问题
I am writing a Restful webservice method,which require authorization first... such as a findItems method..which need username and password in Http Authorization the sample code:
@GET
@Produce(MediaType.APPLICATION_JSON)
public String findItems(){
...
}
how to verify the http authorization before the method excutes...
回答1:
I use a user-type and role-type control with a basic JAAS authentication. After authentication, the client makes http GET requests to the REST web service. In my Facade get method, I inject the @Context SecurityContext as input parameter, and use if for user / role identification in order to provide the correct answer to the GET request, depending on the user's role.
See here for an example of what I mean: Using JaaS with Jersey on Grizzly
回答2:
you can use Filters so you can check the authorization
来源:https://stackoverflow.com/questions/8385198/jersey-resthow-to-write-a-jersey-method-including-verifying-http-authorization