Java/Jersey 运行 在执行任何操作之前我所有的资源
Java/Jersey running all my resources before do any action
我正在使用 Java/Jersey 开发一个休息应用程序,我在应用程序的行为方面遇到了一些问题。
事情是......我有一个文件夹,我把我的资源放在那里,它们扩展了一个名为 API 的 parent class,它执行基于令牌的身份验证。
问题是,当我访问任何应用程序端点时,parent class 中的验证方法在访问我的模型之前运行了几次。
谁能告诉我为什么会这样?
我的ParentClassApi
@Provider
public class Api extends GensonContextResolver implements ContainerRequestFilter {
@Context
private UriInfo info;
public static final String AUTHENTICATION_TOKEN = "token";
protected ObjectResponse objectResponse;
protected UsuariosModel userInfo;
public Api() {
}
@Override
public void filter(ContainerRequestContext containerRequest) throws WebApplicationException {
this.objectResponse = new ObjectResponse();
this.userInfo = new UsuariosModel();
UriInfo info = containerRequest.getUriInfo();
// não realiza a valização se o endpoint for o de validação de acesso
if(info.getPath().equals("autenticacao/valida-acesso")) {
return;
}
try {
String token = containerRequest.getHeaderString(AUTHENTICATION_TOKEN);
AutenticacaoController autenticacaoControler = new AutenticacaoController();
this.objectResponse = autenticacaoControler.validaToken(token);
UsuariosController usuariosController = new UsuariosController();
this.userInfo = usuariosController.selecionaDadosUsuario(token);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (this.objectResponse.getMessage() != null) {
Response response = Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
containerRequest.abortWith(response);
}
}
}
资源示例
@Path("/descontos")
public class DescontosResource extends Api{
public DescontosResource() {
}
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response doGet() throws SQLException, NamingException {
DescontosController descontosController = new DescontosController();
this.objectResponse = descontosController.selecionaDescontos();
return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
}
@POST
@Path("clientes")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response doPostClientes(DescontosModel descontos) throws SQLException, NamingException {
DescontosController descontosController = new DescontosController();
this.objectResponse = descontosController.cadastraDescontosClientes(descontos);
return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
}
}
我在这两个链接上找到了答案:
Best practice for REST token-based authentication with JAX-RS and Jersey
和
Jersey ContainerRequestFilter not triggered
我已经从 Api Class 中删除了我的代码,并将过滤器移到了其他地方。最后将我的 web.xml 更新为:
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>jersey.config.server.provider.packages</param-name>
<param-value>com.sib.resources; com.sib.filters</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
<param-value>com.sib.filters.AutenticacaoFilter</param-value>
</init-param>
我正在使用 Java/Jersey 开发一个休息应用程序,我在应用程序的行为方面遇到了一些问题。
事情是......我有一个文件夹,我把我的资源放在那里,它们扩展了一个名为 API 的 parent class,它执行基于令牌的身份验证。
问题是,当我访问任何应用程序端点时,parent class 中的验证方法在访问我的模型之前运行了几次。 谁能告诉我为什么会这样?
我的ParentClassApi
@Provider
public class Api extends GensonContextResolver implements ContainerRequestFilter {
@Context
private UriInfo info;
public static final String AUTHENTICATION_TOKEN = "token";
protected ObjectResponse objectResponse;
protected UsuariosModel userInfo;
public Api() {
}
@Override
public void filter(ContainerRequestContext containerRequest) throws WebApplicationException {
this.objectResponse = new ObjectResponse();
this.userInfo = new UsuariosModel();
UriInfo info = containerRequest.getUriInfo();
// não realiza a valização se o endpoint for o de validação de acesso
if(info.getPath().equals("autenticacao/valida-acesso")) {
return;
}
try {
String token = containerRequest.getHeaderString(AUTHENTICATION_TOKEN);
AutenticacaoController autenticacaoControler = new AutenticacaoController();
this.objectResponse = autenticacaoControler.validaToken(token);
UsuariosController usuariosController = new UsuariosController();
this.userInfo = usuariosController.selecionaDadosUsuario(token);
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if (this.objectResponse.getMessage() != null) {
Response response = Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
containerRequest.abortWith(response);
}
}
}
资源示例
@Path("/descontos")
public class DescontosResource extends Api{
public DescontosResource() {
}
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response doGet() throws SQLException, NamingException {
DescontosController descontosController = new DescontosController();
this.objectResponse = descontosController.selecionaDescontos();
return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
}
@POST
@Path("clientes")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
public Response doPostClientes(DescontosModel descontos) throws SQLException, NamingException {
DescontosController descontosController = new DescontosController();
this.objectResponse = descontosController.cadastraDescontosClientes(descontos);
return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
}
}
我在这两个链接上找到了答案:
Best practice for REST token-based authentication with JAX-RS and Jersey
和
Jersey ContainerRequestFilter not triggered
我已经从 Api Class 中删除了我的代码,并将过滤器移到了其他地方。最后将我的 web.xml 更新为:
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>jersey.config.server.provider.packages</param-name>
<param-value>com.sib.resources; com.sib.filters</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
<param-value>com.sib.filters.AutenticacaoFilter</param-value>
</init-param>