问题
I am building an application using App Engine with Jersey. I would like use the annotation @RolesAllowed(Role_user) who permit to create a filter in the request.
The problem is that we need to configure the class SecurityContextFilter.
My objective is to get the id of the user stored in a session to then check their role directly in the function : public ContainerRequest filter(ContainerRequest request) of my class SecurityContextFilter.
I need to inject HttpRequest to get the session, but when I inject it I get an exception Java.lang.Null.
I want to get a session Object in the class ContainerRequest.
How can I do this?
EDIT:
I have find a solution for this issue but I don't know if this is clean: You can inject the HttpRequest directly in the function : isUserInRole(_role) So I use this and I get my userId by the session then get the role user and I check if that match _role and return true or false.
回答1:
I'm pretty not sure whether you can inject a HttpServletRequest on top of the ContainerRequestFilter in jersey but you still can do it programmatically instead of using annotations:
@Override
public ContainerRequest filter(ContainerRequest request) {
if(request.isUserInRole("SOME_ROLE")){
//process some treatement
}
return request;
}
BR.
来源:https://stackoverflow.com/questions/18157177/how-to-get-a-session-object-in-the-containerrequest-to-can-use-the-annotation-r