Reputation: 198
Setting a Authorization Header in Filter
Am new to RESTful web service. I got a new requirement. Its like, I need to create a new RESTful Web Service where my service will accept a token from the calling program. This token needs to be set to Authorization Header and hit a filter which is in a JAR given by the client. I have created a RESTFul web service where it accepts a Token from calling program. now how can I set this token to Authorization Header. pls help me with this.
Upvotes: 0
Views: 9503
Answers (3)
Reputation: 1
May be you can do it like this:
request.setAttribute("yourNameToken", yourToken);
then you can use the token with this script:
String tk = (String) request.getAttribute("yourNameToken");
Upvotes: 0
Reputation: 1256
Is the context of this question the same as in this post of yours - Calling a Filter before a Servlet from REST Webservice
Then to summarize you have a Restful service accepting a token as a Header. You invoke a Filter from the service which provides some functionality and you need to pass the token to the filter as a request header?
To achieve that you need to create a HttpServletRequestWrapper and pass that to the filter. You would override the getHeader(String name) method and
public class CustomHttpServletRequestWrapper implements HttpServletRequest{
public CustomHttpServletRequestWrapper(HttpServletRequest request){
super(request);
}
public String getHeader(String name){
if(name.equals("AUTH-HEADER"){
//get the original request
HttpServletRequest request = (HttpServletRequest)getRequest();
//now get it from the original request and return
}else{
return request.getHeader(name);
}
}
// TODO override getHeaderNames()
}
And then pass this while invoking your filter.
CustomHttpServletRequestWrapper requestWrapper = new CustomHttpServletRequestWrapper(request);
request.getRequestDispatcher("/secure").include(requestWrapper, response);
Upvotes: 1
Reputation: 312
In plain Java you can set the Authorization Header Client side this way:
String url = "test.com";
URL urlObj = new URL(url);
HttpURLConnection con = (HttpURLConnection) urlObj.openConnection();
con.setRequestProperty("Authorization", "You Token");
Edit Just to be sure i dont miss the topic of the op. If you want to crate an token for authorization you have to pass this token to the user after the user has logged in at you site. After the user client reveives the token the client have to send this token with every request (be shure you use ssl for transmission)
The Serverside Code should look like this:
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException {
String auth = req.getHeader("Authorization");
//validate Token
}
Upvotes: 2
Related Questions
- Add authenticated user id by filter to java servlet
- How to create servlet filter to authorize the request?
- Java filter failing to set response headers
- Adding to request header?
- Adding an HTTP Header to the request in a servlet filter
- Setting Authentication Header in Servlet via Filter
- RESTlet Authorization Filter
- Tomcat SecurityFilter and Authorization
- How to check user authorized with filter
- Pass request information from Servlet Filter to Web Service