首页 > 其他分享 >使用单例获取yml配置的接口List,来为过滤器设置白名单

使用单例获取yml配置的接口List,来为过滤器设置白名单

时间:2023-06-08 11:57:44浏览次数:41  
标签:Users repository YIQI List jar 单例 m2 白名单 org

最近在涉及登录访问接口的问题,服务器被人给攻击了,考虑给接口加白名单,如果用注解的方式还要跑到接口上去加代码也不够灵活,那么如何使用过滤器来实现呢?

让我们来用demo实现看看。

第一步、首先新建一个demo项目

jdk11

新建一个springboot项目,配置pom.xml

 1 <?xml version="1.0" encoding="UTF-8"?>
 2 <project xmlns="http://maven.apache.org/POM/4.0.0"
 3          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 5     <modelVersion>4.0.0</modelVersion>
 6 
 7     <groupId>org.example</groupId>
 8     <artifactId>demo</artifactId>
 9     <version>1.0-SNAPSHOT</version>
10 
11     <properties>
12         <maven.compiler.source>11</maven.compiler.source>
13         <maven.compiler.target>11</maven.compiler.target>
14     </properties>
15 
16     <dependencies>
17         <dependency>
18             <groupId>org.springframework.boot</groupId>
19             <artifactId>spring-boot-starter-web</artifactId>
20             <version>2.7.7</version>
21         </dependency>
22         <dependency>
23             <groupId>org.springframework.boot</groupId>
24             <artifactId>spring-boot-starter-test</artifactId>
25             <version>2.7.7</version>
26         </dependency>
27         <dependency>
28             <groupId>org.springframework.boot</groupId>
29             <artifactId>spring-boot-configuration-processor</artifactId>
30             <version>2.7.7</version>
31         </dependency>
32     </dependencies>
33 
34 </project>
View Code

 新建一个启动类 DanielApplication

 1 package com.daniel.web;
 2 
 3 import org.springframework.boot.SpringApplication;
 4 import org.springframework.boot.autoconfigure.SpringBootApplication;
 5 
 6 @SpringBootApplication
 7 public class DanielApplication {
 8 
 9     public static void main(String[] args) {
10         SpringApplication.run(DanielApplication.class, args);
11     }
12 }
View Code

新建一个TestController

 1 package com.daniel.web.controller;
 2 
 3 import org.springframework.web.bind.annotation.GetMapping;
 4 import org.springframework.web.bind.annotation.PathVariable;
 5 import org.springframework.web.bind.annotation.RequestMapping;
 6 import org.springframework.web.bind.annotation.RestController;
 7 
 8 @RestController
 9 @RequestMapping("/test")
10 public class TestController {
11 
12     @GetMapping("/hi/{name}")
13     public String test(@PathVariable("name") String name) {
14 
15         return "hi~ " + name;
16     }
17 }
View Code

测试一下接口

 

第二步、使用filter

新建DanielFilter

 1 package com.daniel.web.filter;
 2 
 3 import com.daniel.web.config.WhiteListConfig;
 4 
 5 import javax.servlet.*;
 6 import java.io.IOException;
 7 
 8 public class DanielFilter implements Filter {
 9 
10     @Override
11     public void init(FilterConfig filterConfig) throws ServletException {
12         System.out.println("init DanielFilter");
13     }
14 
15     @Override
16     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
17         System.out.println("test dofilter");
18         WhiteListConfig whiteListConfig = WhiteListConfig.getWhiteListConfig();
19 
20         System.out.println(whiteListConfig.getWhiteList() == null ? 0 : whiteListConfig.getWhiteList().size());
21         filterChain.doFilter(servletRequest,servletResponse);
22     }
23 }
View Code

新建Filter配置类FilterConfig

 1 package com.daniel.web.config;
 2 
 3 import com.daniel.web.filter.DanielFilter;
 4 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 5 import org.springframework.context.annotation.Bean;
 6 import org.springframework.context.annotation.Configuration;
 7 
 8 @Configuration
 9 public class FilterConfig {
10 
11     @Bean
12     public FilterRegistrationBean<DanielFilter> registryDanielFilter() {
13         FilterRegistrationBean<DanielFilter> bean = new FilterRegistrationBean<>();
14         bean.setFilter(new DanielFilter());
15         bean.addUrlPatterns("/*");
16         bean.setOrder(1);
17         return bean;
18     }
19 }
View Code

 访问接口,日志如下

 

第三步、创建yml文件,创建单例类获取数据

新建application.yml文件

 1 dog:
 2   name: Andy
 3   age: 3
 4   hobbies:
 5     - eat
 6     - play
 7     - swimming
 8 
 9 uri:
10   whiteList:
11     - /user/
12     - /name/
View Code

