Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

HK2 MethodInterceptor with Jersey resource

How can I set up an aop MethodInterceptor to work with Jersey resources?

Here is what I've tried, following this documentation:

Step 1 - InterceptionService

public class MyInterceptionService implements InterceptionService
{
    private final Provider<AuthFilter> authFilterProvider;

    @Inject
    public HK2MethodInterceptionService(Provider<AuthFilter> authFilterProvider)
    {
        this.authFilterProvider = authFilterProvider;
    }

    /**
     * Match any class.
     */
    @Override
    public Filter getDescriptorFilter()
    {
        return BuilderHelper.allFilter();
    }

    /**
     * Intercept all Jersey resource methods for security.
     */
    @Override
    @Nullable
    public List<MethodInterceptor> getMethodInterceptors(final Method method)
    {
        // don't intercept methods with PermitAll
        if (method.isAnnotationPresent(PermitAll.class))
        {
            return null;
        }

        return Collections.singletonList(new MethodInterceptor()
        {
            @Override
            public Object invoke(MethodInvocation methodInvocation) throws Throwable
            {
                if (!authFilterProvider.get().isAllowed(method))
                {
                    throw new ForbiddenException();
                }

                return methodInvocation.proceed();
            }
        });
    }

    /**
     * No constructor interception.
     */
    @Override
    @Nullable
    public List<ConstructorInterceptor> getConstructorInterceptors(Constructor<?> constructor)
    {
        return null;
    }
}

Step 2 - Register the service

public class MyResourceConfig extends ResourceConfig
{
    public MyResourceConfig()
    {
        packages("package.with.my.resources");

        // UPDATE: answer is remove this line
        register(MyInterceptionService.class);

        register(new AbstractBinder()
        {
            @Override
            protected void configure()
            {
                bind(AuthFilter.class).to(AuthFilter.class).in(Singleton.class);

                // UPDATE: answer is add the following line
                // bind(MyInterceptionService.class).to(InterceptionService.class).in(Singleton.class);
            }
        });
    }
}

However this doesn't appear to work because none of my resource methods are being intercepted. Could this be because I use @ManagedAsync with all of my resources? Any ideas?

Also, please do not suggest a ContainerRequestFilter. See this question for why I can't use one to handle security.

like image 314
Alden Avatar asked Mar 08 '14 21:03

Alden


1 Answers

I think that rather than calling register(MyInterceptionService.class) you might want to instead add into your configure() statement:

bind(MyInterceptionService.class).to(InterceptionService.class).in(Singleton.class)

I am not sure it will work as I have not tried it myself so your results may vary lol

like image 194
jwells131313 Avatar answered Sep 21 '22 13:09

jwells131313