I wanted to implement some security into a JAX-RS web service. As a result I used Basic Authentication with TLS. Everything works fine, but now I wanna know what's behind that "magic".
SecurityContext interface act like a normal class? @Context have to do with it?
There is no "magic" here, it's just JAX-RS providers. The ones involved in this particular behavior are context providers.
When the JAX-RS implementation creates an instance of your resource it looks for fields or methods annotated with the @Context annotation. It then looks at the type of the annotated field and based on that delegates the instantiation to a provider. The provider then injects an appropriate implementation for that interface.
The JAX-RS specification describes the kind of things you can inject using the @Context annotation.
