Hi Ankur,
First part of answer for the client side:
The easiest way to setup filters dynamically on client side is to add them into
ClientProviderFactory.
You need to register own CXF interceptor (on bus or client level) looks like:
public class DynamicFilterController extends AbstractPhaseInterceptor<Message> {
public DynamicFilterController() {
super(Phase.PRE_LOGICAL);
getBefore().add(ClientRequestFilterInterceptor.class.getName());
}
@Override
public void handleMessage(Message message) throws Fault {
ClientProviderFactory pf = ClientProviderFactory.getInstance(message);
if (pf == null) {
return;
}
List<Object> providers = Arrays.asList(new TestClientRequestFilter(),
new TestClientResponseFilter());
pf.setUserProviders(providers);
}
}
In this interceptor you can decide which filters or JAX-RS interceptors have to
be added and use ClientProviderFactory.setUserProviders() to configure them
dynamically.
Important that DynamicFilterController is called before
ClientRequestFilterInterceptor activating client JAX-RS filter chain.
I can provide you small example illustrating this approach.
Regards,
Andrei.
> -----Original Message-----
> From: Ankur Bahre [mailto:[email protected]]
> Sent: Mittwoch, 27. Februar 2019 11:10
> To: [email protected]
> Subject: CXF JOSE: Automatic Injection of Security Providers
>
> Hello Team,
>
> We are working on a project where we need to implement CXF JOSE based
> security features for encryption(JWE) and signing(JWS) to the REST based
> requests and responses. In order to add providers and filters for encryption
> and
> signing of JSON request/response, we would like to implement automatic
> injection of such providers and filters.
>
> We have identified a way to have a provider listener that implements
> ServerLifeCycleListener and to override the startServer() method to add
> filters
> and providers so that on server startup, these filters would be automatically
> injected to the interceptor chain.
>
> We would like to know if we can add providers and filters through any
> interceptors so that they are added dynamically to the interceptor chain.
> Please
> also find below the code snippet of the work we have done so far for injection
> but with no success.
>
> ****************************************************************
> *************************************************
> Code Snippet Start
> ****************************************************************
> *************************************************
>
> import org.apache.cxf.endpoint.Server;
> import org.apache.cxf.endpoint.ServerLifeCycleListener;
> import org.apache.cxf.jaxrs.interceptor.JAXRSInInterceptor;
> import org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor;
> import org.apache.cxf.rs.security.jose.jaxrs.JweContainerRequestFilter;
> import org.apache.cxf.rs.security.jose.jaxrs.JweWriterInterceptor;
> import org.apache.cxf.rs.security.jose.jaxrs.JwsContainerRequestFilter;
> import org.apache.cxf.rs.security.jose.jaxrs.JwsWriterInterceptor;
>
>
> public class ProviderListener implements ServerLifeCycleListener {
>
> private JAXRSInInterceptor inInterceptor = new
> JAXRSInInterceptor();
> private JAXRSOutInterceptor outInterceptor = new
> JAXRSOutInterceptor();
>
>
> public ProviderListener() {
> super();
> }
>
> @Override
> public void startServer(Server server) {
>
>
> System.out.println("Inside provider
> listener");
> System.out.println("Inside provider
> listener");
>
>
> outInterceptor.getBefore().add(JweWriterInterceptor.class.getName());
>
> outInterceptor.getBefore().add(JwsWriterInterceptor.class.getName());
>
> inInterceptor.getBefore().add(JweContainerRequestFilter.class.getName());
>
> inInterceptor.getBefore().add(JwsContainerRequestFilter.class.getName());
>
>
> server.getEndpoint().getInInterceptors().add(inInterceptor);
>
> server.getEndpoint().getOutInterceptors().add(outInterceptor);
>
> }
>
> @Override
> public void stopServer(Server server) {
> }
> }
>
> ****************************************************************
> *************************************************
> Code Snippet End
> ****************************************************************
> *************************************************
>
>
> Any response in this regard is highly appreciated.
>
> Best Regards,
>
> Ankur Bahre
>
As a recipient of an email from Talend, your contact personal data will be on
our systems. Please see our contacts privacy notice at Talend, Inc.
<https://www.talend.com/contacts-privacy-policy/>
