On Jan 15, 2008, at 10:28 AM, krdavis wrote:
> Based on the fact that Jersey is not tied to a specific container
> (servlet or otherwise), is there any way to get a UserPrincipal? I
> have used declarative security at the application level to restrict
> access to my Jersey web app and would like to check if a user
> belongs to a role at the method level in a resource. I have scanned
> the list but not found a concrete answer.
>
Currently the way to do this is container specific but we'll be adding
a container independent way to do this in the future.
For now you have to do something like:
@Resource
HttpServletRequest servletRequest;
@GET void someMethod() {
if (servletRequest.isUserInRole(...))
...
}
Marc.
---
Marc Hadley <marc.hadley at sun.com>
CTO Office, Sun Microsystems.