|
|
@@ -49,11 +49,6 @@ public class WebConfig implements WebMvcConfigurer {
|
|
|
return new ActionInterceptor();
|
|
|
}
|
|
|
|
|
|
- @Override
|
|
|
- public void configurePathMatch(PathMatchConfigurer configurer) {
|
|
|
- // 启用.do后缀
|
|
|
- configurer.setUseRegisteredSuffixPatternMatch(true);
|
|
|
- }
|
|
|
|
|
|
/**
|
|
|
* 增加对rest api鉴权的spring mvc拦截器
|
|
|
@@ -82,48 +77,7 @@ public class WebConfig implements WebMvcConfigurer {
|
|
|
);
|
|
|
}
|
|
|
}
|
|
|
- /**
|
|
|
- * druidServlet注册
|
|
|
- */
|
|
|
- @Bean
|
|
|
- public ServletRegistrationBean druidServletRegistration() {
|
|
|
- ServletRegistrationBean registration = new ServletRegistrationBean(new StatViewServlet());
|
|
|
- registration.addUrlMappings("/druid/*");
|
|
|
- return registration;
|
|
|
- }
|
|
|
|
|
|
- /**
|
|
|
- * druid监控 配置URI拦截策略
|
|
|
- */
|
|
|
- @Bean
|
|
|
- public FilterRegistrationBean druidStatFilter() {
|
|
|
- FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean(new WebStatFilter());
|
|
|
- // 添加过滤规则.
|
|
|
- filterRegistrationBean.addUrlPatterns("/*");
|
|
|
- // 添加不需要忽略的格式信息.
|
|
|
- filterRegistrationBean.addInitParameter("exclusions",
|
|
|
- "/static/*,*.js,*.gif,*.jpg,*.png,*.css,*.ico,/druid,/druid/*");
|
|
|
- // 用于session监控页面的用户名显示 需要登录后主动将username注入到session里
|
|
|
- filterRegistrationBean.addInitParameter("principalSessionName", "username");
|
|
|
- return filterRegistrationBean;
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * druid数据库连接池监控
|
|
|
- */
|
|
|
- @Bean
|
|
|
- public DruidStatInterceptor druidStatInterceptor() {
|
|
|
- return new DruidStatInterceptor();
|
|
|
- }
|
|
|
-
|
|
|
- @Bean
|
|
|
- public JdkRegexpMethodPointcut druidStatPointcut() {
|
|
|
- JdkRegexpMethodPointcut druidStatPointcut = new JdkRegexpMethodPointcut();
|
|
|
- String patterns = "net.mingsoft.*.biz.*";
|
|
|
- // 可以set多个
|
|
|
- druidStatPointcut.setPatterns(patterns);
|
|
|
- return druidStatPointcut;
|
|
|
- }
|
|
|
|
|
|
/**
|
|
|
* druid数据库连接池监控
|
|
|
@@ -135,28 +89,18 @@ public class WebConfig implements WebMvcConfigurer {
|
|
|
beanTypeAutoProxyCreator.setInterceptorNames("druidStatInterceptor");
|
|
|
return beanTypeAutoProxyCreator;
|
|
|
}
|
|
|
-
|
|
|
- /**
|
|
|
- * druid 为druidStatPointcut添加拦截
|
|
|
- *
|
|
|
- * @return
|
|
|
- */
|
|
|
- @Bean
|
|
|
- public Advisor druidStatAdvisor() {
|
|
|
- return new DefaultPointcutAdvisor(druidStatPointcut(), druidStatInterceptor());
|
|
|
- }
|
|
|
-
|
|
|
- @Bean
|
|
|
- public FilterRegistrationBean xssFilterRegistration() {
|
|
|
- XSSEscapeFilter xssFilter = new XSSEscapeFilter();
|
|
|
- FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
|
|
|
- xssFilter.excludes.add(".*file/upload.do");
|
|
|
- xssFilter.excludes.add(".*/jsp/editor.do");
|
|
|
- xssFilter.excludes.add(".*/?(jpg|js|css|gif|png|ico)$");
|
|
|
- xssFilter.excludes.add("/");
|
|
|
- registration.addUrlPatterns("/*");
|
|
|
- return registration;
|
|
|
- }
|
|
|
+// XSS过滤器
|
|
|
+// @Bean
|
|
|
+// public FilterRegistrationBean xssFilterRegistration() {
|
|
|
+// XSSEscapeFilter xssFilter = new XSSEscapeFilter();
|
|
|
+// FilterRegistrationBean registration = new FilterRegistrationBean(xssFilter);
|
|
|
+// xssFilter.excludes.add(".*file/upload.do");
|
|
|
+// xssFilter.excludes.add(".*/jsp/editor.do");
|
|
|
+// xssFilter.excludes.add(".*/?(jpg|js|css|gif|png|ico)$");
|
|
|
+// xssFilter.excludes.add("/");
|
|
|
+// registration.addUrlPatterns("/*");
|
|
|
+// return registration;
|
|
|
+// }
|
|
|
|
|
|
/**
|
|
|
* RequestContextListener注册
|
sgjj