Hi Pavel,
Our app is a a single app right now. I guess that is one method, we
could change it to use multiple @Application tags, which would allow us
to deploy/undeploy the individual applications. But it feels like going
in the opposite direction to me. The goal is to have runtime
configuration control over endpoints, without having to add a separate
access-control front-end to proxy inbound requests. To give context, our
application provides various identity management services. Things like
change password, forgotten password recovery, modify my profile, search,
enable/disable user, etc. So broadly speaking there is an
@ApplicationPath for user self service, one for admin services, one for
SSO-related services, etc. So a client wants to be able to allow their
users to do use the forgotten password recovery service, but NOT the
modify my profile. And administrators can enable/disable accounts but
NOT do search.
A simple solution would be to add a servlet filter in front of
everything to enforce some sort of ACLs but what I was hoping for was
something within Jersey where I could control at the endpoint level
(method-level @Path).
What do you think?
Best regards,
Richard
------ Original Message ------
From: "Pavel Bucek" <pavel.bucek_at_oracle.com>
To: users_at_jersey.java.net
Sent: 4/26/2017 4:29:03 AM
Subject: [Jersey] Re: Configuration to turn endpoints on/off
>Hi Richard,
>
>it almost seems like you are building another application server inside
>your app deployed on Tomcat.
>
>Why wouldn't you deploy/undeploy applications instead?
>
>Jersey has a "reload" mechanism [1], which will most likely not work
>out of the box when running on top of servlet, but it could be the way
>to go (if you really want to go that way).
>
>Regards,
>Pavel
>
>[1] https://github.com/jersey/jersey/tree/master/examples/reload
>
>On 25/04/2017 16:33, Richard Sand wrote:
>>Hi all - this may be a really basic question, but is there a way to
>>use runtime configuration (say, a properties file, or deployment
>>descriptor) so that some of the services in my Jersey2 server
>>application can be enabled or disabled by an administrator? Our app
>>presently exposes 15 or so different endpoints. It has 1 Application
>>annotated with @ApplicationPath with 3 classes annotated with @Path,
>>and within those 3 classes about 15 or so different methods annotated
>>with the usual @Path/@<method>/_at_Produces.
>>
>>My app has a few different techniques for reading its runtime
>>configuration, e.g. settings to connect to database resources etc.
>>What I want to do is add some configuration properties to the app so
>>that administrators can enable/disable the 3 classes or any of the
>>individual endpoints within those classes at the Jersey level. Could
>>someone suggest the best way to do this?
>>
>>Taking that a step further, we want to control this configuration in
>>runtime, so if the configuration changes, we can update the jersey
>>configuration to enable/disable the changed services without having to
>>restart our container (which is Tomcat in this case).
>>
>>Any advice appreciate! Thanks!
>>
>>Best regards,
>>
>>Richard
>>
>