[英]UnsupportedOperationException getUserPrincipal
I have created a ContainerRequestfilter and successfully made it trigger. 我创建了一个ContainerRequestfilter并成功触发了它。 Now I'd like acccess the UserPrincipal I have set before in a grizzly HttpServerProbe like this:
现在我想要像以前一样在一个灰熊的HttpServerProbe中设置UserPrincipal:
import com.sun.jersey.spi.container.ContainerRequest;
@Override
public ContainerRequest filter(ContainerRequest request) {
Principal principal=req.getUserPrincipal();
}
Instead a "UnsupportedOperationException" is thrown. 而是抛出“UnsupportedOperationException”。 It looks like the ContainerRequest does not pick up the UserPrincipal from the modified request.
看起来ContainerRequest没有从修改后的请求中获取UserPrincipal。
The modification is done via 修改是通过
import org.glassfish.grizzly.http.server.Request;
...
public void onRequestReceiveEvent(
HttpServerFilter filter,Connection connection, Request request) {
Principal principal=getPrincipalFromRequest(request);
request.setUserPrincipal(principal);
}
The issue is how to to transport the Principal information from the HttpServerProbe to the ContainerRequestFilter. 问题是如何将Principal信息从HttpServerProbe传输到ContainerRequestFilter。 The org.glassfish.grizzly.http.server.Request has the security information (in this case SSL Client certificate information) while the com.sun.jersey.spi.container.ContainerRequest initially does not provide it.
org.glassfish.grizzly.http.server.Request具有安全信息(在本例中为SSL客户端证书信息),而com.sun.jersey.spi.container.ContainerRequest最初不提供它。
Unfortunately I have also not found a way to set the SecurityContext in the HttpServerProbe. 不幸的是,我还没有找到在HttpServerProbe中设置SecurityContext的方法。 In the ContainerRequestFilter i could do it but the necessary Principal information is not available as I would have expected.
在ContainerRequestFilter中我可以做到,但必要的主要信息不可用,正如我所期望的那样。
I am using Jersey 1.17 and Grizzly 2.3.5 我使用Jersey 1.17和Grizzly 2.3.5
the following links where all somewhat related to the issue, but none was giving a clue what may be the reason for the above error: 以下链接都与问题有些相关,但没有人提供线索可能是上述错误的原因:
http://www.solutionoferror.com/java/use-containerrequestfilter-in-jersey-without-web-xml-79849.asp http://www.solutionoferror.com/java/use-containerrequestfilter-in-jersey-without-web-xml-79849.asp
Jersey ContainerRequestFilter not triggered Jersey ContainerRequestFilter未触发
http://subversion.jfrog.org/artifactory/public/tags/2.1.0/rest/src/main/java/org/artifactory/rest/common/RestAuthenticationFilter.java http://subversion.jfrog.org/artifactory/public/tags/2.1.0/rest/src/main/java/org/artifactory/rest/common/RestAuthenticationFilter.java
http://sites.gbif.org/common-resources/gbif-common-ws/xref/org/gbif/ws/server/filter/AuthFilter.html http://sites.gbif.org/common-resources/gbif-common-ws/xref/org/gbif/ws/server/filter/AuthFilter.html
http://2rdscreenretargeting.blogspot.de/2012/06/secure-jersey-with-oauth2.html http://2rdscreenretargeting.blogspot.de/2012/06/secure-jersey-with-oauth2.html
What needs to be done to access the principal / set the security context with the principal in a way that HttpServerProbe and ContainerRequestFilter cooperate in assembling this info ? 在HttpServerProbe和ContainerRequestFilter合作收集这些信息时,需要做些什么才能访问主体/设置安全上下文?
Jersey/JAX-RS expects SecurityContext to be set before you can retrieve any information about principal, user roles etc. Usually, in Jersey, this is done by dedicated ContainerRequestFilter . Jersey / JAX-RS期望在您可以检索有关主体,用户角色等的任何信息之前设置SecurityContext 。通常,在Jersey中,这是由专用的ContainerRequestFilter完成的。 Take a look at the sample filter from one of our samples: SecurityFilter .
从我们的一个示例中查看示例过滤器: SecurityFilter 。
After this, you can inject SecurityContext
(using @Context
) into your resources or other providers such as filters. 在此之后,您可以将
SecurityContext
(使用@Context
)注入您的资源或其他提供程序(如过滤器)。 You can then also call containerRequest.getUserPrincipal()
without getting an UnsupportedOperationException
. 然后,您还可以调用
containerRequest.getUserPrincipal()
而不会获得UnsupportedOperationException
。
If you need to obtain Principal
object in grizzly level you can inject the current Request
into your filter and then retrieve the value in filter
method. 如果需要以灰度级获取
Principal
对象,可以将当前Request
注入过滤器,然后在filter
方法中检索该值。
@Context
private ThreadLocal<Request> request;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.