Craig McClanahan wrote:
> Paul Sandoz wrote:
>> On Feb 5, 2009, at 11:21 AM, Paul Sandoz wrote:
>>>>> Craig, what do you think?
>>>> That sounds really good ... I'll take it on (along with using
>>>> resource specific filters).
>>>
>>> I just realized that the way things are currently supported you will
>>> need supply two injectable provider implements for the per request
>>> and singleton scope (where the latter injects a proxy) and there are
>>> currently some ordering issues in that the latter cannot currently
>>> be overridden by the user.
>>>
>>> Since this is something that seems highly desirable i am going to
>>> tweak the ContainerRequest so that a SecurityContext implementation
>>> can be set. That way the filter can do:
>>>
>>> request.setSecurityContext(...)
>>>
>>
>> Fixed in the trunk. See below for a unit test exercising a very
>> similar use-case.
>>
> This looks great. I will update the sample atom+abdera application to
> use this approach.
OK, I just committed this change to the server application (r1949). It
provides a *really* nice way to have centralized control over
authentication and authorization (in a container request filter that
watches all requests) coupled with annotation-based declaration of what
roles are needed to allow a particular web service method to be accessed.
Way cool.
>> Paul.
Craig