2

.

1

.

4

B

l

o

c

k

R

e

q

u

e

s

t

s

I

n

f

o

[

G

]

This tutorial shows how to use Filter to block HTTP Requests if they have wrong format (Request will not reach Controller)

If username Parameter doesn't exist, Filter returns error message to the User and doesn't forward Request to Controller.

This is achieved by simply returning from Filter, instead of calling chain.doFilter(request, response) to forward Request.

Filter generates Response by calling response.getWriter().println("Parameter username missing").

Application Schema [Results]

Spring Boot Starters

GROUP

DEPENDENCY

DESCRIPTION

Web

Spring Web

Enables: Controller Annotations, Tomcat Server

P

r

o

c

e

d

u

r

e

Create Project: springboot_filter_gethttprequestresponseparameters (add Spring Boot Starters from the table)

Create Package: controllers (inside main package)

– Create Class: MyController.java (inside controllers package)

Create Package: filters (inside main package)

– Create Class: MyFilter.java (inside controllers package)

MyController.java

package com.ivoronline.springboot_filter_blockrequests.controllers;

import org.springframework.web.bind.annotation.RequestMapping;

import org.springframework.stereotype.Controller;

import org.springframework.web.bind.annotation.RequestParam;

import org.springframework.web.bind.annotation.ResponseBody;

@Controller

public class MyController {

@ResponseBody

@RequestMapping("/Hello")

public String hello(@RequestParam String username) {

System.out.println("Hello from Controller");

return "Hello " + username;

}

MyFilter

MyController

Request

Response

http://localhost:8080/Hello

Request

Response

hello()

MyFilter.java

package com.ivoronline.springboot_filter_blockrequests.filters;

import java.io.IOException;

import javax.servlet.FilterChain;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Component;

import org.springframework.web.filter.OncePerRequestFilter;

@Component

public class MyFilter extends OncePerRequestFilter {

@Override

public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)

throws IOException, ServletException {

//LOG

System.out.print("CHECKING REQUEST PARAMETERS: " + request.getQueryString());

//GET REQUESTS PARAMETERS

String parameterUsername = request.getParameter("username");

//CHECK REQUESTS PARAMETERS

if(parameterUsername == null) {

System.out.println(" (Parameter username missing)");

response.getWriter().println("Parameter username missing");

return;

}

System.out.println(" (Parameter username found)");

//FORWARD TO CONTROLLER

chain.doFilter(request, response);

}

R

e

s

u

l

t

s

http://localhost:8080/Hello?username1=myuser

http://localhost:8080/Hello?username=myuser

Console

CHECKING REQUEST PARAMETERS: username1=myuser (Parameter username missing)

CHECKING REQUEST PARAMETERS: username=myuser (Parameter username found)

Hello from Controller

Application Structure

pom.xml

<groupId>org.springframework.boot</groupId>

<artifactId>spring-boot-starter-web</artifactId>

</dependency>

</dependencies>