How can I access the HTTP Basic username?

Question

I'm using this ContainerRequestFilter to check HTTP Basic credentials.

private class Filter implements ResourceFilter, ContainerRequestFilter {

    @Override
    public ContainerRequest filter(ContainerRequest request) {
        String auth = request.getHeaderValue("Authorization");

        if (auth == null || !auth.startsWith("Basic ")) {
            throw new NotAuthorizedException("FAILED\n");
        }

        auth = Base64.base64Decode(auth.substring("Basic ".length()));
        String[] vals = auth.split(":");
        String username = vals[0];
        String password = vals[1];

        boolean validUser = database.Users.validate(username, password);

        if (!validUser) {
            throw new NotAuthorizedException("FAILED\n");
        }

        return request;
    }

    ...

}

So by the time I get to this point, I've authenticated the user. Now how I can get the username?

@GET
@Path("some_kind_of_report_or_something")
@Produces(MediaType.TEXT_PLAIN)
public String fetchAReportOrSomething() {
    // At this point, I know that the user has provided good credentials,
    // now I need get the user's username as a String
    String username = ???;
}

I suppose I could use HttpContext.getRequest() and do the same thing as in the AuthFilter (I'd move that username/password extraction logic to its own method). In the filter, can I somehow store the extracted username somewhere in the request object so it gets passed on to this handler?

(By the way, is there a better way to extract the username and password than what I've done in the filter? If so, let me know in a comment.)

Answer 1

Take a look how it's done in a working application: www.s3auth.com. The source code is available at github. As you can see on the site, facebook and google authentication mechanisms are used. The application is using JAX-RS/Jersey.

Answer 2

This blog entry should enlighten you: http://plaincode.blogspot.pt/2011/07/openid-authentication-example-in-jersey.html