Resteasy 3 @Context HttpServletRequest 始终为空
Resteasy 3 @Context HttpServletRequest always null
我们使用的是 Resteasy 2,但我们正在升级到 Resteasy 3,HttpServletRequest 注入总是 null。
我们修改后的安全性 interceptor/filter 看起来像:
@Provider
@ServerInterceptor
@Precedence("SECURITY")
public class SecurityInterceptor implements ContainerRequestFilter, ContainerResponseFilter {
@Context
private HttpServletRequest servletRequest;
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// Need access to "servletRequest" but it is always null
if (!isTokenValid(pmContext, method)) {
requestContext.abortWith(ACCESS_DENIED);
}
}
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
// post processing
}
}
应用程序 class 看起来像:
@ApplicationPath("/")
public class RestApplication extends Application {
private Set<Object> singletons = new HashSet<Object>();
private Set<Class<?>> empty = new HashSet<Class<?>>();
public RestApplication() {
// Interceptors
this.singletons.add(new SecurityInterceptor());
// Services
this.singletons.add(new MyService());
}
public Set<Class<?>> getClasses() {
return this.empty;
}
public Set<Object> getSingletons() {
return this.singletons;
}
}
样本API:
@Path("/test")
public class MyService extends BaseService {
@Context HttpServletRequest servletRequest;
@GET
@Path("/hello")
@Produces(MediaType.APPLICATION_JSON)
public Response hello() {
// Need access to HttpServletRequest but it's null
return Response.ok("hello").build();
}
}
但是,查看 this and this 个帖子,我没有看到 HttpServletRequest 个注入提供程序。
这让我相信我可能需要一个额外的插件。这是安装的内容:
jose-jwt
resteasy-atom-provider
resteasy-cdi
resteasy-crypto
resteasy-jackson2-provider
resteasy-jackson-provider
resteasy-jaxb-provider
resteasy-jaxrs
resteasy-jettison-provider
resteasy-jsapi
resteasy-json-p-provider
resteasy-multipart-provider
resteasy-spring
resteasy-validator-provider-11
resteasy-yaml-provider
有什么想法吗?
您可以使用 SecurityInterceptor 的构造函数来获取这些值:
///...
private HttpServletRequest request;
private ServletContext context;
public SecurityInterceptor(@Context HttpServletRequest request, @Context ServletContext context) {
this.request = request;
this.context = context;
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// The "servletRequest" won't be null anymore
if (!isTokenValid(pmContext, method)) {
requestContext.abortWith(ACCESS_DENIED);
}
}
///...
这将解决您的问题
根据 @peeskillet 建议,修改为 return 新 class 实例而不是单例解决了我的问题。
因此我修改后的 javax.ws.rs.core.Application 文件如下所示:
@ApplicationPath("/")
public class RestApplication extends Application {
private Set<Object> singletons = new HashSet<Object>();
private Set<Class<?>> classes = new HashSet<Class<?>>();
public RestApplication() {
// Interceptors
this.classes.add(SecurityInterceptor.class);
// Services
this.classes.add(MyService.class);
}
public Set<Class<?>> getClasses() {
return this.classes;
}
public Set<Object> getSingletons() {
return this.singletons;
}
}
我们使用的是 Resteasy 2,但我们正在升级到 Resteasy 3,HttpServletRequest 注入总是 null。
我们修改后的安全性 interceptor/filter 看起来像:
@Provider
@ServerInterceptor
@Precedence("SECURITY")
public class SecurityInterceptor implements ContainerRequestFilter, ContainerResponseFilter {
@Context
private HttpServletRequest servletRequest;
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// Need access to "servletRequest" but it is always null
if (!isTokenValid(pmContext, method)) {
requestContext.abortWith(ACCESS_DENIED);
}
}
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
// post processing
}
}
应用程序 class 看起来像:
@ApplicationPath("/")
public class RestApplication extends Application {
private Set<Object> singletons = new HashSet<Object>();
private Set<Class<?>> empty = new HashSet<Class<?>>();
public RestApplication() {
// Interceptors
this.singletons.add(new SecurityInterceptor());
// Services
this.singletons.add(new MyService());
}
public Set<Class<?>> getClasses() {
return this.empty;
}
public Set<Object> getSingletons() {
return this.singletons;
}
}
样本API:
@Path("/test")
public class MyService extends BaseService {
@Context HttpServletRequest servletRequest;
@GET
@Path("/hello")
@Produces(MediaType.APPLICATION_JSON)
public Response hello() {
// Need access to HttpServletRequest but it's null
return Response.ok("hello").build();
}
}
但是,查看 this and this 个帖子,我没有看到 HttpServletRequest 个注入提供程序。
这让我相信我可能需要一个额外的插件。这是安装的内容:
jose-jwt
resteasy-atom-provider
resteasy-cdi
resteasy-crypto
resteasy-jackson2-provider
resteasy-jackson-provider
resteasy-jaxb-provider
resteasy-jaxrs
resteasy-jettison-provider
resteasy-jsapi
resteasy-json-p-provider
resteasy-multipart-provider
resteasy-spring
resteasy-validator-provider-11
resteasy-yaml-provider
有什么想法吗?
您可以使用 SecurityInterceptor 的构造函数来获取这些值:
///...
private HttpServletRequest request;
private ServletContext context;
public SecurityInterceptor(@Context HttpServletRequest request, @Context ServletContext context) {
this.request = request;
this.context = context;
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// The "servletRequest" won't be null anymore
if (!isTokenValid(pmContext, method)) {
requestContext.abortWith(ACCESS_DENIED);
}
}
///...
这将解决您的问题
根据 @peeskillet 建议,修改为 return 新 class 实例而不是单例解决了我的问题。
因此我修改后的 javax.ws.rs.core.Application 文件如下所示:
@ApplicationPath("/")
public class RestApplication extends Application {
private Set<Object> singletons = new HashSet<Object>();
private Set<Class<?>> classes = new HashSet<Class<?>>();
public RestApplication() {
// Interceptors
this.classes.add(SecurityInterceptor.class);
// Services
this.classes.add(MyService.class);
}
public Set<Class<?>> getClasses() {
return this.classes;
}
public Set<Object> getSingletons() {
return this.singletons;
}
}