32

I have created a spring boot filter - implements GenericFilterBean with @Component annotation.

@Component 
public class MyAuthenticationFilter  extends GenericFilterBean {
...
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
...
}
}

The filter is automatically identified by the Spring Boot Framework and works fine for all of the REST API. I want this filter to apply only on a certain URL path, such as /api/secure/* but I can't find the right way. I tried @WebFilter but it didn't work. I'm not using XML configuration or servlet initializer - just the annotations.

What would be the correct way to get it working?

Improve this question

3 Answers 3

Reset to default
54

There is another option if you are able to extend OncePerRequestFilter. For example:

public class SomeFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        // your filter logic ....
    }

    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) {
        String path = request.getServletPath();
        return !path.startsWith("/api/secure/");
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

This was just what I was looking for. Ty
better than filtering with if else inside doFilterInternal()
47

You can add a filter like this:

@Bean
public FilterRegistrationBean someFilterRegistration() {

    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(someFilter());
    registration.addUrlPatterns("/url/*");
    registration.addInitParameter("paramName", "paramValue");
    registration.setName("someFilter");
    registration.setOrder(1);
    return registration;
} 

@Bean(name = "someFilter")
public Filter someFilter() {
    return new SomeFilter();
}
Improve this answer

2 Comments

It is still strange to me why it can't be resolved by an annotation like the @WebFilter, but this works perfectly for me. Thanks!
Is it possible to do it via annotations?
8

@user1283002 I think it's possible to do using @WebFilter. I just stumbled upon this article. As per the article (haven't tried myself):

@WebFilter(urlPatterns = "/api/count")
public class ExampleFilter implements Filter{
    // ..........
}

// and let Spring know to scan to find such @WebFilter annotation in your config
// class by using the @ServletComponentScan annotation like

@ServletComponentScan
@SpringBootApplication
public class MyApplication extends SpringBootServletInitializer {

    public static void main(String[] args) throws Exception {
        SpringApplication.run(MyApplication.class, args);
    }

   // ..........

}

EDIT: After further reading the docs for the @ServletComponentScan I came across an interesting disclaimer

Scanning is only performed when using an embedded webserver

Which means that when deploying our application in a web container (eg: Apache Tomcat) this class won't get scanned by the Spring framework and therefore any spring config on it (if any) won't be applied.

If there is no Spring config to be made you are good to go without any further changes, if not just add the @Component scan to the filter and make sure it's package is in the path of your @ComponentScan annotation.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.