How to apply spring boot filter based on URL pattern?

You can add a filter like this:

@Bean
public FilterRegistrationBean someFilterRegistration() {

    FilterRegistrationBean registration = new FilterRegistrationBean();
    registration.setFilter(someFilter());
    registration.addUrlPatterns("/url/*");
    registration.addInitParameter("paramName", "paramValue");
    registration.setName("someFilter");
    registration.setOrder(1);
    return registration;
} 

@Bean(name = "someFilter")
public Filter someFilter() {
    return new SomeFilter();
}

@user1283002 I think it's possible to do using @WebFilter. I just stumbled upon this article. As per the article (haven't tried myself):

@WebFilter(urlPatterns = "/api/count")
public class ExampleFilter implements Filter{
    // ..........
}

// and let Spring know to scan to find such @WebFilter annotation in your config
// class by using the @ServletComponentScan annotation like

@ServletComponentScan
@SpringBootApplication
public class MyApplication extends SpringBootServletInitializer {

    public static void main(String[] args) throws Exception {
        SpringApplication.run(MyApplication.class, args);
    }

   // ..........

}

EDIT: After further reading the docs for the @ServletComponentScan I came across an interesting disclaimer

Scanning is only performed when using an embedded webserver

Which means that when deploying our application in a web container (eg: Apache Tomcat) this class won't get scanned by the Spring framework and therefore any spring config on it (if any) won't be applied.

If there is no Spring config to be made you are good to go without any further changes, if not just add the @Component scan to the filter and make sure it's package is in the path of your @ComponentScan annotation.


There is another option if you are able to extend OncePerRequestFilter. For example:

public class SomeFilter extends OncePerRequestFilter {

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        // your filter logic ....
    }

    @Override
    protected boolean shouldNotFilter(HttpServletRequest request) {
        String path = request.getServletPath();
        return !path.startsWith("/api/secure/");
    }
}