Basic HTTP authentication with Jersey / Grizzly

Question

I\'ve written a simple REST server using JAX-RS, Jersey and Grizzly. This is how I start the server:

URI baseUri = UriBuilder.fromUri(\"http://localhost/api\         


        

Answer 1

@aioobe be aware that although this will kind-of work you need better error checking when you're working with the header. For example:

    auth = auth.replaceFirst("[Bb]asic ", "");

This assumes that the authentication header is Basic, whereas it might not be. You should check that the authorization header starts with 'Basic' and if not throw unauthorized. Same thing for ensuring that the rest of the information is actually base64-encoded.