1. 技术文章
  2. Access object created in ContainerRequestFilter in Resources

Access object created in ContainerRequestFilter in Resources

≯℡__Kan透↙ 提交于 2019-12-24 14:27:46

问题


How to make user object available for further processing in a Resource

   @Priority(Priorities.AUTHENTICATION)
   public static class ResourceAllowedRequestFilter implements ContainerRequestFilter {
      private AuthorizationValidation authorizationValidation;

      public ResourceAllowedRequestFilter() {
         try {
            authorizationValidation = new AuthorizationValidation();
         } catch (Exception e) {

         }
      }

      @Override
      public void filter(ContainerRequestContext requestContext) throws IOException {
         if (userHeader == null) {
           throw new BadRequestException(Response.status(Status.BAD_REQUEST).build());
         } else {
           User user = authorizationValidation.isAuthorizationValid(userHeader)
         }
      }
   }

   @GET
   @Path("/{page}/{limit}")
   public Response getBooks() {
     Access user object created in ContainerRequestFilter
   }

回答1:


Afaig, there is only one way of doing so, named Injection - but multiple ways of using injection.

Here two approaches:

  1. You can implement / use javax.ws.rs.core.SecurityContext. Therefore your User must implement java.security.Principal and use @Context to inject the SecurityContext into your Resource. Basic example below ...

  2. You could also build and register a Factory and inject the User per-request into your Resource. Please visit jersey docs for that, or search @ stackoverflow. You will find a lot of examples.

SecurityContext (1) Example:

ContainerRequestFilter

@Override
public synchronized void filter(ContainerRequestContext request)
        throws IOException {

    final User user = authorizationValidation.isAuthorizationValid(userHeader)

    // impl 
    request.setSecurityContext( new MySecurityContext(user) );

    // or simple but not the best
    request.setSecurityContext( new SecurityContext() {
        @Override
        public boolean isUserInRole(String role) {
            return true; // check roles if you need ...
        }
        @Override
        public boolean isSecure() {
            return false; // check HTTPS
        }
        @Override
        public Principal getUserPrincipal() {
            return user; // return your user here - User must implement Principal
        }
        @Override
        public String getAuthenticationScheme() {
            return null; // ...
        }
    }
}

Resource

@Context
protected SecurityContext securityContext;

@GET
@Path("/{page}/{limit}")
public Response getBooks() {
    User user = (User)securityContext.getUserPrincipal();
}

Have a nice day ...



来源:https://stackoverflow.com/questions/26599655/access-object-created-in-containerrequestfilter-in-resources

标签
jersey
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!