Java/Jersey 在执行任何操作之前运行我的所有资源

Question

我正在使用 Java/Jersey 开发一个 rest 应用程序，但我在应用程序的行为方面遇到了一些问题。

问题是...我有一个文件夹，我在其中放置了我的资源，它们扩展了一个名为 API 的父类，它执行基于令牌的身份验证。

问题是当我访问任何应用程序端点时，父类中的验证方法会在访问我的模型之前运行多次。 谁能告诉我为什么会这样？

我的父类 API

@Provider
public class Api extends GensonContextResolver implements ContainerRequestFilter {

    @Context
    private UriInfo info;

    public static final String AUTHENTICATION_TOKEN = "token";

    protected ObjectResponse objectResponse;
    protected UsuariosModel userInfo;

    public Api() {

    }

    @Override
    public void filter(ContainerRequestContext containerRequest) throws WebApplicationException {

        this.objectResponse = new ObjectResponse();
        this.userInfo = new UsuariosModel();

        UriInfo info = containerRequest.getUriInfo();

        // não realiza a valização se o  endpoint for o de validação de acesso
        if(info.getPath().equals("autenticacao/valida-acesso")) {
            return;
        }

        try {

            String token = containerRequest.getHeaderString(AUTHENTICATION_TOKEN);

            AutenticacaoController autenticacaoControler = new AutenticacaoController();
            this.objectResponse = autenticacaoControler.validaToken(token);

            UsuariosController usuariosController = new UsuariosController();
            this.userInfo = usuariosController.selecionaDadosUsuario(token);


        } catch (SQLException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        } catch (NamingException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

        if (this.objectResponse.getMessage() != null) {
            Response response = Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
            containerRequest.abortWith(response);   
        }

    }
}

资源示例

@Path("/descontos")
public class DescontosResource extends Api{

    public DescontosResource() {

    }

    @GET
    @Produces(MediaType.APPLICATION_JSON)
    public Response doGet() throws SQLException, NamingException {
        DescontosController descontosController = new DescontosController();
        this.objectResponse = descontosController.selecionaDescontos();
        return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
    }

    @POST
    @Path("clientes")
    @Produces(MediaType.APPLICATION_JSON)
    @Consumes(MediaType.APPLICATION_JSON)
    public Response doPostClientes(DescontosModel descontos) throws SQLException, NamingException {
        DescontosController descontosController = new DescontosController();
        this.objectResponse = descontosController.cadastraDescontosClientes(descontos);
        return Response.status(this.objectResponse.getCode()).entity(this.objectResponse).build();
    }
}

Answer 1

我在这两个链接上找到了答案：

Best practice for REST token-based authentication with JAX-RS and Jersey

和

Jersey ContainerRequestFilter not triggered

我已经从 Api 类中删除了我的代码，并将过滤器移到了其他地方。最后将我的 web.xml 更新为：

<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
    <init-param>
      <param-name>jersey.config.server.provider.packages</param-name>
      <param-value>com.sib.resources; com.sib.filters</param-value>
    </init-param>
    <init-param>
        <param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
        <param-value>com.sib.filters.AutenticacaoFilter</param-value>
    </init-param>