How to implement a REST façade?

Question

I need to create a façade that will forward requests to other web service.

Other than forwarding, the façade will only authenticate / authorize users.

What's a good way to implement this?

I used to work with Jersey, perhaps there's something better than manually creating a WebTarget ?

Answer 1

What you're looking for is called a reverse proxy. Unless you have a very compelling reason to do so I wouldn't write anything from scratch. This is a very common requirement and there are many existing (and well tested) solutions to choose from.

Both Apache httpd and Nginx offer this functionality. With Apache, you can combine mod_proxy with an authentication module like mod_authz_ldap to ensure that requests are authenticated before being passed to the backend server. I'm not as familiar with Nginx but I'm sure it supports something similar.

Many commercial load balancers also support reverse proxies with authentication.

If you don't have a load balancer, you're unable to put a web server in front of the application, or you're required to use Java for policy reasons there are open source Java implementations that you can use outright or extend. For example, HTTP-Proxy-Servlet.

If you want to go down the Java-only road my suggestion is to combine an existing proxy servlet with an off-the-shelf servlet Filter that handles the authentication. Perhaps something like Spring Security. If you happen to be using Tomcat, it can handle the authentication part for you using a valve. Other application servers probably have similar capabilities.