新建 WhiteListConfig

 1 package com.daniel.web.config;
 2 
 3 import org.springframework.boot.context.properties.ConfigurationProperties;
 4 import org.springframework.stereotype.Component;
 5 
 6 import java.util.List;
 7 
 8 @Component
 9 @ConfigurationProperties(prefix = "uri")
10 public class WhiteListConfig {
11 
12     private WhiteListConfig(){
13         System.out.println("create WhiteListConfig");
14     }
15 
16     private static final WhiteListConfig whiteListConfig = new WhiteListConfig();
17 
18     public static WhiteListConfig getWhiteListConfig(){
19         return whiteListConfig;
20     }
21 
22     private static List<String> whiteList;
23 
24     public List<String> getWhiteList() {
25         return whiteList;
26     }
27 
28     public void setWhiteList(List<String> whiteList) {
29         System.out.println("use set method modify whiteList");
30         WhiteListConfig.whiteList = whiteList;
31     }
32 }
View Code

 

完成后启动springboot并访问接口,查看log

 1 D:\dev\jdk11\bin\java.exe -agentlib:jdwp=transport=dt_socket,address=127.0.0.1:52562,suspend=y,server=n -XX:TieredStopAtLevel=1 -noverify -Dspring.output.ansi.enabled=always -javaagent:C:\Users\YIQI\AppData\Local\JetBrains\IntelliJIdea2020.3\captureAgent\debugger-agent.jar -Dcom.sun.management.jmxremote -Dspring.jmx.enabled=true -Dspring.liveBeansView.mbeanDomain -Dspring.application.admin.enabled=true -Dfile.encoding=UTF-8 -classpath "E:\javacode\demo\target\classes;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-starter-web\2.7.7\spring-boot-starter-web-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-starter\2.7.7\spring-boot-starter-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot\2.7.7\spring-boot-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-autoconfigure\2.7.7\spring-boot-autoconfigure-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-starter-logging\2.7.7\spring-boot-starter-logging-2.7.7.jar;C:\Users\YIQI\.m2\repository\ch\qos\logback\logback-classic\1.2.11\logback-classic-1.2.11.jar;C:\Users\YIQI\.m2\repository\ch\qos\logback\logback-core\1.2.11\logback-core-1.2.11.jar;C:\Users\YIQI\.m2\repository\org\apache\logging\log4j\log4j-to-slf4j\2.17.2\log4j-to-slf4j-2.17.2.jar;C:\Users\YIQI\.m2\repository\org\apache\logging\log4j\log4j-api\2.17.2\log4j-api-2.17.2.jar;C:\Users\YIQI\.m2\repository\org\slf4j\jul-to-slf4j\1.7.36\jul-to-slf4j-1.7.36.jar;C:\Users\YIQI\.m2\repository\jakarta\annotation\jakarta.annotation-api\1.3.5\jakarta.annotation-api-1.3.5.jar;C:\Users\YIQI\.m2\repository\org\yaml\snakeyaml\1.30\snakeyaml-1.30.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-starter-json\2.7.7\spring-boot-starter-json-2.7.7.jar;C:\Users\YIQI\.m2\repository\com\fasterxml\jackson\core\jackson-databind\2.13.4.2\jackson-databind-2.13.4.2.jar;C:\Users\YIQI\.m2\repository\com\fasterxml\jackson\core\jackson-annotations\2.13.4\jackson-annotations-2.13.4.jar;C:\Users\YIQI\.m2\repository\com\fasterxml\jackson\core\jackson-core\2.13.4\jackson-core-2.13.4.jar;C:\Users\YIQI\.m2\repository\com\fasterxml\jackson\datatype\jackson-datatype-jdk8\2.13.4\jackson-datatype-jdk8-2.13.4.jar;C:\Users\YIQI\.m2\repository\com\fasterxml\jackson\datatype\jackson-datatype-jsr310\2.13.4\jackson-datatype-jsr310-2.13.4.jar;C:\Users\YIQI\.m2\repository\com\fasterxml\jackson\module\jackson-module-parameter-names\2.13.4\jackson-module-parameter-names-2.13.4.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-starter-tomcat\2.7.7\spring-boot-starter-tomcat-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\apache\tomcat\embed\tomcat-embed-core\9.0.70\tomcat-embed-core-9.0.70.jar;C:\Users\YIQI\.m2\repository\org\apache\tomcat\embed\tomcat-embed-el\9.0.70\tomcat-embed-el-9.0.70.jar;C:\Users\YIQI\.m2\repository\org\apache\tomcat\embed\tomcat-embed-websocket\9.0.70\tomcat-embed-websocket-9.0.70.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-web\5.3.24\spring-web-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-beans\5.3.24\spring-beans-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-webmvc\5.3.24\spring-webmvc-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-aop\5.3.24\spring-aop-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-context\5.3.24\spring-context-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-expression\5.3.24\spring-expression-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-starter-test\2.7.7\spring-boot-starter-test-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-test\2.7.7\spring-boot-test-2.7.7.