Recently I was upgrading my application from Jersey 1 to Jersey 2. Following is my web.xml file in Jercey 1.
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>myapplication</display-name>
<servlet>
<servlet-name>jersey-serlvet</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>myapplication</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
<param-value>common.SecurityFilter</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jersey-serlvet</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
</web-app>
I found that in Jersey 2 replacement for com.sun.jersey.spi.container.servlet.ServletContainer is org.glassfish.jersey.servlet.ServletContainer . From documentation of org.glassfish.jersey.servlet.ServletContainer I found that replacement of com.sun.jersey.config.property.packages is jersey.config.server.provider.packages . But I was unable to find replacement for init-param parameter com.sun.jersey.spi.container.ContainerRequestFilters . It was big struggle to find a replacement for this.
After struggling for a long time I found that we don't need to put filter in web.xml file. It will be picked by package scanning. Following is my filter code. I changed package names according to jersey 2.
package common;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.Provider;
import java.util.Base64;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ContainerRequestContext;
@Provider
public class SecurityFilter implements ContainerRequestFilter {
private static final String X_API_KEY = "x-api-key";
private static final String X_API_SECRET = "1234567890";
@Override
public void filter(ContainerRequestContext requestContext) {
String authapikey = requestContext.getHeaderString(X_API_KEY);
if(authapikey!=null && !authapikey.isEmpty()) {
String decodedKey = new String(Base64.getDecoder().decode(authapikey)) ;
if(X_API_SECRET.equals(decodedKey)) {
return ;
}
}
Response unauthorizedResp = Response
.status(Response.Status.UNAUTHORIZED)
.entity("User cannot access the resource")
.build();
throw new WebApplicationException(unauthorizedResp);
}
}
The annotation @Provider is required. Without this annotation this filter will not be invoked. Following is my web.xml with Jersey 2.
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
id="WebApp_ID" version="3.0">
<display-name>myapplication</display-name>
<servlet>
<servlet-name>jersey-serlvet</servlet-name>
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>jersey.config.server.provider.packages</param-name>
<param-value>myapplication;common</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>jersey-serlvet</servlet-name>
<url-pattern>/rest/*</url-pattern>
</servlet-mapping>
</web-app>
Now my common.SecurityFilter get invoked with Jersey 2. Now my application is working in Jersey 2 as it was working with Jersey 1. Jersey 1 does not work with JDK-17 so you need Jersey 2 for working with JDK-17.
No comments:
Post a Comment