Hello,
first of all, thanks for the amazing restlet framework and the awesome
Jax-RS extension.
I am currently trying to understand how to use "@Context SecurityContext". I
do not know how I can make the injected SecurityContext "do" anything.
This is what I have:
- A function which takes an Authorization header and returns the
username
and a list of roles (as strings) or throws an exception
This is what I want to do:
- Have access to a SecurityContext in all my resources, which returns
the
username and can check whether or not he is in a specific role
How can I achieve this?
- Do I have to implement SecurityContext?
- Is security Context automatically (due to the Jax-RS runtime) aware of
Restlet guards?
When I try implementing SecurityContext (as per the JSR 311 Specs)
public class StockWatchSecurity implements ContextResolver<SecurityContext>,
SecurityContext { ... }
my resource is not even loaded (an error 404 is returned on its path).
I have also implemented a Guard, but since I am using the 2.0 M3 release and
there is not much documentation, I am confused which classes I need to use
how. For a start, I did this:
public class MyJaxRSApp extends JaxRsApplication {
public MyJaxRSApp() {
super(Context.getCurrent());
getContext().getLogger().setLevel(Level.FINE);
getContext().setVerifier(new MyVerifier());
this.add(new MyJaxRSAppConfig());
this.setGuard(new ChallengeGuard(getContext(),ChallengeScheme.CUSTOM,
"realm"));
}
}
Thanks in advance and kind regards, Jonas
--
View this message in context:
http://n2.nabble.com/SecurityContext-with-JaxRS-Extension-tp3395983p3395983.html
Sent from the Restlet Discuss mailing list archive at Nabble.com.
------------------------------------------------------
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2380678
