I have seen the name binding strategy from jersey to shield the api, it's pretty cool for authentication, and it's pretty cool to just annotate the endpoints you want to authenticate, and in jersey you can bind the annotation to the filter.
does anybody knows how to achieve this in spring boot ?
Check maven dependencies Check the maven file should have spring-boot-starter-jersey dependency in it.
Create REST APIs
Now create some JAX-RS resources which we will access into testing phase. I have created
UserResource
class.UserResource.java
Users.java
Configure Jersey
Now we have a JAX-RS resource and we want to access it from spring boot application which include Jersey dependency. Let’s register this resource as Jersey resource.
package com.howtodoinjava.jerseydemo;
import org.glassfish.jersey.server.ResourceConfig; import org.springframework.stereotype.Component;
Look at the
@Component
annotation. It enables this class to be registered while spring boot auto scans the java classes in source folder.ResourceConfig
provides advanced capabilities to simplifyregistration of JAX-RS components.
SecurityFilter
class is the actual auth details processor which wewill see later in this tutorial.
Secure REST APIs with JAX-RS Annotations
Now when our APIs are ready, we will start securing them. Let’s annotate the APIs with JAX-RS annotations based on their desired access level and user roles allowed to access them.
Write security filter using JAX-RS ContainerRequestFilter
Now it’s time to write our security filter which will examine the incoming requests, fetch the authorization information (basic auth in this example), and then will match user name and password, and finally it will verify the user’s access level by it’s role. If everything matches, API will be accessed else user will get access denied response.