Authentication in multiple methods with JAX-RS/Jersey - How to keep it clean?

Question

I'm working on a web service written in Java using JAX-RS/Jersey and Spring.

The WS authenticates a user when he or she logs in and returns an access key which has a limited lifespan. Most of the available methods require a valid "access key + userId" combination.

For all of the available methods I am using @FormParam to retrieve POST parameters, and the response is in JSON. What I am trying to figure out is how to avoid having to type out

@FormParam("userId") final Integer userId,
@FormParam("accessKey") final String accessKey

and manually invoke my authentication method for each of the probably 20 methods I will have that require authentication. This is especially cumbersome because I will then also have to add code to handle e.g. expired access keys.

Is there another way to go about retrieving the two parameters above and performing authentication so I can keep my methods clean?

score 3 · Accepted Answer · edited May 23 '17 at 12:21

3

Since you're using Jersey, you can use servlet-filter-like APIs to DRY up your code. Check out:

edited May 23 '17 at 12:21

Community

1
1

answered Aug 04 '12 at 01:57

Matt Ball

354,903
100
647
710

Thanks Matt! This looks like just what I needed – John B Aug 04 '12 at 09:39
I've set up the filters and it seems to be working well! I've accepted your answer, thanks again. – John B Aug 04 '12 at 13:13

Authentication in multiple methods with JAX-RS/Jersey - How to keep it clean?

1 Answers1