On Feb 5, 2009, at 10:28 PM, Craig McClanahan wrote:
>> This looks great. I will update the sample atom+abdera
>> application to use this approach.
> OK, I just committed this change to the server application
> (r1949). It provides a *really* nice way to have centralized
> control over authentication and authorization (in a container
> request filter that watches all requests) coupled with annotation-
> based declaration of what roles are needed to allow a particular
> web service method to be accessed.
>
> Way cool.
Thanks.
From the commit i notice you are still checking the paths for the
"user" role.
You don't need to his and instead you can use the username path
parameter i.e. inject UriInfo and use the ui.getPathParameters
().getFirst("username") and compare that with the Principal name.
This technique will work for any URI path configuration that utilizes
the same path parameter.
Paul.