Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

@RolesAllowed is not working with custom SecurityContext in Jersey?

Tags:

java

rest

jersey

I have a simple jersey 2.4 resource:

@RolesAllowed("admin")
public List<Folder> list(){}

I also have a ContainerRequestFilter which sets custom securitycontext:

public void filter(ContainerRequestContext requestContext) throws IOException {
requestContext.setSecurityContext(new MySecurityContext(...));
}

In the list() function i do get the correct securitycontext: MySecurityContext. And a call "securityContext.isUserInRole("admin")" works.

But the annotation @RolesAllowed doesn't seem to do anything, the function isUserInRole of MySecurityContext is never called.

Do i need to do something special to get the @RolesAllowed to work?

like image 348
TinusSky Avatar asked Oct 27 '25 23:10

TinusSky

1 Answers

Found it :-)

@RolesAllowed("admin") not @RolesAllowed("{admin}")

and the most important one:

register(RolesAllowedDynamicFeature.class);

like image 90
TinusSky Avatar answered Oct 30 '25 13:10

TinusSky
Sign in to Comment

Related questions

iOS and Android AES Encryption (No UINT in Java)
No pending reply: ConsumerRecord
Spring data JPA with HSQLDB: user lacks privilege or object not found
Spring Security 5.1 - Get Token for Client Credentials Flow with WebClient
Reduce size of Java Spring app by removing not needed dependencies or replace starters
How to get current user in every request in Spring Boot?
How to shut down a Java ScheduledExecutorService based on a condition?
Verify method invocation without executing its actual implementation on a Spy
Eclipse open code in separate window
Calling Comparator parameter in main method

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!