Interceptor内存马
Interceptor是SpringMVC中的拦截器,类似于Servlet中的Filter,主要针对Controller层进行拦截请求。
Interceptor的注册过程
在DispatcherServlet#doDispatch方法中的会调用getHandler方法(可接Controller查找部分),在这个方法里面会调用getHandlerExecutionChain方法,之后会遍历AbstractHandlerMapping.adaptedInterceptors,添加到chain中:
拦截器的调用主要在DispatcherServlet#doDispatch方法中,见applyPreHandle方法:
在这个方法中遍历HandlerExecutionChain.interceptorList中的拦截器对请求进行处理:
动态添加Interceptor
只要把自定义的Interceptor加到AbstractHandlerMapping.adaptedInterceptors中就完成了Interceptor的动态添加。
通过Context可以获取到RequestMappingHandlerMapping的Bean,而它又继承AbstractHandlerMapping类:
所以通过反射可以很方便地获取到adaptedInterceptors这个成员变量,然后直接加入即可:
@RequestMapping("/add")
public String addInterceptor() throws Exception {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
assert attributes != null;
ServletContext servletContext = attributes.getRequest().getServletContext();
WebApplicationContext context = WebApplicationContextUtils.getWebApplicationContext(servletContext);
// 从IoC容器中获取bean
assert context != null;
RequestMappingHandlerMapping handlerMapping = context.getBean(RequestMappingHandlerMapping.class);
Class<?> clazz = Class.forName("org.springframework.web.servlet.handler.AbstractHandlerMapping");
Field field = clazz.getDeclaredField("adaptedInterceptors");
field.setAccessible(true);
List interceptors = (List) field.get(handlerMapping);
interceptors.add(new MyInterceptor());
return "Add success";
}
}
public class MyInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
PrintWriter writer = response.getWriter();
writer.write("This is MyInterceptorn");
writer.flush();
writer.close();
return true;
}
}