Java Reference
In-Depth Information
public
public
Customer
getCustomer
(
@PathParam
(
"id"
)
int
int
id
)
{
...
}
@PUT
@Path
(
"{id}"
)
@Consumes
(
"application/xml"
)
@OTPAuthenticated
@AllowedPerDay
(
1
)
public
public
void
void
updateCustomer
(
@PathParam
(
"id"
)
int
int
id
,
Customer update
)
{
...
}
The
getCustomer()
and
updateCustomer()
methods are now required to be OTP authen-
ticated.
Allowed-per-Day Access Policy
The next custom security feature we'll implement is an allowed-per-day access policy. The
idea is that for a certain JAX-RS method, we'll specify how many times each user is allowed
to execute that method per day. We will do this by applying the
@AllowedPerDay
annotation
to a JAX-RS method:
src/main/java/com/restfuly/shop/features/AllowedPerDay.java
@Target
({
ElementType
.
METHOD
,
ElementType
.
TYPE
})
@Retention
(
RetentionPolicy
.
RUNTIME
)
@NameBinding
public
public
@interface
AllowedPerDay
{
int
int
value
();
}
As with
@OTPAuthenticated
, we'll use a
@NameBinding
to bind the annotation to a specific
ContainerRequestFilter
. Let's take a look at that filter:
src/main/java/com/restfuly/shop/features/PerDayAuthorizer.java
@AllowedPerDay
(
0
)
@Priority
(
Priorities
.
AUTHORIZATION
)
public
public class
class
PerDayAuthorizer
PerDayAuthorizer
implements
implements
ContainerRequestFilter
{