org.opentripplanner.standalone

Class AuthFilter

java.lang.Object

org.opentripplanner.standalone.AuthFilter

All Implemented Interfaces:

javax.ws.rs.container.ContainerRequestFilter

@Priority(value=1000)
public class AuthFilter
extends Object
implements javax.ws.rs.container.ContainerRequestFilter

This ContainerRequestFilter adds basic authentication support to the Grizzly + Jersey server. Basic authentication is insecure by itself, but short of more complex solutions like oauth it is the best option when coupled with transport-layer security (secure sockets). It seems wasteful to encrypt all communication with the server, but TLS uses very efficient symmetric-key encryption on the messages themselves. Only the TLS handshake uses compute-intensive public key encryption, which establishes a shared key. In Jersey 2 this filter should configure the SecurityContext which will be passed through to the web resources.

Constructor Summary

Constructors

Constructor and Description
AuthFilter()

Method Summary

Modifier and Type	Method and Description
void	filter(javax.ws.rs.container.ContainerRequestContext containerRequest)
static javax.ws.rs.core.SecurityContext	makeSecurityContext(String name, String... roles)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthFilter

public AuthFilter()

Method Detail

filter

public void filter(javax.ws.rs.container.ContainerRequestContext containerRequest)
            throws javax.ws.rs.WebApplicationException

Specified by:

filter in interface javax.ws.rs.container.ContainerRequestFilter

Throws:

javax.ws.rs.WebApplicationException

makeSecurityContext

public static javax.ws.rs.core.SecurityContext makeSecurityContext(String name,
                                                                   String... roles)