先说一下需求,最近项目需要把前台请求的地址进行加密,但是不能影响后台程序流转
这个csdn的代码编辑器真心不好用---------------------------------吐槽一下
url地址加密类:
package test;
import java.security.Key;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;
public class ThreeDES {
public static String crypt(String content,String password,int i){
try {
KeyGenerator generator = KeyGenerator.getInstance("AES");
generator.init(new SecureRandom(password.getBytes()));
Key key = generator.generateKey();
generator = null;
if(i == 1){
return getEncString(content,key);
}
else if(i == 2){
return getDesString(content,key);
}
} catch (Exception e) {
return null;
}
return null;
}
/**
* 加密String明文输入,String密文输出
*
* @param strMing
* @return
*/
private static String getEncString(String strMing,Key key) {
byte[] byteMi = null;
byte[] byteMing = null;
String strMi = "";
BASE64Encoder base64en = new BASE64Encoder();
try {
byteMing = strMing.getBytes("UTF8");
byteMi = getEncCode(byteMing,key);
strMi = base64en.encode(byteMi);
} catch (Exception e) {
e.printStackTrace();
} finally {
base64en = null;
byteMing = null;
byteMi = null;
}
return strMi;
}
/**
* 解密 以String密文输入,String明文输出
*
* @param strMi
* @return
*/
private static String getDesString(String strMi, Key key) {
BASE64Decoder base64De = new BASE64Decoder();
byte[] byteMing = null;
byte[] byteMi = null;
String strMing = "";
try {
byteMi = base64De.decodeBuffer(strMi);
byteMing = getDesCode(byteMi,key);
strMing = new String(byteMing, "UTF8");
} catch (Exception e) {
e.printStackTrace();
} finally {
base64De = null;
byteMing = null;
byteMi = null;
}
return strMing;
}
/**
* 加密以byte[]明文输入,byte[]密文输出
*
* @param byteS
* @return
*/
private static byte[] getEncCode(byte[] byteS,Key key) {
byte[] byteFina = null;
Cipher cipher;
try {
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, key);
byteFina = cipher.doFinal(byteS);
} catch (Exception e) {
e.printStackTrace();
} finally {
cipher = null;
}
return byteFina;
}
/**
* 解密以byte[]密文输入,以byte[]明文输出
*
* @param byteD
* @return
*/
private static byte[] getDesCode(byte[] byteD,Key key) {
Cipher cipher;
byte[] byteFina = null;
try {
cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, key);
byteFina = cipher.doFinal(byteD);
} catch (Exception e) {
e.printStackTrace();
} finally {
cipher = null;
}
return byteFina;
}
public static void main(String[] args) {
System.out.println(ThreeDES.crypt("/control/users/index.do", "cccc", 1));
System.out.println(ThreeDES.crypt("ZpbiaZ1Eg1Md/pkr7Tb8XuwvVNrsTletqwfsJmfT92g=", "cccc", 2));
}
}
filter类:
package cn.p2p.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
public class SetCodeFilter implements Filter {
public void destroy() {
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
req.setCharacterEncoding("UTF-8");
//url解密转换操作
System.out.println(req.getRequestURI().substring(1)+"========");
req.getRequestDispatcher(req.getRequestURI().substring(1)).forward(request, response);
// req.getRequestDispatcher("../../yuebao/201402.html").forward(request, response);
// req.getRequestDispatcher(ThreeDES.crypt("ZpbiaZ1Eg1Md/pkr7Tb8XuwvVNrsTletqwfsJmfT92g=", "cccc", 2)).forward(request, response);
filterChain.doFilter(request, response);
}
public void init(FilterConfig arg0) throws ServletException {
}
}
记得如果forward的话struts的filter要加上forward
<!-- 配置struts2 -->
<filter>
<filter-name>struts2</filter-name>
<filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>struts2</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
