[resteasy-dev] Rest Easy Authentication Trigger
Darran Lofthouse
darran.lofthouse at jboss.com
Fri Nov 1 14:15:19 EDT 2019
I have found the following that answers my question: -
https://docs.jboss.org/resteasy/docs/4.4.0.Final/userguide/html/Securing_JAX-RS_and_RESTeasy.html
So overall I both need to switch on support for the annotations AND
configure a path based security constraint in the web.xml to trigger
authentication.
Have there been any discussions on looking into this further? It seems
plausible that authentication could be triggered in the event a role is
required if authentication has not already been performed: -
https://javaee.github.io/javaee-spec/javadocs/javax/servlet/http/HttpServletRequest.html#authenticate-javax.servlet.http.HttpServletResponse-
Regards,
Darran Lofthouse.
On Fri, Nov 1, 2019 at 5:23 PM Darran Lofthouse <darran.lofthouse at jboss.com>
wrote:
> Hello,
>
> I am presently in the process of adding MicroProfile JWT support to
> WildFly, most of the code to activate this is now ready but I just wanted
> to ask for some pointers as to how RestEasy triggers the need for
> authentication for a request?
>
> I have a deployed endpoint annotated with @RolesAllowed, I am about to
> attach a debugger and look into the call in more detail but thought I would
> ask here as well if there are any pointers.
>
> Regards,
> Darran Lofthouse.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/resteasy-dev/attachments/20191101/0b91a3eb/attachment.html
More information about the resteasy-dev
mailing list