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-test-autoconfigure\2.7.7\spring-boot-test-autoconfigure-2.7.7.jar;C:\Users\YIQI\.m2\repository\com\jayway\jsonpath\json-path\2.7.0\json-path-2.7.0.jar;C:\Users\YIQI\.m2\repository\net\minidev\json-smart\2.4.7\json-smart-2.4.7.jar;C:\Users\YIQI\.m2\repository\net\minidev\accessors-smart\2.4.7\accessors-smart-2.4.7.jar;C:\Users\YIQI\.m2\repository\org\ow2\asm\asm\9.1\asm-9.1.jar;C:\Users\YIQI\.m2\repository\org\slf4j\slf4j-api\1.7.33\slf4j-api-1.7.33.jar;C:\Users\YIQI\.m2\repository\jakarta\xml\bind\jakarta.xml.bind-api\2.3.3\jakarta.xml.bind-api-2.3.3.jar;C:\Users\YIQI\.m2\repository\jakarta\activation\jakarta.activation-api\1.2.2\jakarta.activation-api-1.2.2.jar;C:\Users\YIQI\.m2\repository\org\assertj\assertj-core\3.22.0\assertj-core-3.22.0.jar;C:\Users\YIQI\.m2\repository\org\hamcrest\hamcrest\2.2\hamcrest-2.2.jar;C:\Users\YIQI\.m2\repository\org\junit\jupiter\junit-jupiter\5.8.2\junit-jupiter-5.8.2.jar;C:\Users\YIQI\.m2\repository\org\junit\jupiter\junit-jupiter-api\5.8.2\junit-jupiter-api-5.8.2.jar;C:\Users\YIQI\.m2\repository\org\opentest4j\opentest4j\1.2.0\opentest4j-1.2.0.jar;C:\Users\YIQI\.m2\repository\org\junit\platform\junit-platform-commons\1.8.2\junit-platform-commons-1.8.2.jar;C:\Users\YIQI\.m2\repository\org\apiguardian\apiguardian-api\1.1.2\apiguardian-api-1.1.2.jar;C:\Users\YIQI\.m2\repository\org\junit\jupiter\junit-jupiter-params\5.8.2\junit-jupiter-params-5.8.2.jar;C:\Users\YIQI\.m2\repository\org\junit\jupiter\junit-jupiter-engine\5.8.2\junit-jupiter-engine-5.8.2.jar;C:\Users\YIQI\.m2\repository\org\junit\platform\junit-platform-engine\1.8.2\junit-platform-engine-1.8.2.jar;C:\Users\YIQI\.m2\repository\org\mockito\mockito-core\4.5.1\mockito-core-4.5.1.jar;C:\Users\YIQI\.m2\repository\net\bytebuddy\byte-buddy\1.12.9\byte-buddy-1.12.9.jar;C:\Users\YIQI\.m2\repository\net\bytebuddy\byte-buddy-agent\1.12.9\byte-buddy-agent-1.12.9.jar;C:\Users\YIQI\.m2\repository\org\objenesis\objenesis\3.2\objenesis-3.2.jar;C:\Users\YIQI\.m2\repository\org\mockito\mockito-junit-jupiter\4.5.1\mockito-junit-jupiter-4.5.1.jar;C:\Users\YIQI\.m2\repository\org\skyscreamer\jsonassert\1.5.1\jsonassert-1.5.1.jar;C:\Users\YIQI\.m2\repository\com\vaadin\external\google\android-json\0.0.20131108.vaadin1\android-json-0.0.20131108.vaadin1.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-core\5.3.24\spring-core-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-jcl\5.3.24\spring-jcl-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\springframework\spring-test\5.3.24\spring-test-5.3.24.jar;C:\Users\YIQI\.m2\repository\org\xmlunit\xmlunit-core\2.9.0\xmlunit-core-2.9.0.jar;C:\Users\YIQI\.m2\repository\org\springframework\boot\spring-boot-configuration-processor\2.7.7\spring-boot-configuration-processor-2.7.7.jar;D:\dev\idea\IntelliJ IDEA 2020.3.4\lib\idea_rt.jar" com.daniel.web.DanielApplication
 2 Connected to the target VM, address: '127.0.0.1:52562', transport: 'socket'
 3 
 4   .   ____          _            __ _ _
 5  /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
 6 ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 7  \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
 8   '  |____| .__|_| |_|_| |_\__, | / / / /
 9  =========|_|==============|___/=/_/_/_/
10  :: Spring Boot ::                (v2.7.7)
11 
12 2023-06-08 10:58:17.247  INFO 9536 --- [           main] com.daniel.web.DanielApplication         : Starting DanielApplication using Java 11.0.19 on WORK-LAPTOP-02 with PID 9536 (E:\javacode\demo\target\classes started by YIQI in E:\javacode\demo)
13 2023-06-08 10:58:17.247  INFO 9536 --- [           main] com.daniel.web.DanielApplication         : No active profile set, falling back to 1 default profile: "default"
14 2023-06-08 10:58:18.554  INFO 9536 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)
15 2023-06-08 10:58:18.570  INFO 9536 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
16 2023-06-08 10:58:18.570  INFO 9536 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.70]
17 2023-06-08 10:58:18.726  INFO 9536 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
18 2023-06-08 10:58:18.726  INFO 9536 --- [           main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 1382 ms
19 init DanielFilter
20 create WhiteListConfig
21 create WhiteListConfig
22 use set method modify whiteList
23 2023-06-08 10:58:19.289  INFO 9536 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
24 2023-06-08 10:58:19.304  INFO 9536 --- [           main] com.daniel.web.DanielApplication         : Started DanielApplication in 3.027 seconds (JVM running for 5.242)
25 2023-06-08 10:58:28.568  INFO 9536 --- [nio-8080-exec-1] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring DispatcherServlet 'dispatcherServlet'
26 2023-06-08 10:58:28.569  INFO 9536 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Initializing Servlet 'dispatcherServlet'
27 2023-06-08 10:58:28.575  INFO 9536 --- [nio-8080-exec-1] o.s.web.servlet.DispatcherServlet        : Completed initialization in 4 ms
28 test dofilter
29 2
View Code

