1

I'm trying to remake this solution found here Basic HTTP authentication with Jersey / Grizzly

i've included these imports so far

import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response.Status;

and after some search i included this one

import org.glassfish.jersey.server.ContainerRequest;

My problem is now that i get these errors

... AuthFilter is not abstract and does not override abstract method filter(ContainerRequestContext) in ContainerRequestFilter

... method does not override or implement a method from a supertype

... cannot find symbol
[ERROR] symbol:   method getHeaderValue(String)
[ERROR] location: variable containerRequest of type ContainerRequest

and the code if you don't want to switch tabs is here

    @Override
    public ContainerRequest filter(ContainerRequest containerRequest) 
            throws WebApplicationException {

        // Automatically allow certain requests.
        String method = containerRequest.getMethod();
        String path = containerRequest.getPath(true);
        if (method.equals("GET") && path.equals("application.wadl"))
            return containerRequest;

        // Get the authentication passed in HTTP headers parameters
        String auth = containerRequest.getHeaderValue("authorization");
        if (auth == null)
            throw unauthorized;

Unfortunately i don't have the needed reputation to ask the OP so any help is appreciated.

Edit: Apparently com.sun.jersey.spi.container.ContainerRequest does not include getHeadervalue and the one who does cannot be found by jersey 2.0 Any way around it?

import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestFilter;
import javax.ws.rs.container.ContainerRequestContext;

import org.glassfish.jersey.internal.util.Base64;
import java.io.IOException;

public class AuthFilter implements ContainerRequestFilter {

    @Override
    public void filter(ContainerRequestContext requestContext) 
            throws IOException {

        String method = requestContext.getMethod();
        String path = requestContext.getUriInfo().getPath();


        String auth = requestContext.getHeaderString("authorization");
        if (auth == null)
            throw new AuthenticationException("Too bad");
        //how to import that ^

        auth = auth.replaceFirst("[Bb]asic ", "");

        String entry = new String(Base64.decode(auth));


        if (!entry.equals("admin:password"))
            throw new AuthenticationException("Too bad");
    }
 }
Paul Samsotha
  • 205,037
  • 37
  • 486
  • 720
Rentonie
  • 477
  • 1
  • 10
  • 25

1 Answers1

2

That class from the link is implementing the Jersey 1 specific, ContainerRequestFilter. That class name became a standard class (just the name) starting JAX-RS 2 (Jersey 2.x). The new signature for the method is

import java.io.IOException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.container.ContainerRequestFilter;

public class Hello implements ContainerRequestFilter {

    @Override
    public void filter(ContainerRequestContext requestContext) throws IOException {
        requestContext.getMethod();
        requestContext.getUriInfo().getPath();
        requestContext.getHeaderString("authorization");
    } 
}

I added the changed calls to some of the similar methods, that are used in that class

You can also find a link to a complete Basic Auth example in this answer. It is from the Jersey project examples, which uses Jersey 2

Community
  • 1
  • 1
Paul Samsotha
  • 205,037
  • 37
  • 486
  • 720
  • Thanks for this. I've updated the original question taking into acount your suggestion. How can i import AuthenticationException? – Rentonie Apr 01 '15 at 16:11
  • Most likely that was a concoction of the author's. It's not a standard class. Just use `javax.ws.rs.NotAuthorizedException`. One thing you need to do though, which the author of your code didn't do, is send a header `WWW-Authenticate: Basic realm=SomeRealm` when the authentication fails or there is no header. This is part of the [Basic Authentication Protocol](http://en.wikipedia.org/wiki/Basic_access_authentication) – Paul Samsotha Apr 01 '15 at 16:17
  • I see. My programm will compile but fail in tests so still not much working on. Still you were really helpful and i'll accept the answer. Not clue how to do the header thing but don't bother. Thanks. – Rentonie Apr 01 '15 at 16:24
  • 1
    [Here is a better (complete) example](https://github.com/jersey/jersey/tree/master/examples/https-clientserver-grizzly/src/main/java/org/glassfish/jersey/examples/httpsclientservergrizzly). The authentication happens in the `SecurityFilter` and there are custom exceptions that get mapped to an `ExceptionMapper`, which sends the appropriate header – Paul Samsotha Apr 01 '15 at 16:24