@Provider资源未在休息应用程序中注册

时间:2017-10-31 13:18:51

标签: java rest jersey jax-rs

我正在尝试为我的其他应用程序注册一个拦截器。此拦截器的purpouse是在请求中获取一个令牌,以验证请求是否有效。

我已经创建了一个自定义标记来实现这一目标:

@Provider
@Secured
public class AuthenticationFilter implements ContainerRequestFilter{

private static final Logger LOGGER = Logger.getLogger(AuthenticationFilter.class);

UserDAO userDAO = (UserDAO) SpringApplicationContext.getBean("userDAO");

@Override
public void filter(ContainerRequestContext requestContext) throws IOException {

    // Get the HTTP Authorization header from the request
    String authorizationHeader = 
        requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

    // Check if the HTTP Authorization header is present and formatted correctly 
    if (authorizationHeader == null || !authorizationHeader.startsWith("BSC")) {
        if (authorizationHeader== null){
            LOGGER.error("No authorization header");
        } else{
            LOGGER.error("Authorization header: " + authorizationHeader);
        }
        throw new NotAuthorizedException("Authorization header must be provided");
    }

    // Extract the token from the HTTP Authorization header
    String token = authorizationHeader.substring("BSC".length());
    // Validate the token
    boolean ok = validateToken(token);

    if (!ok){
        LOGGER.error("Not authorized, passed token: " + token);
        throw new NotAuthorizedException("Not authorized");
    }


}

private boolean validateToken(String token){
    boolean ok = userDAO.validateToken(token);
    if (ok){
        userDAO.updateToken(token);
    }else{
        userDAO.deleteToken(token);
    }

    return ok;
}

} 

@NameBinding
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface Secured { 

}

所有带@Secured标签的方法都必须通过拦截器。

我在扩展Application的类中注册了拦截器和其他服务:

public class RestApplication extends Application{
private Set<Object> singletons = new HashSet<Object>();

public RestApplication() {
    singletons.add(new RestService());
    singletons.add(new AuthenticationFilter());
}

@Override
public Set<Object> getSingletons() {
    return singletons;
}
}

然后在我的web.xml中我注册了这个类:

<web-app id="WebApp_ID" version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<display-name>Manufacturing</display-name>

<listener>
    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>

<servlet>
    <servlet-name>jersey-serlvet</servlet-name>
    <servlet-class>
        com.sun.jersey.spi.container.servlet.ServletContainer
    </servlet-class>
    <init-param>
         <param-name>javax.ws.rs.Application</param-name>
         <param-value>com.everis.manufacturing.application.RestApplication</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
    <servlet-name>jersey-serlvet</servlet-name>
    <url-pattern>/*</url-pattern>
</servlet-mapping>

但它似乎不起作用,我正在调用一个具有@Secured标签的服务,但它没有调用拦截器。

提前致谢!

1 个答案:

答案 0 :(得分:0)

尝试更改类RestApplication以扩展ResourceConfig而不是Application。

相关问题
最新问题