CODEWITHSUNDEEP
javajerseyservlet-filtersjersey-2.0
Rentonie
Rentonie

Reputation: 477

Java Jersey 2 implementing filters

I want to include a filter so i can check basic auth headers for each request

import java.io.IOException;
import javax.ws.rs.client.ClientRequestContext;
import javax.ws.rs.client.ClientRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import javax.ws.rs.container.PreMatching;

@Provider
@PreMatching 
public class CheckRequestFilter implements ClientRequestFilter {

    @Override
    public void filter(ClientRequestContext requestContext) throws IOException {

        ServiceProvider sp = new ServiceProvider();


        /*if (sp.authenticateSP(requestContext.getHeaderString("authorization"))     == false){ */
            requestContext.abortWith(
                        Response.status(Response.Status.BAD_REQUEST)
                .entity("User cannot be authenticated")
                        .build());

}}
//}

So far that's what i've come up with following the documentation here https://jersey.java.net/documentation/latest/user-guide.html#filters-and-interceptors

My problems is that i don't know how to include a filter so i can test it (i.e copy pasting the first example is not working) and if my approach is correct.

I want to limit it for certain requests in the future but for now i just want to to work.

Upvotes: 0

Views: 4700

Answers (1)

znurgl
znurgl

Reputation: 1097

You should use ContainerRequestFilter

Here is the API: https://jax-rs-spec.java.net/nonav/2.0/apidocs/javax/ws/rs/container/ContainerRequestFilter.html

An here is an example:

public class AuthorizationRequestFilter implements ContainerRequestFilter {

    @Override
    public void filter(ContainerRequestContext requestContext)
                    throws IOException {

        final SecurityContext securityContext =
                    requestContext.getSecurityContext();
        if (securityContext == null ||
                    !securityContext.isUserInRole("privileged")) {

                requestContext.abortWith(Response
                    .status(Response.Status.UNAUTHORIZED)
                    .entity("User cannot access the resource.")
                    .build());
        }
    }
}

Upvotes: 3

Related Questions