本质上来讲,request请求当中的参数是无法更改的,也不能添加或者删除。
但在后台程序中,一般对request的参数的操作,都是通过request的getParameter、getParameterNames、getParameterValues等方法执行的;所以我们要是能重写这些方法,就从侧面改变了request的请求参数。恰好,servlet就提供了一个HttpServletRequestWrapper类来供大家去继承(该类是HttpServletRequest的封装类),重写request相关方法。
这样可以修改比如shiro框架中的JSESSIONID,使单页H5中调用接口时只需要在头部添加在别处登录之后拿到的jsessionid的值,就能保证是登录状态。
headers: {
"token":"JSESSIONID=xxxx"
}
具体服务端实现如下:
package webapp.conf; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.*; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequestWrapper; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.*; /** * 拦截器配置 */ @Configuration public class FilterConfig { @Bean public FilterRegistrationBean modifyParametersFilter() { FilterRegistrationBean registration = new FilterRegistrationBean(); registration.setFilter(new ModifyParametersFilter()); registration.addUrlPatterns("/*"); // 拦截路径 registration.setName("modifyParametersFilter"); // 拦截器名称 registration.setOrder(1); // 顺序 return registration; } /** * 自定义拦截器 */ class ModifyParametersFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { ModifyHttpServletRequestWrapper requestWrapper = new ModifyHttpServletRequestWrapper(request); filterChain.doFilter(requestWrapper, response); } } /** * cookie配置 */ class ModifyHttpServletRequestWrapper extends HttpServletRequestWrapper { ModifyHttpServletRequestWrapper(HttpServletRequest request) { super(request); } // 设置/更新自定义cookie public Cookie[] getCookies() { HttpServletRequest request = (HttpServletRequest) getRequest(); // 获取前端头部传输的token String token = request.getHeader("token"); Cookie[] cookies = request.getCookies(); if (token != null && !"".equals(token)) { Cookie jCookie = new Cookie("JSESSIONID", token); if (cookies == null || cookies.length == 0) { cookies = new Cookie[]{jCookie}; return cookies; } else { List<Cookie> cookieList = new ArrayList<>(Arrays.asList(cookies)); cookieList.add(jCookie); Cookie[] modifyCookies = new Cookie[cookies.length + 1]; for (int i = 0; i < cookieList.size(); i++) { modifyCookies[i] = cookieList.get(i); } return modifyCookies; } } return cookies; } } }
上面的JSESSIONID为cookie的key,可以自行设置。