java.lang.Objectorg.acegisecurity.util.FilterChainProxy

All Implemented Interfaces:

Filter, InitializingBean, ApplicationContextAware

public class FilterChainProxy
extends Object
implements Filter, InitializingBean, ApplicationContextAware

Delegates Filter requests to a list of Spring-managed beans.

通過一系列的由spring托管的beans ，代理過濾請求。
FilterChainProxy 通過在web.xml中定義的FilterToBeanProxy 被加載，F(xiàn)ilterChainProxy 將會通過init(FilterConfig), destroy() and doFilter(ServletRequest, ServletResponse, FilterChain)調用，調用每一個在其中定義的過濾器。

The FilterChainProxy is loaded via a standard FilterToBeanProxy declaration in web.xml. FilterChainProxy will then pass init(FilterConfig), destroy() and doFilter(ServletRequest, ServletResponse, FilterChain) invocations through to each Filter defined against FilterChainProxy.

?
??? FilterChainProxy? 是通過一個標準的FilterInvocationDefinitionSource 來實現(xiàn)配置的，每個可能的FilterChainProxy應該服務的URI模式都必須進入
??????????? 第一個搭配的URI模式將會被用來定義處理請求的所有的過濾器，就是說只適配第一組過濾器，后面的其他過濾器將無效。
FilterChainProxy is configured using a standard FilterInvocationDefinitionSource. Each possible URI pattern that FilterChainProxy should service must be entered. The first matching URI pattern located by FilterInvocationDefinitionSource for a given request will be used to define all of the Filters that apply to that request. NB: This means you must put most specific URI patterns at the top of the list, and ensure all Filters that should apply for a given URI pattern are entered against the respective entry. The FilterChainProxy will not iterate the remainder of the URI patterns to locate additional Filters. The FilterInvocationDefinitionSource described the applicable URI pattern to fire the filter chain, followed by a list of configuration attributes. Each configuration attribute's ConfigAttribute.getAttribute() corresponds to a bean name that is available from the application context.

FilterChainProxy respects normal handling of Filters that elect not to call Filter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain), in that the remainder of the origial or FilterChainProxy-declared filter chain will not be called.

It is particularly noted the Filter lifecycle mismatch between the servlet container and IoC container. As per FilterToBeanProxy JavaDocs, we recommend you allow the IoC container to manage lifecycle instead of the servlet container. By default the FilterToBeanProxy will never call this class' init(FilterConfig) and destroy() methods, meaning each of the filters defined against FilterInvocationDefinitionSource will not be called. If you do need your filters to be initialized and destroyed, please set the lifecycle initialization parameter against the FilterToBeanProxy to specify servlet container lifecycle management.

If a filter name of TOKEN_NONE is used, this allows specification of a filter pattern which should never cause any filters to fire.