I have a function with @GetMapping(value = "/getToken")
that writes JSON content.
@GetMapping(value = "/getToken")
public String getToken(HttpServletRequest request, HttpServletResponse response, Model model) {
// jsonObject
PrintWriter out = response.getWriter();
out.print(jsonObject);
}
Now, a user can make a GET
request to above mapping using a URL like this:
localhost:8080/getToken?username="username"&password="password"
I have also created a class called CORSFilter
that implements javax.servlet.Filter
and i want this filter to intercept only those request that have /getToken
in the request path.
@WebFilter(urlPatterns = "/getToken")
public class CORSFilter implements Filter {
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// validate user and password
chain.doFilter(requestToUse, responseToUse);
}
}
Now, when I hit localhost:8080
or localhost:8080/thankyou
in the browser then the above filter is getting called.
How can I stop this?
I want to call above filter only if the URL path is
localhost:8080/getToken?username="user"&password="pass"
Unfortunately, Spring Boot doesn't honor the urlPatterns for filters declared with WebFilter. If you need to apply a pattern, you'll have to declare the filter as a bean and declare a filter registration for that bean, in a configuration class. For example:
@Bean
public FilterRegistrationBean<CORSFilter> corsFilterRegistration() {
FilterRegistrationBean<CORSFilter> filterRegistrationBean =
new FilterRegistrationBean<>(corsFilter());
filterRegistrationBean.setUrlPatterns(Collections.singleton("/getToken"));
return filterRegistrationBean;
}
@Bean
public CORSFilter corsFilter() {
return new CORSFilter();
}
Note however that Spring Boot has native support for CORS. You don't need any filter for that.