Hi Chris, It appears that Jersey is scanning a package path and doing its own inspection of its own annotations. Naturally it is unaware of Shiro annotations, so there are two options that I can think of:
1. Someone codes some integration mechanism to allow Jersey to recognize and enforce Shiro annotations or 2. You enable an AOP framework like the AspectJ example to enforce Shiro annotations. #2 is definitely the path of least resistance as it is already working and supported by Shiro. If you're using Spring, you can use the Spring AOP support instead. HTH, -- Les Hazlewood CTO, Katasoft | http://www.katasoft.com | 888.391.5282 twitter: @lhazlewood | http://twitter.com/lhazlewood katasoft blog: http://www.katasoft.com/blogs/lhazlewood personal blog: http://leshazlewood.com On Wed, Jan 25, 2012 at 6:15 PM, crichmond <[email protected]> wrote: > We are not using any type of AOP as far as I know. The resource class for > the Jersey rest endpoints are simple written /configured with @Path info > like the sample > > (That resource class/endpoint method i posted before is found in > the my.web.packages) > > and set up on the embedded Jetty server like so: > > ResourceConfig rc = new PackagesResourceConfig( > "my.web.packages"); > > ServletHolder jerseyHolder = new ServletHolder(new > ServletContainer(rc)); > jerseyHolder.setName("REST API"); > myContext.addServlet(jerseyHolder, "/"); > > ServletMapping mapping = new ServletMapping(); > ServletHandler servletHandler = myContext.getServletHandler(); > mapping.setServletName("REST API"); > mapping.setPathSpec("/*"); > servletHandler.addServletMapping(mapping); > > -- > View this message in context: > http://shiro-user.582556.n2.nabble.com/Securing-Jersey-resouces-with-Shiro-tp7225690p7225798.html > Sent from the Shiro User mailing list archive at Nabble.com.
