如何在过滤器中获取 servlet 的元信息?
ways to get meta info of servlet in filter?
我想以声明的方式向 servlet 方法添加权限,例如:
// servlet
@Perms("admin", "finance")
public void doPost(servletRequest req, servletResponse res) {
...
}
// web filter
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
List<String> allowedRoles = ... // somehow get values from @Perms
}
可能有一些其他方法可以在没有注释的情况下做到这一点,这只是我想做的想法的例子。
或者更抽象的例子:
@WebServlet("/someaddress")
// servlet
@What("have a nice day")
public void doPost(servletRequest req, servletResponse res) {
...
}
@WebFilter("/*")
// web filter
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
String msg = ... // somehow get values from @What
}
这是解决方案
- 声明注解
@Retention(RetentionPolicy.RUNTIME)
public @interface What {
String[] value();
}
- 覆盖 servlet 中的
init 方法(我认为声明另一个 class 将很有用,所有 servlet 都将继承该 init)
@Override
public void init() throws ServletException {
ServletContext ctx = this.getServletContext();
final Class[] sFormalArgs = {HttpServletRequest.class,HttpServletResponse.class};
try {
Method m = this.getClass().getDeclaredMethod("doGet", sFormalArgs); // do the same with other methods
What a = m.getAnnotation(What.class);
String[] value = a.value();
ctx.setAttribute("someStuff", value);
} catch (NoSuchMethodException e) {
e.printStackTrace();
}
}
- 给方法添加注解
@What({"admin", "finance"})
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
{
....
}
- 在网络过滤器中获取它
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain
) {
HttpServletRequest req = (HttpServletRequest) servletRequest;
ServletContext ctx = req.getServletContext();
Object o = ctx.getAttribute("someStuff");
}
不要忘记处理错误和多线程问题
我想以声明的方式向 servlet 方法添加权限,例如:
// servlet
@Perms("admin", "finance")
public void doPost(servletRequest req, servletResponse res) {
...
}
// web filter
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
List<String> allowedRoles = ... // somehow get values from @Perms
}
可能有一些其他方法可以在没有注释的情况下做到这一点,这只是我想做的想法的例子。
或者更抽象的例子:
@WebServlet("/someaddress")
// servlet
@What("have a nice day")
public void doPost(servletRequest req, servletResponse res) {
...
}
@WebFilter("/*")
// web filter
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
String msg = ... // somehow get values from @What
}
这是解决方案
- 声明注解
@Retention(RetentionPolicy.RUNTIME)
public @interface What {
String[] value();
}
- 覆盖 servlet 中的
init方法(我认为声明另一个 class 将很有用,所有 servlet 都将继承该init)
@Override
public void init() throws ServletException {
ServletContext ctx = this.getServletContext();
final Class[] sFormalArgs = {HttpServletRequest.class,HttpServletResponse.class};
try {
Method m = this.getClass().getDeclaredMethod("doGet", sFormalArgs); // do the same with other methods
What a = m.getAnnotation(What.class);
String[] value = a.value();
ctx.setAttribute("someStuff", value);
} catch (NoSuchMethodException e) {
e.printStackTrace();
}
}
- 给方法添加注解
@What({"admin", "finance"})
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
{
....
}
- 在网络过滤器中获取它
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain
) {
HttpServletRequest req = (HttpServletRequest) servletRequest;
ServletContext ctx = req.getServletContext();
Object o = ctx.getAttribute("someStuff");
}
不要忘记处理错误和多线程问题