在web.xml文件中配置

問題:為什么DelegatingFilterProxy的filter-name必須是springSecurityFilterChain?

DelegatingFilterProxy并不是真正的Filter，在其initFilterBean方法中會從WebApplicationContext根據delegate來獲取到?

protected void initFilterBean() throws ServletException {synchronized (this.delegateMonitor) {if (this.delegate == null) {// If no target bean name specified, use filter name.if (this.targetBeanName == null) {this.targetBeanName = getFilterName();}// Fetch Spring root application context and initialize the delegate early,// if possible. If the root application context will be started after this// filter proxy, we'll have to resort to lazy initialization.WebApplicationContext wac = findWebApplicationContext();if (wac != null) {this.delegate = initDelegate(wac);}}} }

在上這代碼中this.targetBeanName=getFilterName()就是獲取名稱叫做springSecurityFilterChain

通過在doFilter就去中我們會發現真正干活的其實是delegate這個Filter,而delegate其實就是FilterChainProxy

public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)throws ServletException, IOException {// Lazily initialize the delegate if necessary.Filter delegateToUse = this.delegate;if (delegateToUse == null) {synchronized (this.delegateMonitor) {delegateToUse = this.delegate;if (delegateToUse == null) {WebApplicationContext wac = findWebApplicationContext();if (wac == null) {throw new IllegalStateException("No WebApplicationContext found: " +"no ContextLoaderListener or DispatcherServlet registered?");}delegateToUse = initDelegate(wac);}this.delegate = delegateToUse;}}// Let the delegate perform the actual doFilter operation.invokeDelegate(delegateToUse, request, response, filterChain);}

FilterChainProxy是spring在解析配置文件時裝配到上下文中，并且beanName為springSecurityFilterChain，

因此在web.xml中需要配置filter-name為springSecurityFilterChain

總結

以上是生活随笔為你收集整理的springSecurity源码分析-springSecurityFilterChain的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。