转自:https://blog.csdn.net/u012329294/article/details/104602576/
如上图,SpringSecurity调用到网页的过程:
1)tomcat中线程启动run
2)在Catalina(即servlet容器)中执行doFilter
3)在Web中调用filterchain,有如下filterChain
- metricsFilter
- characterEncodingFilter
- hiddenHttpMethodFilter
- httpPutFormContentFilter
- requestContextFilter
- springSecurityFilterChain
- webRequestLoggingFilter
- applicationContextIdFilter
- Tomcat WebSocket (JSR356) Filter
- HttpServlet
4) 在springSecurityFilterChain中调用Filter
- WebAsyncManagerIntegrationFilter
- SecurityContextPersistenceFilter
- HeaderWriterFilter
- CsrfFilter
- LogoutFilter
- UsernamePasswordAuthenticationFilter
- DefaultLoginPageGeneratingFilter
- RequestCacheAwareFilter
- SecurityContextHolderAwareRequestFilter
- AnonymousAuthenticationFilter
- SessionManagementFilter
- ExceptionTranslationFilter
- FilterSecurityInterceptor
5) 以上filter完成后,最后进入HttpServlet,
进入DispatchServlet,即MVC的解析过程,到此结束。