Hello, first of all, thanks for the amazing restlet framework and the awesome Jax-RS extension.
I am currently trying to understand how to use "@Context SecurityContext". I do not know how I can make the injected SecurityContext "do" anything. This is what I have: - A function which takes an Authorization header and returns the username and a list of roles (as strings) or throws an exception This is what I want to do: - Have access to a SecurityContext in all my resources, which returns the username and can check whether or not he is in a specific role How can I achieve this? - Do I have to implement SecurityContext? - Is security Context automatically (due to the Jax-RS runtime) aware of Restlet guards? When I try implementing SecurityContext (as per the JSR 311 Specs) public class StockWatchSecurity implements ContextResolver<SecurityContext>, SecurityContext { ... } my resource is not even loaded (an error 404 is returned on its path). I have also implemented a Guard, but since I am using the 2.0 M3 release and there is not much documentation, I am confused which classes I need to use how. For a start, I did this: public class MyJaxRSApp extends JaxRsApplication { public MyJaxRSApp() { super(Context.getCurrent()); getContext().getLogger().setLevel(Level.FINE); getContext().setVerifier(new MyVerifier()); this.add(new MyJaxRSAppConfig()); this.setGuard(new ChallengeGuard(getContext(),ChallengeScheme.CUSTOM, "realm")); } } Thanks in advance and kind regards, Jonas -- View this message in context: http://n2.nabble.com/SecurityContext-with-JaxRS-Extension-tp3395983p3395983.html Sent from the Restlet Discuss mailing list archive at Nabble.com. ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2380678