That sounds sweet, man!
Thanks a lot Ryan.
On Sun, Jun 12, 2011 at 9:04 PM, Ryan Stewart <rds6235_at_gmail.com> wrote:
> If you want method-based security, you probably want to be doing something
> like dynamic proxying:
> http://download.oracle.com/javase/6/docs/technotes/guides/reflection/proxy.html
> Or just use Spring security, since it does everything for you. For example:
> http://static.springsource.org/spring-security/site/docs/3.1.x/reference/ns-config.html#ns-method-security
>
> Tying your security code into Jersey internals sounds like a Bad Idea.
>
> On Fri, Jun 10, 2011 at 9:44 AM, Luis Javier de la Garza Trevino
> <delagarza_at_gmail.com> wrote:
>>
>> So, I implement (and provide) a ContainRequestFilter, so this method:
>>
>> ContainerRequest filter(ContainerRequest request) {
>> }
>>
>> Does the trick... The problem is that the filters have all been
>> processed before the method gets actually invoked. This is OK, but
>> still not what I need... Looking at Jersey's code reveals
>> (AbstractResourceMethodDispatchProvider.java) that methods get invoked
>> in the following way:
>>
>> public void _dispatch(Object resource, HttpContext context) throws
>> IllegalAccessException, InvocationTargetException {
>> final Object[] params = getParams(context);
>> // this is where the method actually gets invoked
>> invoker.invoke(method, resource, params);
>> }
>>
>> final Object[] getParams(HttpContext context) {
>> // pp is the InjectableValuesProvider
>> return pp.getInjectableValues(context);
>> }
>>
>> And this is hapenning AFTER the filters get invoked. So, by the time
>> filters are dispatched, the values have not been injected... Could you
>> provide me with extra pointers? Perhaps a snippet?
>>
>> Thanks!
>>
>>
>> On Fri, Jun 10, 2011 at 4:31 PM, Santiago Pericas-Geertsen
>> <Santiago.PericasGeertsen_at_oracle.com> wrote:
>> >
>> > On Jun 10, 2011, at 9:48 AM, Luis de la Garza wrote:
>> >
>> >> Before posting my question I acutally did a small example using
>> >> ResourceDebuggingFilterFactory. I noticed that the filters get invoked
>> >> before the parameters of the method get injected (be it a @QueryParam,
>> >> a
>> >> @Context, and so on). So at this point, I know which method will get
>> >> executed and I also know the parameter types, but I do not know which
>> >> values
>> >> will be used to invoke the method...
>> >
>> > That's right, but if you use a ContainerRequestFilter you have access
>> > the ContainerRequest that has all you need in there, right?
>> >
>> > -- Santiago
>> >
>> >
>>
>>
>>
>> --
>> Luis Javier de la Garza Treviņo
>
>
--
Luis Javier de la Garza Treviņo