users@jersey.java.net

[Jersey] Re: authorization via url or token?

From: John Yeary <johnyeary_at_gmail.com>
Date: Wed, 8 Feb 2012 11:50:02 -0500

Nice!... I forgot to mention that, and I was just using it yesterday.

John
____________________________

John Yeary
____________________________

<http://javaevangelist.blogspot.com/> <https://twitter.com/jyeary>
<http://www.youtube.com/johnyeary>
  <http://www.linkedin.com/in/jyeary>
<https://plus.google.com/112146428878473069965>
  <http://www.facebook.com/jyeary>
<http://feeds.feedburner.com/JavaEvangelistJohnYearysBlog>
  <http://netbeans.org/people/84414-jyeary>
____________________________

"Far better it is to dare mighty things, to win glorious triumphs, even
though checkered by failure, than to take rank with those poor spirits who
neither enjoy much nor suffer much, because they live in the gray twilight
that knows not victory nor defeat."
-- Theodore Roosevelt



On Wed, Feb 8, 2012 at 11:34 AM, Pavel Bucek <pavel.bucek_at_oracle.com> wrote:

> you might also benefit from RolesAllowedResourceFilterFactory which
> allows you to use @RollesAllowed, @PermitAll and @DennyAll, see
>
> http://jersey.java.net/nonav/apidocs/1.11/jersey/com/sun/jersey/api/container/filter/RolesAllowedResourceFilterFactory.html
>
> Regards,
> Pavel
>
> On 2/8/12 4:59 PM, John Yeary wrote:
>
> Use security annotations
> http://java.sun.com/developer/technicalArticles/J2EE/security_annotation/ since
> the user is already logged in you should be able to use this without issue.
>
> Also see
> https://wikis.oracle.com/display/Jersey/Overview+of+JAX-RS+1.0+Featuresas an example.
>
> John
> ____________________________
>
> John Yeary
> ____________________________
>
> <http://javaevangelist.blogspot.com/> <https://twitter.com/jyeary> <http://www.youtube.com/johnyeary>
> <http://www.linkedin.com/in/jyeary> <https://plus.google.com/112146428878473069965>
> <http://www.facebook.com/jyeary> <http://feeds.feedburner.com/JavaEvangelistJohnYearysBlog>
> <http://netbeans.org/people/84414-jyeary>
> ____________________________
>
> "Far better it is to dare mighty things, to win glorious triumphs, even
> though checkered by failure, than to take rank with those poor spirits who
> neither enjoy much nor suffer much, because they live in the gray twilight
> that knows not victory nor defeat."
> -- Theodore Roosevelt
>
>
>
> On Wed, Feb 8, 2012 at 5:45 AM, tmp <le_tmp_at_gmx.de> wrote:
>
>> I had the idea to solve the problem like this:
>>
>> Resource A (allowed for all users) sets username + password authentication
>> and forwards to a resource B (allowed for a specific role).
>>
>> How can i achieve that? How can i set username + password in a resource
>> method?
>>
>>
>>
>> --
>> View this message in context:
>> http://jersey.576304.n2.nabble.com/authorization-via-url-or-token-tp7261856p7265297.html
>> Sent from the Jersey mailing list archive at Nabble.com.
>>
>
>
>