Issue
I have a function with @GetMapping(value = "/getToken") that writes json content.
@GetMapping(value = "/getToken")
public String getToken(HttpServletRequest request, HttpServletResponse response, Model model) {
// jsonObject
PrintWriter out = response.getWriter();
out.print(jsonObject);
}
Now, A user can make a GET Request to above mapping using a url like this:
localhost:8080/getToken?username="username"&password="password"
I have also created a class called CORSFilter that implements javax.servlet.Filter and i want this filter to intercept only those request that have /getToken in the request path.
@WebFilter(urlPatterns = "/getToken")
public class CORSFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
//validate user and password
chain.doFilter(requestToUse, responseToUse);
}
}
Now, when I hit localhost:8080 or localhost:8080/thankyou in the browser then the above filter is getting called.
How can I stop this? I want to call above filter only if the url path is localhost:8080/getToken?username="user"&password="pass"
Solution
Unfortunately, Spring Boot doesn't honor the urlPatterns for filters declared with WebFilter. If you need to apply a pattern, you'll have to declare the filter as a bean and declare a filter registration for that bean, in a configuration class. For example:
@Bean
public FilterRegistrationBean<CORSFilter> corsFilterRegistration() {
FilterRegistrationBean<CORSFilter> filterRegistrationBean =
new FilterRegistrationBean<>(corsFilter());
filterRegistrationBean.setUrlPatterns(Collections.singleton("/getToken"));
return filterRegistrationBean;
}
@Bean
public CORSFilter corsFilter() {
return new CORSFilter();
}
Note however that Spring Boot has native support for CORS. You don't need any filter for that.
Answered By - JB Nizet
Answer Checked By - Cary Denson (JavaFixing Admin)
