• Register
First time here? Checkout the FAQ!
x
Welcome to Find4Answers.com

Where you can Ask Questions, Find Answers Or Receive Answers from other members of the community And Share in Social networking sites like facebook, linkedin, twitter.
3cx phone system assignment writing service bandar bola best waikiki restaurants boiler business car car insurance quotes car insurance quotes car insurance quotes car lease deals car leasing uk chwilówka przez internet zapewne company convey convey law complaints convey law reviews convey law service conveylaw cosmetic dentist csr classics hack csr classics hack csr classics hack data data recovery maidenhead deals design development double glazing leeds electrician electrician manchester electricians emergency farm filmy bez limitu filmy online finlock finlock solutions general genral golf holidays spain graduate jobs in london graduate jobs london heap how to jump higher how to jump higher how to jump higher infrared sauna infrared sauna saunas inline skating java judi bola law law firm in leeds lease leasing led lights led bulbs leeds legal smoke life insurance quotes log london manchester mercedes lease deals mercedes leasing mezzanine movies museums and art nikogo szybka chwilówka none none none ny male revue outsource link building paid search agency performance car hire personal personal injury lawyer porcelain veneers ramię szybkie chwilówki recovery restaurant seo seo agencies seo company seo company london seo las vegas seo services services sky diamond seo solutions steel synchronization szybka chwilówka przykład szybka chwilówka żaden szybkie chwilówki lekko temp cover car insurance temp cover car insurance temp cover car insurance thread tymczasem chwilówki przez internet upvc windows manchester viagra kamagra videos vinyl flooring suppliers wait web development company window repairs london windows zobaczyć szybka chwilówka

How to write an authentication filter using Jersey

0 votes
Can anyone provide an example or a way to achive the authentication filter using jersey REST frame Work
asked Jan 5, 2012 in Java/J2EE by anonymous
    

1 Answer

0 votes
 
Best answer

It seems there are two ways to add authentication to Jersey REST apis

1) You can add a servlet filter.

public class RestAuthenticationFilter implements Filter {
    @Override
    public void destroy() {
        // TODO Auto-generated method stub        
    }
    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {     
    try {
           User user = BasicAuthHelper.authenticateUser(request);
            if (user == null) {
                response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            } else {
                request.setAttribute("user", user);
                chain.doFilter(request, response);
            }
     } catch (ApplicationException e) {
            response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
     }
    }
    @Override
    public void init(FilterConfig config) throws ServletException {
    } 
} 


	


2) You can do it using the jersey filter. You have to implement a ResourceFilterFactory and handle the auth in ContainerRequestFilter. The detailed code is below.  I like the approach 1 as it give complete lifecycle control. However if you need more specifc things like accessing QueryParams or PathParams then approach 2 is the way to go

 

public class RestAuthFilterFactory implements ResourceFilterFactory {
    private static final AppLogger logger = AppLogger
            .getLogger(RestAuthFilterFactory.class);

    @Context
    private UriInfo uriInfo;

    @Override
    public List create(AbstractMethod method) {
        return Collections.singletonList((ResourceFilter) new Filter());
    }

    private class Filter implements ResourceFilter, ContainerRequestFilter {
        protected Filter() {
        }

        public ContainerRequestFilter getRequestFilter() {
            return this;
        }

        public ContainerResponseFilter getResponseFilter() {
            return null;
        }

        public ContainerRequest filter(ContainerRequest request) {
            logger.info("Url invoked is {}", uriInfo.getPath());
            String authHeader = request.getHeaderValue("Authorization");
            if (authHeader != null && authHeader.startsWith("Basic ")) {
                   User user = BasicAuthHelper.authenticateUser(request);
               if (user == null) {
                  throw new WebApplicationException(Response.Status.UNAUTHORIZED);
               }
            return request;
            }
              throw new WebApplicationException(Response.Status.UNAUTHORIZED);
        }
        }
}
answered Jan 6, 2012 by anonymous
...