Hi,
the reason is described in the JAX-RS specification:
Servlet filters may trigger consumption of a request body by accessing request parameters. In a servlet container the @FormParam annotation and the standard entity provider for application/x-www-form-- urlencoded MUST obtain their values from the servlet request parameters if the request body has already been consumed. Servlet APIs do not differentiate between parameters in the URI and body of a request so URI-based query parameters may be included in the entity parameter.
If you don’t want query params to be treated as form params (e.g. injectable using @FormParam) then set the “jersey.config.servlet.form.queryParams.disabled” [1] property to false.
[1]
https://jersey.java.net/apidocs/latest/jersey/org/glassfish/jersey/servlet/ServletProperties.html#QUERY_PARAMS_AS_FORM_PARAMS_DISABLED <
https://jersey.java.net/apidocs/latest/jersey/org/glassfish/jersey/servlet/ServletProperties.html#QUERY_PARAMS_AS_FORM_PARAMS_DISABLED>
Michal
> On 27 Jun 2015, at 16:56, 张立鑫 <intelligentcodemail_at_gmail.com> wrote:
>
>
> @QueryParam("username")
> public String username;
> @QueryParam("remember")
> public boolean remember;
> @QueryParam("password")
> @POST
> @Path("login")
> @Consumes("application/x-www-form-urlencoded")
> @Produces("text/plain")
> public Boolean login(@NotNull @FormParam("username") final String username, @NotNull @FormParam("password") final String password) {
> try {
> String _password = EncryptUtil.encodeMD5(password);
> subject.login(new UsernamePasswordToken(username, _password, remember));
> return subject.getPrincipal() != null;
> } catch (UnknownAccountException e) {
> return false;
> }
> }