cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sergey Beryozkin <sberyoz...@gmail.com>
Subject Re: 回复: 回复: 回复: How to configure CXF Jas-RS to use RequestHandler without spring
Date Wed, 02 Apr 2014 08:53:35 GMT
On 02/04/14 05:02, Kevin Cai wrote:
> I think this method (getCurrentMessage()) has been emphasized in 3.0 which is provided
in JAXRSUtils.  Right?
No, JAXRSUtils.getCurrentMessage just delegates to the existing 
PhaseInterceptorChain method

Sergey
>
>
> Sergey Beryozkin <sberyozkin@gmail.com> 于 2014年4月2日, 星期三, 4:17 上午
写道:
>
> Hi, sorry missed it, if you work with JAX-RS 2.0 filters then you should
> get Authorization header from ContainerRequestContainer and parse it
> manually.
> The CXF specific approach is handy indeed though, PhaseInterceptorChain
> won't be changed AFAIK
>
> Sergey
>
>>
>> import javax.ws.rs.container.ContainerRequestContext;
>> import javax.ws.rs.container.ContainerRequestFilter;
>> import javax.ws.rs.core.Response;
>>
>> import org.apache.cxf.configuration.security.AuthorizationPolicy;
>> import org.apache.cxf.message.Message;
>> import org.apache.cxf.phase.PhaseInterceptorChain;
>>
>> public class AuthFilter implements ContainerRequestFilter {
>>
>> @Override
>> public void filter(ContainerRequestContext req) throws IOException {
>> System.err.println("filter!");
>> Message message = PhaseInterceptorChain.getCurrentMessage();
>>            AuthorizationPolicy policy = (AuthorizationPolicy)message.get(AuthorizationPolicy.class);
>>
>>            if (policy==null){
>>            req.abortWith(Response.status(401).header("WWW-Authenticate", "Basic realm=\"PTServer\"").build());
>>            return;
>>            }
>>            String username = policy.getUserName();
>>            String password = policy.getPassword();
>>            if ("demo".equals(password)&&"demo".equals(username)) {
>>            return;
>>            }
>>            else{
>>            req.abortWith(Response.status(401).header("WWW-Authenticate", "Basic realm=\"PTServer\"").build());
>>            }
>>
>> }
>>
>> }
>>
>> then, in the class that extends javax.ws.rs.core.Application, overwrite
>> public Set<Class<?>> getClasses()
>>
>> @Override
>> public Set<Class<?>> getClasses() {
>> Set<Class<?>> classes = new HashSet<Class<?>>();
>> classes.add(AuthFilter.class);
>>
>> return classes;
>> }
>>
>> My further question is: is it safe to use PhaseInterceptorChain.getCurrentMessage()?
Will this API be changed in the future? Is it OK to use this method inside those Jax-rs service
method?
>>
>>
>>
>> Abhijit Sarkar <socialguy@outlook.com> 于 2014年4月1日, 星期二, 1:43
下午 写道:
>>
>> Kevin,I had written some code without Spring but JAX-WS, not JAX-RS. If you want
to take a look, here it is.
>> https://github.com/abhijitsarkar/java-ee/tree/master/webservices/jax-ws/jaxws-instrumentation
>> Best,Abhijit Sarkar
>>
>>> Date: Mon, 31 Mar 2014 21:29:05 +0800
>>> From: cai_ning@yahoo.com
>>> Subject: 回复: How to configure CXF Jas-RS to use RequestHandler without
spring
>>> To: users@cxf.apache.org
>>>
>>> Sorry, I mean how to config CXF Jax-rs to use RequestHandler (Filter) to implement
Basic Authentication without Spring.  Thanks
>>>
>>>
>>> Kevin Cai <cai_ning@yahoo.com> 于 2014年3月31日, 星期一, 9:26 下午
写道:
>>>
>>> Dear all,
>>>
>>> Seems that all config docs of CXF are all about config cxf with Spring.  I would
like to know how to config CXF Jax-rs to use RequestHandler (Filter) to implement Basic Authentication.
 Thanks.
>>>
>>>
>>> Yours,
>>> Kevin Choi


-- 
Sergey Beryozkin

Talend Community Coders
http://coders.talend.com/

Blog: http://sberyozkin.blogspot.com

Mime
View raw message