Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

JAXRS/RESTEasy应用程序中未执行java ContainerRequestFilter

4 月,2 周 Questions & Answers

我正试图为我在以下问题Best practice for REST token-based authentication with JAX-RS and Jersey之后开发的RESTAPI创建一个过滤器

问题是,无论我调用什么方法,过滤器似乎都不起作用

这些是我的课程:

安全。java

@NameBinding
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface Secured { 

}

AuthenticationFilter。java

@Secured
@Provider
@Priority(Priorities.AUTHENTICATION)
public class AuthenticationFilter implements ContainerRequestFilter{

    @Override
    public void filter(ContainerRequestContext requestContext) throws IOException {
        // Get the HTTP Authorization header from the request
        String authorizationHeader = 
            requestContext.getHeaderString(HttpHeaders.AUTHORIZATION);

        // Check if the HTTP Authorization header is present and formatted correctly 
        if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {
            throw new NotAuthorizedException("Authorization header must be provided");
        }

        // Extract the token from the HTTP Authorization header
        String token = authorizationHeader.substring("Bearer".length()).trim();

        try {

            // Validate the token
            validateToken(token);

        } catch (Exception e) {
            requestContext.abortWith(
                Response.status(Response.Status.UNAUTHORIZED).build());
        }
    }

    private void validateToken(String token) throws Exception {
        // Check if it was issued by the server and if it's not expired
        // Throw an Exception if the token is invalid
    }

}

rest服务。java

@Path("/test")
public class RestService {

TestDAO testDAO;

    @GET
    @Secured
    @Path("/myservice")
    @Produces("application/json")
    public List<Test> getEverisTests() {
        testDAO=(TestDAO) SpringApplicationContext.getBean("testDAO");

        long start = System.currentTimeMillis();

        List<Test> ret =  testDAO.getTests();

        long end = System.currentTimeMillis();

        System.out.println("TIEMPO TOTAL: " + (end -start));

        return ret;

    }
}

重新应用。java

public class RestApplication extends Application{
    private Set<Object> singletons = new HashSet<Object>();

    public RestApplication() {
        singletons.add(new RestService());
        singletons.add(new AuthenticationFilter());
    }

    @Override
    public Set<Object> getSingletons() {
        return singletons;
    }
}

我错过了什么?提前谢谢


共 (3) 个答案

  1. # 1 楼答案

    您的AuthenticationFilter可能未注册

    很可能在应用程序的某个地方有一个^{}子类。使用它来注册过滤器:

    @ApplicationPath("api")
public class ApiConfig extends Application {

    @Override
    public Set<Class<?>> getClasses() {
        HashSet<Class<?>> classes = new HashSet<>();
        classes.add(AuthenticationFilter.class);
        ...
        return classes;
    }
}
  2. # 2 楼答案

    解决方案是在这个页面resteasy之后更新resteasy的Jboss模块,并选择我正在使用的resteasy版本

    顺便说一下,谢谢你的回答

  3. # 3 楼答案

    我还不能对此发表评论,所以这是一个答案:

    我不明白@Secured机制是如何工作的。您是否尝试删除所有@Secured批注?然后,对于所有端点,筛选器都应处于活动状态

    如果它仍然不起作用,您很可能必须在应用程序中手动注册它

    如果事后它确实起作用,你至少有一个提示,说明在哪里可以找到问题