问题
We were using Resteasy 2 but we are upgrading to Resteasy 3 and the HttpServletRequest injection is always null.
Our modified security interceptor/filter that looks like:
@Provider
@ServerInterceptor
@Precedence("SECURITY")
public class SecurityInterceptor implements ContainerRequestFilter, ContainerResponseFilter {
@Context
private HttpServletRequest servletRequest;
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// Need access to "servletRequest" but it is always null
if (!isTokenValid(pmContext, method)) {
requestContext.abortWith(ACCESS_DENIED);
}
}
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
// post processing
}
}
And the application class looks like:
@ApplicationPath("/")
public class RestApplication extends Application {
private Set<Object> singletons = new HashSet<Object>();
private Set<Class<?>> empty = new HashSet<Class<?>>();
public RestApplication() {
// Interceptors
this.singletons.add(new SecurityInterceptor());
// Services
this.singletons.add(new MyService());
}
public Set<Class<?>> getClasses() {
return this.empty;
}
public Set<Object> getSingletons() {
return this.singletons;
}
}
Sample API:
@Path("/test")
public class MyService extends BaseService {
@Context HttpServletRequest servletRequest;
@GET
@Path("/hello")
@Produces(MediaType.APPLICATION_JSON)
public Response hello() {
// Need access to HttpServletRequest but it's null
return Response.ok("hello").build();
}
}
However, looking at this and this posts, I don't see HttpServletRequest injection provider.
This leads me to believe that I may need an additional plugin. This is what is installed:
jose-jwt
resteasy-atom-provider
resteasy-cdi
resteasy-crypto
resteasy-jackson2-provider
resteasy-jackson-provider
resteasy-jaxb-provider
resteasy-jaxrs
resteasy-jettison-provider
resteasy-jsapi
resteasy-json-p-provider
resteasy-multipart-provider
resteasy-spring
resteasy-validator-provider-11
resteasy-yaml-provider
Any ideas?
回答1:
Based on @peeskillet suggestion, modifying to return new class instances instead of singletons resolved my issue.
Thus my modified javax.ws.rs.core.Application file looks like:
@ApplicationPath("/")
public class RestApplication extends Application {
private Set<Object> singletons = new HashSet<Object>();
private Set<Class<?>> classes = new HashSet<Class<?>>();
public RestApplication() {
// Interceptors
this.classes.add(SecurityInterceptor.class);
// Services
this.classes.add(MyService.class);
}
public Set<Class<?>> getClasses() {
return this.classes;
}
public Set<Object> getSingletons() {
return this.singletons;
}
}
回答2:
You could use the SecurityInterceptor's constructor to get these values:
///...
private HttpServletRequest request;
private ServletContext context;
public SecurityInterceptor(@Context HttpServletRequest request, @Context ServletContext context) {
this.request = request;
this.context = context;
}
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
// The "servletRequest" won't be null anymore
if (!isTokenValid(pmContext, method)) {
requestContext.abortWith(ACCESS_DENIED);
}
}
///...
This'll solve your problem
来源:https://stackoverflow.com/questions/48311703/resteasy-3-context-httpservletrequest-always-null