users@jersey.java.net

How do I supply my own Authenticator?

From: Ronald J Mann <Ron.Mann_at_Sun.COM>
Date: Wed, 06 Aug 2008 14:43:28 -0400

Hi!

I'm trying to build a simple management interface over http that
requires basic authentication. As we are trying to make this as
lightweight as possible, I'm using com.sun.net.httpserver.HttpServer. I
want to supply my own credential check, so I've created a class to
extend the BasicAuthenticator and have overriden the checkCredentials()
method to supply the necessary verification.

I start my server thus:

    HttpHandler handler =
ContainerFactory.createContainer(HttpHandler.class);
    server = HttpServerFactory.create("http://localhost:" + port + "/",
handler);
    HttpContext context = server.createContext("/", handler);
    context.setAuthenticator(new CWSAuthenticator(agent.getRootName()));
    server.start();

One of my resouces looks like this:
    @Path( "/info")
    public class InfoResource {
        @GET
        @ProduceMime("application/json")
        public String getInfo() {
            try {
                Info info = new CWSInfo();
                info.setCount(agent.getCount());
                etc...
                return info.toJson();
            } catch (Exception ex) {
                ex.printStackTrace();
                throw new NotFoundException("Could not retrieve the Info
Document requested. ");
            }
    }

With this code, when I try to retrieve the document, I never get to my
authenticator code, but my info document is returned correctly. If I
alter the creation argument for the HttpContext from "/" to "/info" in
the server creation above, I authenticate properly but I get a 404 error
as the doc is not found, presumably the resource was never called. I'm
assuming that somehow the contexts are conflicting (or overriding
eacthother) whcih would explain this behavior.

Clearly I'm missing something here, does anyone have any suggestions as
to I could supply my own authentication mechanism?
Thanks!

=Ron=