Java JAX-RS名称绑定不起作用

时间:2017-06-18 13:34:00

标签: java annotations jersey jetty jax-rs

我正在为我的REST服务开发身份验证过滤器。

有人可以解释为什么这个名字绑定不起作用。

当我发布帖子请求时,我可以收到String" Tokenized",但是日志不打印"在过滤器内#34;。

import java.io.IOException;
import java.lang.annotation.Retention;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.FormParam;
import javax.ws.rs.NameBinding;
import javax.ws.rs.Produces;
import static java.lang.annotation.ElementType.METHOD;
import static java.lang.annotation.ElementType.TYPE;
import java.lang.annotation.Target;
import javax.annotation.Priority;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.Priorities;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.ext.Provider;
import org.apache.log4j.Logger;



@Path("/authentication")
public class AuthenticationHandler {

    final static Logger log = Logger.getLogger(AuthenticationHandler.class);

    @NameBinding
    @Retention(RUNTIME)
    @Target({TYPE, METHOD})
    public @interface Secured {
    }

    @Secured
    @Provider
    @Priority(Priorities.AUTHENTICATION)
    public class AuthenticationFilter implements ContainerRequestFilter {

        @Override
        public void filter(ContainerRequestContext requestContext) throws IOException {

            log.info("Inside the filter");

            // Get the HTTP Authorization header from the request
            String authorizationHeader
                    = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

            // Check if the HTTP Authorization header is present and formatted correctly 
            if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {
                throw new NotAuthorizedException("Authorization header must be provided");
            }

            // Extract the token from the HTTP Authorization header
            String token = authorizationHeader.substring("Bearer".length()).trim();

            try {

                // Validate the token
                validateToken(token);

            } catch (Exception e) {
                requestContext.abortWith(
                        Response.status(Response.Status.UNAUTHORIZED).build());
            }
        }

        private void validateToken(String token) throws Exception {
            // Check if it was issued by the server and if it's not expired
            // Throw an Exception if the token is invalid
        }


    }

    @POST
    @Secured
    @Path("/request_token")
    @Produces(MediaType.APPLICATION_JSON)
    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
    public Response authenticateUser(@FormParam("username") String username,
            @FormParam("password") String password) {

        try {

            // Authenticate the user using the credentials provided
            authenticate(username, password);

            // Issue a token for the user
            String token = issueToken(username);

            // Return the token on the response
            return Response.ok(token).build();

        } catch (Exception e) {
            return Response.status(Response.Status.UNAUTHORIZED).build();
        }
    }



    private boolean authenticate(String username, String password) throws Exception {
        return true;
    }

    private String issueToken(String username) {
        return "Tokenized";
    }

}

1 个答案:

答案 0 :(得分:0)

感谢尖头peeskillet。

在为Name Bind和Filter创建单独的类之后,它现在正常工作。如果有人需要,我会在下面发布解决方案。

我现在的问题是,有没有办法将这两个类保存在一个单独的包中,因为我尝试将它放在我的Util包上,但它没有正常工作。

peeskillet:再次感谢您的提示。

AuthenticationFilter.java 

import com.binosaurs.sf.backend.handler.Secured;
import com.binosaurs.sf.backend.util.*;
import java.io.IOException;
import javax.annotation.Priority;
import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.Priorities;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import org.apache.log4j.Logger;



    @Secured
    @Provider
    @Priority(Priorities.AUTHENTICATION)
    public class AuthenticationFilter implements ContainerRequestFilter {

        // Get Log4j Logger
    final static Logger log = Logger.getLogger(AuthenticationFilter.class);

        @Override
        public void filter(ContainerRequestContext requestContext) throws IOException {

            log.info("Inside the filter");

            // Get the HTTP Authorization header from the request
            String authorizationHeader
                    = requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

            // Check if the HTTP Authorization header is present and formatted correctly
            if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {
                throw new NotAuthorizedException("Authorization header must be provided");
            }

            // Extract the token from the HTTP Authorization header
            String token = authorizationHeader.substring("Bearer".length()).trim();

            try {

                // Validate the token
                validateToken(token);

            } catch (Exception e) {
                requestContext.abortWith(
                        Response.status(Response.Status.UNAUTHORIZED).build());
            }
        }

        private void validateToken(String token) throws Exception {
            // Check if it was issued by the server and if it's not expired
            // Throw an Exception if the token is invalid
        }


    }

Secured.java 

    /*
    * To change this license header, choose License Headers in Project Properties.
    * To change this template file, choose Tools | Templates
    * and open the template in the editor.
    */
    package com.binosaurs.sf.backend.handler;

    import com.binosaurs.sf.backend.util.*;
    import static java.lang.annotation.ElementType.METHOD;
    import static java.lang.annotation.ElementType.TYPE;
    import java.lang.annotation.Retention;
    import static java.lang.annotation.RetentionPolicy.RUNTIME;
    import java.lang.annotation.Target;
    import javax.ws.rs.NameBinding;

    @NameBinding
    @Retention(RUNTIME)
    @Target({TYPE, METHOD})
    public @interface Secured {
    }

AuthenticationHandler.java 

    package com.binosaurs.sf.backend.handler;
    import javax.ws.rs.core.Response;
    import javax.ws.rs.core.MediaType;
    import javax.ws.rs.Consumes;
    import javax.ws.rs.POST;
    import javax.ws.rs.Path;
    import javax.ws.rs.FormParam;
    import javax.ws.rs.Produces;
    import org.apache.log4j.Logger;



    @Path("/authentication")
    public class AuthenticationHandler {

        final static Logger log = Logger.getLogger(AuthenticationHandler.class);

        @POST
        @Secured
        @Path("/request_token")
        @Produces(MediaType.APPLICATION_JSON)
        @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
        public Response authenticateUser(@FormParam("username") String username,
                @FormParam("password") String password) {

            try {

                // Authenticate the user using the credentials provided
                authenticate(username, password);

                // Issue a token for the user
                String token = issueToken(username);

                // Return the token on the response
                return Response.ok(token).build();

            } catch (Exception e) {
                return Response.status(Response.Status.UNAUTHORIZED).build();
            }
        }



        private boolean authenticate(String username, String password) throws Exception {
            return true;
        }

        private String issueToken(String username) {
            return "Tokenized";
        }

    }
相关问题
最新问题