0

I am developing a rest app with Java/Jersey and I am having some problems with the app's behavior.

The thing is... I have a folder where I put my resources and they extend a parent class called API that performs Token based authentication.

The problem is that when I access any application endpoint, the validation method in the parent class runs several times before accessing my models. Could anyone tell me why this is happening?

My Parent Class Api

@Provider
public class Api extends GensonContextResolver implements ContainerRequestFilter {

    @Context
    private UriInfo info;

    public static final String AUTHENTICATION_TOKEN = "token";

    protected ObjectResponse objectResponse;
    protected UsuariosModel userInfo;

    public Api() {

    }

    @Override
    public void filter(ContainerRequestContext containerRequest) throws WebApplicationException {

        this.objectResponse = new ObjectResponse();
        this.userInfo = new UsuariosModel();

        UriInfo info = containerRequest.getUriInfo();

        // não realiza a valização se o  endpoint for o de validação de acesso
        if(info.getPath().equals("autenticacao/valida-acesso")) {
            return;
        }

        try {

            String token = containerRequest.getHeaderString(AUTHENTICATION_TOKEN);

            AutenticacaoController autenticacaoControler = new AutenticacaoController();
            this.objectResponse = autenticacaoControler.validaToken(token);

            UsuariosController usuariosController = new UsuariosController();
            this.userInfo = usuariosController.selecionaDadosUsuario(token);


        } catch (SQLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (NamingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

        if (this.objectResponse.getMessage() != null) {
            Response response = Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
            containerRequest.abortWith(response);   
        }

    }
}

Resource example

@Path("/descontos")
public class DescontosResource extends Api{

    public DescontosResource() {

    }

    @GET
    @Produces(MediaType.APPLICATION_JSON)
    public Response doGet() throws SQLException, NamingException {
        DescontosController descontosController = new DescontosController();
        this.objectResponse = descontosController.selecionaDescontos();
        return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
    }

    @POST
    @Path("clientes")
    @Produces(MediaType.APPLICATION_JSON)
    @Consumes(MediaType.APPLICATION_JSON)
    public Response doPostClientes(DescontosModel descontos) throws SQLException, NamingException {
        DescontosController descontosController = new DescontosController();
        this.objectResponse = descontosController.cadastraDescontosClientes(descontos);
        return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
    }
}
Bruno César
  • 81
  • 1
  • 13

1 Answers1

0

I found the answer on this two links:

Best practice for REST token-based authentication with JAX-RS and Jersey

and

Jersey ContainerRequestFilter not triggered

I've remove my code from the Api Class and moved the filters to other place. And finally updated my web.xml to:

<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
    <init-param>
      <param-name>jersey.config.server.provider.packages</param-name>
      <param-value>com.sib.resources; com.sib.filters</param-value>
    </init-param>
    <init-param>
        <param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
        <param-value>com.sib.filters.AutenticacaoFilter</param-value>
    </init-param>
Bruno César
  • 81
  • 1
  • 13