Hi Ankur, Anders, I don't know much about JOSE, but would it be possible to either auto-register your providers using JAX-RS's @Provider annotation on you interceptor and filter classes or explicitly register them by overriding the getSingletons() method in an Application subclass? These approaches should work in most JAX-RS 2.X environments.
Hope this helps, Andy On Wed, Feb 27, 2019 at 7:26 AM Anders Rundgren < [email protected]> wrote: > On 2019-02-27 11:10, Ankur Bahre wrote: > > Hello Team, > > > > We are working on a project where we need to implement CXF JOSE based > security features for encryption(JWE) and signing(JWS) to the REST based > requests and responses. In order to add providers and filters for > encryption and signing of JSON request/response, we would like to implement > automatic injection of such providers and filters. > > > > We have identified a way to have a provider listener that implements > ServerLifeCycleListener and to override the startServer() method to add > filters and providers so that on server startup, these filters would be > automatically injected to the interceptor chain. > > > > We would like to know if we can add providers and filters through any > interceptors so that they are added dynamically to the interceptor chain. > Please also find below the code snippet of the work we have done so far for > injection but with no success. > > I'm also super-interested in how you do this! > > https://cyberphone.github.io/ietf-signed-http-requests/hotrfc-shreq.pdf > > Anders > PS. Don't look at the I-D; it will change fundamentally before IETF 104 DS > > > > > > > ***************************************************************************************************************** > > Code Snippet Start > > > ***************************************************************************************************************** > > > > import org.apache.cxf.endpoint.Server; > > import org.apache.cxf.endpoint.ServerLifeCycleListener; > > import org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor; > > import org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor; > > import org.apache.cxf.rs.security.jose.jaxrs.JweContainerRequestFilter; > > import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor; > > import org.apache.cxf.rs.security.jose.jaxrs.JwsContainerRequestFilter; > > import org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor; > > > > > > public class ProviderListener implements ServerLifeCycleListener { > > > > private JAXRSInInterceptor inInterceptor = new > JAXRSInInterceptor(); > > private JAXRSOutInterceptor outInterceptor = new > JAXRSOutInterceptor(); > > > > > > public ProviderListener() { > > super(); > > } > > > > @Override > > public void startServer(Server server) { > > > > > > System.out.println("Inside provider > listener"); > > System.out.println("Inside provider > listener"); > > > > > outInterceptor.getBefore().add(JweWriterInterceptor.class.getName()); > > > outInterceptor.getBefore().add(JwsWriterInterceptor.class.getName()); > > > inInterceptor.getBefore().add(JweContainerRequestFilter.class.getName()); > > > inInterceptor.getBefore().add(JwsContainerRequestFilter.class.getName()); > > > > > server.getEndpoint().getInInterceptors().add(inInterceptor); > > > server.getEndpoint().getOutInterceptors().add(outInterceptor); > > > > } > > > > @Override > > public void stopServer(Server server) { > > } > > } > > > > > ***************************************************************************************************************** > > Code Snippet End > > > ***************************************************************************************************************** > > > > > > Any response in this regard is highly appreciated. > > > > Best Regards, > > > > Ankur Bahre > > > > > > > >
