Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Method method = resourceInfo.getResourceMethod();
- //Access allowed for all
- if( ! method.isAnnotationPresent(PermitAll.class))
- {
- //Access denied for all
- if(method.isAnnotationPresent(DenyAll.class))
- {
- requestContext.abortWith(ACCESS_FORBIDDEN);
- return;
- }
- //Get request headers
- final MultivaluedMap<String, String> headers = requestContext.getHeaders();
- //Fetch authorization header
- final List<String> authorization = headers.get(AUTHORIZATION_PROPERTY);
- //If no authorization information present; block access
- if(authorization == null || authorization.isEmpty())
- {
- requestContext.abortWith(ACCESS_DENIED);
- return;
- }
- //Get encoded username and password
- final String encodedUserPassword = authorization.get(0).replaceFirst(AUTHENTICATION_SCHEME + " ", "");
- //Decode username and password
- String usernameAndPassword;
- // usernameAndPassword = new String(Base64.decode(encodedUserPassword.getBytes()));
- usernameAndPassword = new String(encodedUserPassword.getBytes());
- System.out.println("usernameAndPassword: " + usernameAndPassword);
- //Split username and password tokens
- final StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":");
- final String username = tokenizer.nextToken();
- final String password = tokenizer.nextToken();
- //Verifying Username and password
- System.out.println(username);
- System.out.println(password);
- //Verify user access
- if(method.isAnnotationPresent(RolesAllowed.class))
- {
- System.out.println("errorcito1");
- RolesAllowed rolesAnnotation = method.getAnnotation(RolesAllowed.class);
- System.out.println("errorcito2");
- Set<String> rolesSet = new HashSet<>(Arrays.asList(rolesAnnotation.value()));
- System.out.println("errorcito3");
- //Is user valid?
- if( ! isUserAllowed(username, password, rolesSet))
- {
- System.out.println("errorcito4");
- requestContext.abortWith(ACCESS_DENIED);
- System.out.println("errorcito5");
- return;
- }
- System.out.println("errorcito6");
- }
- }
Add Comment
Please, Sign In to add comment