));
}
@Override
public BufferedReader getReader() throws IOException {undefined
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {undefined
final ByteArrayInputStream bais = new ByteArrayInputStream(body);
return new ServletInputStream(){undefined
@Override
public int read() throws IOException {undefined
return bais.read();
}
@Override
public boolean isFinished() {undefined
return false;
}
@Override
public boolean isReady() {undefined
return false;
}
@Override
public void setReadListener(ReadListener arg0) {undefined
}
};
}
@Override
public String getHeader(String name) {undefined
return super.getHeader(name);
}
@Override
public Enumeration<String> getHeaderNames() {undefined
return super.getHeaderNames();
}
@Override
public Enumeration<String> getHeaders(String name) {undefined
return super.getHeaders(name);
}
}import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import javax.servlet.ServletRequest;
public class HttpHelper {undefined
/**
* 获取请求Body
* @param request
* @return
*/
public static String getBodyString(ServletRequest request) {undefined
StringBuilder sb = new StringBuilder();
InputStream inputStream = null;
BufferedReader reader = null;
try {undefined
inputStream = request.getInputStream();
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
String line = "";
while ((line = reader.readLine()) != null) {undefined
sb.append(line);
}
} catch (IOException e) {undefined
e.printStackTrace();
} finally {undefined
if (inputStream != null) {undefined
try {undefined
inputStream.close();
} catch (IOException e) {undefined
e.printStackTrace();
}
}
if (reader != null) {undefined
try {undefined
reader.close();
} catch (IOException e) {undefined
e.printStackTrace();
}
}
}
return sb.toString();
}
}Filter中写法如下:
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
Map<String, String> requestMap = this.getTypesafeRequestMap(httpServletRequest);
requestWrapper = new BodyWrapper(httpServletRequest);
String body = HttpHelper.getBodyString(requestWrapper);
log.info("loggingFilter---请求路径 {},请求参数 {},请求体内容 {}",httpServletRequest.getRequestURL(),requestMap,body);
chain.doFilter(requestWrapper, response);在使用注解的方式(即@WebFilter)声明过滤器时,
需要再main函数类上添加@ServletComponentScan(basePackages = "此处写明类地址,格式为包名+类名(如com.*)
Http请求解决body流一旦被读取了就无法二次读取情况
相信大家在工作当中,经常会遇到需要处理http请求及响应body的场景,这里最大的问题应该就是body中流以但被读取就无法二次读取了。
解决request请求流只能读取一次的问题
我们编写一个过滤器,这样就可以重写body了
package com.interceptor;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class MyFilter implements Filter {
private static String privateKey ;
public String getPrivateKey() {
return privateKey;
}
public void setPrivateKey(String key) {
privateKey = key;
}
/**
* 排除过滤路径
*/
List<String> ignore = Arrays.asList("/xxxx");
/**
* 前缀排除 如 /static/goods 排除
*/
List<String> ignorePrefix = Arrays.asList( "/css/", "/pop/", "/js/", "/static/", "/images/", "/favicon.ico");
/**
* 排除过滤路径
*/
List<String> ignoreSuffix = Arrays.asList("/test");
@Override
public void init(FilterConfig filterConfig) throws ServletException {
//过滤器初始化
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
// 防止流读取一次后就没有了, 所以需要将流继续写出去
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String uri = request.getServletPath();
response.setContentType("application/json;charset=UTF-8");
ServletRequest requestWrapper = null;
if(canIgnore(uri)) {
requestWrapper = new MyFilterBodyReaderHttpServletRequestWrapper(request);
filterChain.doFilter(requestWrapper, response);
return;
}
try {
requestWrapper = new MyFilterBodyReaderHttpServletRequestWrapper(request, response, privateKey);
} catch (Exception e) {
e.printStackTrace();
return;
}
filterChain.doFilter(requestWrapper, servletResponse);
}
@Override
public void destroy() {
//过滤器销毁
}
private boolean canIgnore(String uri) {
logger.info("过滤器 request uri : {} ",uri);
boolean isExcludedPage = false;
for (String page : ignore) {
if (uri.equals(page)) {
logger.info("请求路径不需要拦截,忽略该uri : {} ",uri);
isExcludedPage = true;
break;
}
}
for (String prefix : ignorePrefix) {
if (uri.startsWith(prefix)) {
