Shulou(Shulou.com)06/01 Report--

This article mainly introduces how Springboot uses filter to encrypt response content. It is very detailed and has certain reference value. Friends who are interested must finish reading it.

Use filter to encrypt response content write encryption class (AES) / * * aes encryption and decryption * / public class AesEncryptUtils {/ / parameters represent algorithm name / encryption mode / data filling mode private static String algorithmstr = "AES/ECB/PKCS5Padding"; public static String getAlgorithmstr () {return algorithmstr Param content encrypted string * @ param encryptKey key value * @ return * @ throws Exception * / public static String encrypt (String content, String encryptKey) throws Exception {KeyGenerator kgen = KeyGenerator.getInstance ("AES"); kgen.init (128); Cipher cipher = Cipher.getInstance (algorithmstr) Cipher.init (Cipher.ENCRYPT_MODE, new SecretKeySpec (encryptKey.getBytes (), "AES")); byte [] b = cipher.doFinal (content.getBytes ("utf-8")); return Base64.encodeBase64String (b) } / * * decryption * @ param encryptStr decrypted string * @ param decryptKey decrypted key value * @ return * @ throws Exception * / public static String decrypt (String encryptStr, String decryptKey) throws Exception {KeyGenerator kgen = KeyGenerator.getInstance ("AES"); kgen.init; Cipher cipher = Cipher.getInstance (algorithmstr) Cipher.init (Cipher.DECRYPT_MODE, new SecretKeySpec (decryptKey.getBytes (), "AES"); byte [] encryptBytes = Base64.decodeBase64 (encryptStr); byte [] decryptBytes = cipher.doFinal (encryptBytes); return new String (decryptBytes);} public static void main (String [] args) throws Exception {String str = "pp2bQLjabobRWp2T5Ro5/GlqWCigmkwHYnrOK11VZkTkIA2hSwnEi1sijfTV6Ozd/"; System.out.println (decrypt (str, "f8db034bda44rtkb")) }} write Filter class / * filter to intercept requests and implement encryption and decryption function * * @ Component hand this Filter to Spring container management * @ WebFilter to declare Filter via WebFilter, so that the container will handle the Filter * * / @ Componentpublic class EncryptFilter implements Filter {Logger log = LoggerFactory.getLogger (this.getClass ()); @ Value ("${admin.encrypt.excludeUrl}") private String ignoreStr when deploying. Private String [] ignoreArr; @ Override public void init (FilterConfig filterConfig) throws ServletException {/ / TODO Auto-generated method stub} / * * return-44 * * @ param response * @ throws IOException * / private void getFailResponse (HttpServletResponse response) throws IOException {response.setCharacterEncoding ("UTF-8"); response.setContentType ("application/json; charset=utf-8") PrintWriter out = null; out = response.getWriter () / / out.write ("{\ n" + / "\" status\ ":" + Constant.ENCRYPT_FAIL + ",\ n" + / "\" message\ ": null,\ n" + / "\" data\ ": []\ n" + / / "}") / / encrypted error message out.write ("+ dashed JO8tuwkrNbxnTLdqStifmQQceLlYETnIGGIiqIp3VbzBV1y6R8B7aY53VM2xHa7cY3Osbnqwages ="); out.flush (); out.close ();} @ Override public void doFilter (ServletRequest request, ServletResponse response, FilterChain chain) {if (ignoreArr==null) {ignoreArr= ignoreStr.split (",");} HttpServletRequest HttpRequest= (HttpServletRequest) request; HttpServletResponse HttpResponse= (HttpServletResponse) response Boolean flag=isIgnore (HttpRequest,ignoreArr); if (flag) {try {chain.doFilter (HttpRequest, HttpResponse);} catch (IOException e) {e.printStackTrace ();} catch (ServletException e) {e.printStackTrace () }} else {try {/ / response processing wraps response object res and caches response data ResponseWrapper responseWrapper = new ResponseWrapper ((HttpServletResponse) response); / / execute business logic to the next filter or servlet to process chain.doFilter (request, responseWrapper) Byte [] resData = responseWrapper.getResponseData (); / / format the response content to prevent errors / / responseWrapper.setContentType ("text/plain;charset=UTF-8") in parsing the response content; / / encrypt the response message and respond to String encryptBASE64 = AesEncryptUtils.encrypt (new String (resData), Constant.ENCRYPT_STR) PrintWriter out = response.getWriter (); out.print (encryptBASE64); out.flush (); out.close ();} catch (Exception e) {try {getFailResponse ((HttpServletResponse) response) } catch (IOException ioException) {ioException.printStackTrace ();} e.printStackTrace () }} @ Override public void destroy () {/ / TODO Auto-generated method stub} / * * which paths are not processed * @ param request * @ param strArr * @ return * / public boolean isIgnore (HttpServletRequest request,String [] strArr) {String path=request.getRequestURI () For (String ignore:strArr) {if (path.contains (ignore)) {return true;}} return false;}}

The following figure shows the configuration in the corresponding application.properties

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.