1. 自定义一个filter,并将这个filter定义在spring的filter之前,或者所有的filter之前
  
 
AuthenticationFilter 
 

2. AuthenticationFilter的实现

public class AuthenticationFilterimplements Filter { 

/** 
* Default constructor. 
*/ 
public CharChangeFilter() { 
// TODO Auto-generated constructor stub 


/** 
* @see Filter#destroy() 
*/ 
public void destroy() { 
// TODO Auto-generated method stub 


/** 
* @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain) 
*/ 
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { 
// perform request filtering 
HttpServletRequest httpServletRequest = (HttpServletRequest) request; 
AuthenticationRequestWrapperrequestWrapper = new AuthenticationRequestWrapper(httpServletRequest); 

// continue the filter chain 
chain.doFilter(requestWrapper, response); 



/** 
* @see Filter#init(FilterConfig) 
*/ 
public void init(FilterConfig fConfig) throws ServletException { 


}

3. AuthenticationRequestWrapper的实现


public class AuthenticationRequestWrapper extends HttpServletRequestWrapper { 

private final String payload; 

public AuthenticationRequestWrapper(HttpServletRequest request) 
throws AuthenticationException { 
super(request); 

// read the original payload into the payload variable 
StringBuilder stringBuilder = new StringBuilder(); 
BufferedReader bufferedReader = null; 
try { 
// read the payload into the StringBuilder 
InputStream inputStream = request.getInputStream(); 
if (inputStream != null) { 
bufferedReader = new BufferedReader(new InputStreamReader( 
inputStream)); 
char[] charBuffer = new char[128]; 
int bytesRead = -1; 
while ((bytesRead = bufferedReader.read(charBuffer)) > 0) { 
stringBuilder.append(charBuffer, 0, bytesRead); 

} else { 
stringBuilder.append(""); 

} catch (IOException ex) { 
throw new AuthenticationException( 
"Error reading the request payload", ex); 
} finally { 
if (bufferedReader != null) { 
try { 
bufferedReader.close(); 
} catch (IOException iox) { 
// ignore 



payload = stringBuilder.toString(); 
// 这个地方写上你的加解密的逻辑即可 



@Override 
public ServletInputStream getInputStream() throws IOException { 
final ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream( 
payload.getBytes()); 
ServletInputStream inputStream = new ServletInputStream() { 
public int read() throws IOException { 
return byteArrayInputStream.read(); 

}; 
return inputStream; 



09-18 10:53