Java Spring boot - OnceRequestPerFilter allow only controller requestmappings

Question

I'm currently implementing audit trail in my project, I tried using HandlerInterceptor and it seems it won't work in my project, so i looked for another way and I discovered that it's possible with OncePerRequestFilter.

Here's the code of my OncePerRequestFilter class:

@Component
@Order
public class LogFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request,
        HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException {
        String method = request.getMethod();
        String username = SecurityContextHolder.getContext().getAuthentication().getName();
        String url = request.getRequestURL().toString();
        // Log the info you need
        // ...
         filterChain.doFilter(request, response);
    }
}

The only problem so far that I see with my current configuration of OncePerRequestFilter is it also includes the resources such as css / javascripts.

example these links will be also go to the filter:

http://localhost:8000/project/css/style.css

http://localhost:8000/project/3277a64fcca0dbde907d8684aed8f170.png

http://localhost:8000/project/js/script.js.map

What i want is to filter only the controller request mappings, and ignore the resources example:

http://localhost:8000/project/accounts/client-users

http://localhost:8000/project/accounts

you can override the method shouldNotFilter(HttpServletRequest request) and return true for request uris , you do not want to filter for. — Indraneel Bende, Jun 07 '18 at 03:17
https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/filter/OncePerRequestFilter.html — Indraneel Bende, Jun 07 '18 at 03:18

score 0 · Answer 1 · answered Jun 07 '18 at 04:02

This code is a workaround to ignore resource file. not sure if it's the best practice tho.

@Component
@Order
public class LogFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request,
        HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException {
        String method = request.getMethod();
        String username = SecurityContextHolder.getContext().getAuthentication().getName();
        String url = request.getRequestURL().toString();

        filterChain.doFilter(request, response);
    }

    protected boolean shouldNotFilter(HttpServletRequest request)
        throws ServletException {
        String url = request.getRequestURL().toString();
        return isResourceUrl(url);
    }

    private boolean isResourceUrl(String url) {
        boolean isResourceUrl = false;
        List<String> resourceRequests = Arrays.asList(
            "/css/", "/js/", "/scss/", "/fonts/", "/emails/",
            ".css", ".js", ".scss", ".eot", ".svg", ".ttf", ".woff", ".otf", ".ico", ".png");
        for (String resourceRequest : resourceRequests) {
            if (url.contains(resourceRequest)) {
                isResourceUrl = true;
            }
        }
        return isResourceUrl;
    }
}

I will personally still write an handler interceptor , whats d issue with that? — Indraneel Bende, Jun 07 '18 at 04:03
this https://stackoverflow.com/questions/50717743/spring-boot-handlerinterceptor-not-rendering-resources-files yes, me too.. hehe, no choice tho — KennethC, Jun 07 '18 at 04:09

score 0 · Answer 2 · answered Feb 09 '23 at 12:28

0

Use something like this:

@Override
public void configure(final WebSecurity web) throws Exception {
     web.ignoring()
    .antMatchers(
        "/example/docs",
        "/swagger-resources/**",
        "/swagger-ui.html");
}

answered Feb 09 '23 at 12:28

Vikcen

153
2
9

Java Spring boot - OnceRequestPerFilter allow only controller requestmappings

2 Answers2