You cannot inject SecurityContext into a client-side component. security context is a server-side only contract. You man need to find a different way how to propagate the SecurityContext into the client - e.g. via client request property.
HTH,
Marek
On 16 Nov 2013, at 15:56, Matyas Bene <matyas.bene_at_ferratum.com> wrote:
> Hi,
>
> Using Jersey 2.0 inside Glassfish v4. Could you please point me to the right direction, how to implement the following:
>
> Have filter (or feature), that would process every outgoing request from a Jersey Client, and custom headers to the request that are retrieved from the actual Security Context. In essence, something like this:
>
> @Provider
> public class FerratumHeaderFilter implements ClientRequestFilter {
>
> @Context SecurityContext secContext;
> /**
> * Adds the 'ferratum-user' header to all outgoing calls
> */
> @Override
> public void filter(ClientRequestContext requestContext) throws IOException {
> if((secContext != null) && (requestContext.getHeaders().get(“originalPrincipal”=!=null)) {
> requestContext.getHeaders().add(“originalPrincipal”, secContext.getUserPrincipal());
> }
> }
>
> }
>
> Unfortunately, this piece of code does not work, because secContext is always null, so I can’t add it’s content to the header.
> What’s the proper solution here (apart from adding this header every time you create a request in your code)?
>
> Regards,
> M. Bene