Jersey 2 - ContainerRequestFilter get 方法注解

2024-04-28

我试图获取 ContainerRequestFilter 对象中的方法注释。

控制器：

@GET
@RolesAllowed("ADMIN")
public String message() {
    return "Hello, rest12!";
}

容器请求过滤器：

@Provider
public class SecurityInterceptor implements  javax.ws.rs.container.ContainerRequestFilter {
@Override
public void filter(ContainerRequestContext requestContext) {
//Here I need To get the @RolesAllowed("ADMIN") annotation value
}

应用：

@ApplicationPath("/rest")
public class ExpertApp extends Application {
private final HashSet<Object> singletons = new LinkedHashSet<Object>();

public ExpertApp() {
    singletons.add(new SecurityInterceptor());
}   

@Override
public Set<Object> getSingletons() {
    return singletons;
}

public Set<Class<?>> getClasses() {
    return new HashSet<Class<?>>(Arrays.asList(UserControler.class, SearchController.class));

}

}

Web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<!-- Servlet declaration can be omitted in which case it would be automatically 
    added by Jersey -->
<servlet>
    <servlet-name>javax.ws.rs.core.Application</servlet-name>
</servlet>

<servlet-mapping>
    <servlet-name>javax.ws.rs.core.Application</servlet-name>
    <url-pattern>/*</url-pattern>
</servlet-mapping>

如何获取 @RolesAllowed("ADMIN") 值，

你可以...

注入您的过滤器@Context ResourceInfo，正如所见here https://stackoverflow.com/q/30773160/2587435，并从中获取注释Method

RolesAllowed annot = resourceInfo.getResourceMethod().getAnnotation(RolesAllowed.class);

But...

泽西岛已经有一个RolesAllowedDynamicFeature https://github.com/jersey/jersey/blob/master/core-server/src/main/java/org/glassfish/jersey/server/filter/RolesAllowedDynamicFeature.java实现注释的访问控制@RolesAllowed, @PermitAll and @DenyAll。你只需要在您的应用程序中注册该功能 https://jersey.java.net/documentation/latest/security.html#d0e12202

In ResourceConfig

public class MyApplication extends ResourceConfig {
    public MyApplication() {
        super(MyResource.class);
        register(RolesAllowedDynamicFeature.class);
    }
}

In web.xml

<init-param>
    <param-name>jersey.config.server.provider.classnames</param-name>
    <param-value>
        org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature
    </param-value>
</init-param>

或者在你的Application子类，您可以将其添加到您的getSingletons() or getClasses()放。选哪一个并没有多大区别。不会发生注入，因此只需实例化它并将其添加到单例中是安全的。

_{Note: The first option can be done in any JAX-RS 2.0 application, while the second is Jersey specific.}

本文内容由网友自发贡献，版权归原作者所有，本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容，请联系:hwhale#tublm.com(使用前将#替换为@)