users@jersey.java.net

Re: [Jersey] Aspects in JSR-311

From: Paul Sandoz <Paul.Sandoz_at_Sun.COM>
Date: Fri, 20 Jun 2008 17:05:09 +0200

Victor Grazi wrote:
> How can we access the request header data from the constructor?
>

abstract class BaseResource {
   BaseResource(HttpHeaders hs) {
     String h = hs.getRequestHeaders().getFirst("MyAuth");
   }
}

@Path("/")
public class ConcreteResource extends BaseResource {
   ConcreteResource(@Context HttpHeaders hs) {
     super(hs);
   }
}

Paul.

> On 6/20/08, Paul Sandoz <Paul.Sandoz_at_sun.com> wrote:
>> On Jun 20, 2008, at 1:04 AM, Grazi, Victor wrote:
>>
>>> In our planned REST implementation, every method call will be
>>> receiving a session id in the authorization header.
>>> Therefore every method will start by calling the same boilerplate
>>> code to extract the associated session from Oracle, use that to
>>> extract user info and determine entitlements.
>>>
>>> (Or throw an exception if the session expired.)
>>>
>>> This seems like a pretty common use-case. Is there any way to
>>> handle that using annotations or through any other JSR-311 or Java
>>> standard construct?
>>>
>>> Some sort of AOP?
>>>
>> I dunno much about AOP but you can use AOP/Spring with Jersey and the
>> spring servlet.
>>
>> This seems like more of an approach for filters. You can use a
>> servlet filter. But, i am planning to include filter support in
>> Jersey 0.9, which will make it easier to process things at a higher
>> level and implement cases like auth stuff without having to do this
>> in the application code.
>>
>> There is perhaps an alternative way. If you are using the per-request
>> life-cycle and have resource classes that extend from a base resource
>> class then the constructor in the base resource class can perform the
>> checking. It is not necessarily the best way but it could make it
>> easier to adapt to a filter approach when ready.
>>
>> Paul.
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
> 

-- 
| ? + ? = To question
----------------\
    Paul Sandoz
         x38109
+33-4-76188109
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.