在log中可以看到,启动时执行了filter的init方法及单例的构造方法,在调用接口时,获取到了单例中用以存放接口的list,接下来就可以在Filter中取到uri跟接口的List进行比较,来实现白名单。

标签:Users,repository,YIQI,List,jar,单例,m2,白名单,org
From: https://www.cnblogs.com/danielmiau/p/17465779.html

相关文章

  • List Filtering
    DescriptionInthiskatayouwillcreateafunctionthattakesalistofnon-negativeintegersandstringsandreturnsanewlistwiththestringsfilteredout.Examplefilter_list([1,2,'a','b'])==[1,2]filter_list([1,'a',&......
  • 【leetcode】21. Merge Two Sorted Lists
    将两个升序链表合并为一个新的升序链表并返回。新链表是通过拼接给定的两个链表的所有节点组成的。示例1:输入:l1=[1,2,4],l2=[1,3,4]输出:[1,1,2,3,4,4]示例2:输入:l1=[],l2=[]输出:[]示例3:输入:l1=[],l2=[0]输出:[0]提示:两个链表的节点数目范围是[0,......
  • lmkd白名单方案的实现,避免应用被杀
    1如何避免app被lmk杀掉公司的项目可能有一些核心app(javaapp或nativeapp),不想因为lowmemory被lmk杀掉。粗糙一些的做法是在lmkd中添加白名单,白名单的应用永远不会被lmkd杀死。//lmkd.cstaticintkill_one_process(structproc*procp,intmin_oom_score){...t......
  • list
      #include<cstring>template<classTp>structListNode{Tpdata;ListNode*next;ListNode*prev;};template<classTp>classList{public:List(){m_node=newListNode<Tp>;m_node->......
  • uniapp使用uview组件的indexList写选择城市
    <template><viewclass=""><viewclass="top"><viewclass="search-boxmt10flexalcenter"><viewclass="search-input"><u-search:showAction=&q......
  • fluent读取网格文件报错:eof inside list是什么意思,怎么解决?
    做好二维网格之后,导入fluent中网格文件,发现报错:eofinsidelisteofinsidelist这个一般是指格式出错,应该是网格中的一些问题,可以检查一遍网格,尤其是对于边界条件的定义方面,我检查了一遍发现是网格边界在命名的时候出现了非法字符:;,重新修改名称之后就没有问题了。......
  • 单例模式
    单例模式单例模式(SingletonPattern)是Java中最简单的设计模式之一。这种类型的设计模式属于创建型模式,它提供了一种创建对象的最佳方式。这种模式涉及到一个单一的类,该类负责创建自己的对象,同时确保只有单个对象被创建。这个类提供了一种访问其唯一的对象的方式,可以直接访问,不......
  • qt 中的QlistWidget
       ......
  • dataTemplate 的使用之listView
    <Windowx:Class="WpfApplication1.Window39"xmlns="http://schemas.microsoft.com/winfx/2006/xaml/presentation"xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml"xmlns:c="clr-namespace:System......
  • vue3+vant4+vuex4实现todolist备忘录案例
    案例图片如下:  1<van-cell-group>2<van-cell>3<van-row>4<van-colspan="20">5<van-field6:value="content"7@change="handl......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99