23 messages in net.java.dev.jersey.usersRe: [Jersey] Getting ready for 1.0.2 ...| From | Sent On | Attachments |
|---|---|---|
| Paul Sandoz | Feb 2, 2009 1:45 am | |
| Craig McClanahan | Feb 2, 2009 11:44 am | |
| Martin Grotzke | Feb 2, 2009 6:02 pm | |
| Paul Sandoz | Feb 3, 2009 1:24 am | |
| Paul Sandoz | Feb 3, 2009 1:33 am | |
| Martin Grotzke | Feb 3, 2009 6:59 pm | |
| Paul Sandoz | Feb 4, 2009 2:33 am | |
| Paul Sandoz | Feb 4, 2009 3:10 am | |
| Martin Grotzke | Feb 4, 2009 4:17 am | |
| Paul Sandoz | Feb 4, 2009 4:56 am | |
| Paul Sandoz | Feb 4, 2009 9:16 am | |
| Craig McClanahan | Feb 4, 2009 10:35 am | |
| Craig McClanahan | Feb 4, 2009 10:43 am | |
| tarjei | Feb 5, 2009 1:09 am | |
| Paul Sandoz | Feb 5, 2009 2:12 am | |
| Paul Sandoz | Feb 5, 2009 2:20 am | |
| tarjei | Feb 5, 2009 2:43 am | |
| Paul Sandoz | Feb 5, 2009 4:24 am | |
| Craig McClanahan | Feb 5, 2009 9:10 am | |
| Craig McClanahan | Feb 5, 2009 1:27 pm | |
| Paul Sandoz | Feb 6, 2009 1:50 am | |
| Craig McClanahan | Feb 6, 2009 11:53 am | |
| Paul Sandoz | Feb 10, 2009 1:41 am |
| Subject: | Re: [Jersey] Getting ready for 1.0.2 (WAS: Re: [Jersey] Extract ResourceDoclet from maven-wadl-plugin as new artifact) | |
|---|---|---|
| From: | Paul Sandoz (Paul...@Sun.COM) | |
| Date: | Feb 6, 2009 1:50:28 am | |
| List: | net.java.dev.jersey.users | |
On Feb 5, 2009, at 10:28 PM, Craig McClanahan wrote:
This looks great. I will update the sample atom+abdera application to use this approach.
OK, I just committed this change to the server application (r1949). It provides a *really* nice way to have centralized control over authentication and authorization (in a container request filter that watches all requests) coupled with annotation- based declaration of what roles are needed to allow a particular web service method to be accessed.
Way cool.
Thanks.
From the commit i notice you are still checking the paths for the "user" role.
You don't need to his and instead you can use the username path parameter i.e. inject UriInfo and use the ui.getPathParameters ().getFirst("username") and compare that with the Principal name. This technique will work for any URI path configuration that utilizes the same path parameter.
Paul.