BasicAuthBaseResource.java example

Explorer
Resteasy-master
package org.jboss.resteasy.test.security.resource;

import org.jboss.logging.Logger;

import javax.annotation.security.DenyAll;
import javax.annotation.security.RolesAllowed;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.SecurityContext;
import java.util.List;

@Path("/secured")
public class BasicAuthBaseResource {
    private static Logger logger = Logger.getLogger(BasicAuthBaseResource.class);

    @GET
    @Path("/failure")
    @RolesAllowed("admin")
    public List<String> getFailure() {
        return null;
    }

    @GET
    public String get(@Context SecurityContext ctx) {
        logger.info("********* IN SECURE CLIENT");
        if (!ctx.isUserInRole("admin")) {
            logger.info("NOT IN ROLE!!!!");
            throw new WebApplicationException(403);
        }
        return "hello";
    }

    @GET
    @Path("/authorized")
    @RolesAllowed("admin")
    public String getAuthorized() {
        return "authorized";
    }

    @GET
    @Path("/deny")
    @DenyAll
    public String deny() {
        return "SHOULD NOT BE REACHED";
    }

    @GET
    @Path("/denyWithContentType")
    @Produces("application/xml")
    @RolesAllowed("admin")
    public String getWithContentType() {
        return "string";
    }
}