[jax-rs-spec users] [jsr339-experts] Can't get rid of _at_PreMatch

From: Bill Burke <>
Date: Tue, 28 Aug 2012 08:51:49 -0400

On 8/24/2012 10:26 AM, Marek Potociar wrote:
>>> What about the distinction between pre-post matching request filters? Do
>>> we need that at all? Can we just have all "unbound" filters pre-matching
>>> and all name-bound or dynamically-bound post-matching?
>> I don't think we can do that (remove @PreMach). For example,
>> something like @RolesAllowed is a name-bound filter and authorization
>> should really come before as many filters as possible, don't you think?
> But isn't that something that may be completely resource-method
> specific? IOW, doesn't it have to be done only after the resource method
> has been matched?

I'll give you an example:

   We have a global server-side cache that is implemented as a set of
filters. It "aborts" the request if there is a cache hit and returns
the cached response. This *MUST* come after authorization. The cache
is not name bound, but authorization is.


Bill Burke
JBoss, a division of Red Hat