Mark Taylor
Reputation: 371
Authorization in jersey framework
I am using jersey (java) framework. I did authentication based on cookie using Container request filter. Now I have to do Authorization. So, how to I proceed? Quick guidance please.
Upvotes: 1
Views: 100
Answers (1)
Dmytro
Reputation: 516
Jersey has @RolesAllowed("role") annotation to facilitate auth check. Make use of:
@Context
HttpServletRequest httpRequest;`
and in the login method put identity into session like here:
HttpSession session = httpRequest.getSession(true);
session.setAttribute(key, val);
in filter
final String name = session.getAttribute(key);
...
SecurityContext securityContext = new SecurityContext() {
public boolean isUserInRole(String roleName) {
return roleName.equals("role");
}
...
public Principal getUserPrincipal() {
...
return new Principal() {
public String getName() {
return name;
}
};
...
}
...
};
requestContext.setSecurityContext(securityContext);
That's it in short. It is quite common approach. If you want I can share ref impl on GitHub.
Upvotes: 1
Related Questions
- Jersey Client API - authentication
- How to authenticate users in Jersey
- Jersey REST client post with authorization
- User authentication on a Jersey REST service
- How to access Jersey resource secured by @RolesAllowed
- REST authorization with Jersey and session management
- How to approach this authentication mechanism in Jersey
- Authorization with RolesAllowedDynamicFeature and Jersey
- Authorization and Authentication using Jersey and Spring
- Jersey HTTP authentication:How Can I Access and the HTTP authentication in jersey restful url?