JAX RS, my filter is not working

问题

Im work on : Best practice for REST token-based authentication with JAX-RS and Jersey

But my filter not triggered, my call pass directly to the endpoint...

My secure interface:

    @Qualifier
    @Retention(RUNTIME)
    @Target({METHOD, FIELD, PARAMETER, TYPE})
    public @interface Secure {
    }

My filter:

    @Secure
    @Provider
    @Priority(Priorities.AUTHENTICATION)
     public class AuthenticationFilter implements ContainerRequestFilter {

     @Override
       public void filter(ContainerRequestContext requestContext) throws IOException {

    // Get the HTTP Authorization header from the request
    String authorizationHeader = 
        requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

    // Check if the HTTP Authorization header is present and formatted correctly 
    if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {
        throw new NotAuthorizedException("Authorization header must be provided");
    }

    // Extract the token from the HTTP Authorization header
    String token = authorizationHeader.substring("Bearer".length()).trim();

    try {

        Token tk = new Token();
        tk.validarToken(token);

    } catch (Exception e) {
        requestContext.abortWith(
            Response.status(Response.Status.UNAUTHORIZED).build());
    }
}

My endpoint:

        package api;

        import filters.Secure;
        import javax.ws.rs.Consumes;
        import javax.ws.rs.GET;
        import javax.ws.rs.Path;
        import javax.ws.rs.Produces;
        import javax.ws.rs.core.Response;

        @Path("service")
        public class Service {

        @GET
        @Secure
        @Path("/sapo")
        @Produces("application/json")
        @Consumes("application/json")
        public Response mySecuredMethod() {      
        return Response.ok("sapo").build();
       }
       }

And my web.xml(Its ok ??):

                <servlet>
                <servlet-name>jersey-serlvet</servlet-name>
                <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
                 <init-param>
               <param-name>jersey.config.server.provider.packages</param-name>
              <param-value>api</param-value>
              </init-param>
             <init-param>
            <param-name>import javax.ws.rs.container.ContainerRequestFilter</param-name>
           <param-value>filters.AuthenticationFilter;api.Service</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
       </servlet>
       <servlet-mapping>
       <servlet-name>jersey-serlvet</servlet-name>
       <url-pattern>/api/*</url-pattern>         
       </servlet-mapping> 

I read a lot of question related in stack, but can not find the error.

Anyone have idea?

Thanks in advance.

回答1:

-here comes the necromancer badge -

First of all, Filters are applied globally by default.So , If you don't need to restrict this filter to specific resources, you don't even need your "Secure" interface.

But , If you indeed intend to use the filter on some specific resources , you need to use the @NameBinding meta-annotation for Jersey , instead of the Spring @Qualifier annotation.

回答2:

Replace @Qualifier with @NameBinding

来源：https://stackoverflow.com/questions/38679654/jax-rs-my-filter-is-not-working