logger.info("请求路径前缀[{}],不拦截该uri : {} ", prefix, uri);
isExcludedPage = true;
break;
}
}
for (String prefix : ignoreSuffix) {
if (uri.endsWith(prefix)) {
logger.info("请求路径后缀[{}],不拦截该uri : {} ", prefix, uri);
isExcludedPage = true;
break;
}
}
return isExcludedPage;
}
}
package com.interceptor;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.util.Map;
import javax.servlet.ReadListener;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import com.alibaba.fastjson.JSON;
/**
* @Description: TODO 过滤器处理requestbody获取一次就失效
*/
public class MyFilterBodyReaderHttpServletRequestWrapper extends HttpServletRequestWrapper {
private final byte[] body;
/**
* TODO 重写requestbody
* @param request
* @throws IOException
*/
public MyFilterBodyReaderHttpServletRequestWrapper(HttpServletRequest request) throws IOException {
super(request);
String sessionStream = getBodyString(request);
body = sessionStream.getBytes(Charset.forName("UTF-8"));
}
/**
* TODO 拦截解密,校验,重写requestbody
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
public MyFilterBodyReaderHttpServletRequestWrapper(HttpServletRequest request,HttpServletResponse response, String clientKey, Boolean ignoreCheckSign) throws Exception {
super(request);
String sessionStream = getBodyString(request);
Map paramMap = (Map) JSON.parse(sessionStream);
/**
*自己项目中与合作方的加解密内容
*如:String data= (String) paramMap.get("data");
* String json=xxxxxutil.decrypt(参数);
*/
body = json.getBytes(Charset.forName("UTF-8"));
}
/**
* TODO 获取请求Body
* @param request
* @return
* @throws
*/
public String getBodyString(final ServletRequest request) {
StringBuilder sb = new StringBuilder();
InputStream inputStream = null;
BufferedReader reader = null;
try {
inputStream = cloneInputStream(request.getInputStream());
reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
String line = "";
while ((line = reader.readLine()) != null) {
sb.append(line);
}
}
catch (IOException e) {
e.printStackTrace();
}
finally {
if (inputStream != null) {
try {
inputStream.close();
}
catch (IOException e) {
e.printStackTrace();
}
}
if (reader != null) {
try {
reader.close();
}
catch (IOException e) {
e.printStackTrace();
}
}
}
return sb.toString();
}
/**
* TODO 无参获取请求Body
* @return
* @throws
*/
public String getBodyString() {
if (body == null) {
return null;
}
String str = new String(body);
return str;
}
/**
* TODO 复制输入流
* @param inputStream
* @return
* @throws
*/
public InputStream cloneInputStream(ServletInputStream inputStream) {
ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
int len;
try {
while ((len = inputStream.read(buffer)) > -1) {
byteArrayOutputStream.write(buffer, 0, len);
}
byteArrayOutputStream.flush();
}
catch (IOException e) {
e.printStackTrace();
}
InputStream byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
return byteArrayInputStream;
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(body);
return new ServletInputStream() {
@Override
public int read() throws IOException {
return bais.read();
}
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
};
}
} 以上为个人经验,希望能给大家一个参考,也希望大家多多支持脚本之家。
相关文章
这篇文章主要介绍了Java的Shiro框架认证流程详解,Shiro 是一个功能强大和易于使用的安全框架,为开发人员提供一个直观而全面的解决方案的认证,授权,加密,会话管理四大功能,需要的朋友可以参考下2024-01-01
这篇文章主要介绍了Feign调用全局异常处理解决方案,具有很好的参考价值,希望对大家有所帮助。如有错误或未考虑完全的地方,望不吝赐教2021-06-06
Swagger是一个规范和完整的框架,用于生成、描述、调用和可视化 Restful 风格的 Web 服务。总体目标是使客户端和文件系统作为服务器以同样的速度来更新。文件的方法、参数和模型紧密集成到服务器端的代码,允许API来始终保持同步2022-07-07
这篇文章主要教大家如何简单实现Servlet文件下载功能,具有一定的参考价值,感兴趣的小伙伴们可以参考一下2017-09-09
SpringBoot+MybatisPlus+代码生成器整合示例
这篇文章主要介绍了SpringBoot+MybatisPlus+代码生成器整合示例,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧2020-03-03
监听器模式,大家应该并不陌生,主要的组成要素包括了事件、监听器以及广播器;当事件发生时,广播器负责将事件传递给所有已知的监听器,而监听器会对自己感兴趣的事件进行处理2022-07-07
Maven在Java8下如何忽略Javadoc的编译错误详解
这篇文章主要给大家介绍了关于Maven在Java8下如何忽略Javadoc的编译错误的相关资料,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧2018-08-08
这篇文章主要为大家详细介绍了如何利用Java语言实现网络资源的断点续传功能,文中的示例代码讲解详细,具有一定的学习价值,感兴趣的可以了解一下2022-10-10
这篇文章主要介绍了Java实现RSA算法的方法,结合实例形式分析了RSA算法的原理、实现与使用方法,需要的朋友可以参考下2018-03-03
这篇文章主要介绍了如何使用XPath提取xml文档数据,具有一定的参考价值,感兴趣的小伙伴们可以参考一下2019-08-08
最新评论