I am using Deltaspike SecurityInterceptor to authorize methods with @LoggedIn annotation.
At the same time I am authenticating user with token at ContainerRequestFilter.
@Inject
AuthenticationService authenticationService;
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
String authToken = requestContext.getHeaderString(AUTH_TOKEN);
try {
authenticationService.authenticateWithToken(authToken);
} catch (LoginException e) {
log.info(e.getMessage());
}
}
I have faced the problem that container firstly executes SecurityInterceptor and then ContainerRequestFilter and user gets not authenticated.
Is there any way to change the execution order?
My beans.xml:
<beans xmlns="http://ift.tt/nSRXKP" xmlns:xsi="http://ift.tt/ra1lAU"
xsi:schemaLocation="http://ift.tt/nSRXKP http://ift.tt/1fbVfcw">
<interceptors>
<class>org.apache.deltaspike.security.impl.extension.SecurityInterceptor</class>
</interceptors>
Aucun commentaire:
Enregistrer un commentaire