java.lang.Object
- org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature

All Implemented Interfaces:

DynamicFeature
```
public class RolesAllowedDynamicFeature
extends Object
implements DynamicFeature
```
A DynamicFeature supporting the jakarta.annotation.security.RolesAllowed, jakarta.annotation.security.PermitAll and jakarta.annotation.security.DenyAll on resource methods and sub-resource methods.
The SecurityContext is utilized, using the SecurityContext.isUserInRole(String) method, to ascertain if the user is in one of the roles declared in by a @RolesAllowed. If a user is in none of the declared roles then a 403 (Forbidden) response is returned.
If the @DenyAll annotation is declared then a 403 (Forbidden) response is returned.
If the @PermitAll annotation is declared and is not overridden then this filter will not be applied.
If a user is not authenticated and annotated method is restricted for certain roles then a 403 (Not Authenticated) response is returned.

Author:

Paul Sandoz, Martin Matula

Constructor Summary

Constructors
Constructor Description

RolesAllowedDynamicFeature()

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`void`	`configure(ResourceInfo resourceInfo, FeatureContext configuration)`	A callback method called by the JAX-RS runtime during the application deployment to register provider instances or classes in a `runtime configuration` scope of a particular `resource or sub-resource method`; i.e.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - RolesAllowedDynamicFeature
```
public RolesAllowedDynamicFeature()
```
- Method Detail
  - configure
```
public void configure(ResourceInfo resourceInfo,
                      FeatureContext configuration)
```
    Description copied from interface: DynamicFeature
    A callback method called by the JAX-RS runtime during the application deployment to register provider instances or classes in a runtime configuration scope of a particular resource or sub-resource method; i.e. the providers that should be dynamically bound to the method.
    The registered provider instances or classes are expected to be implementing one or more of the following interfaces:
    
    ContainerRequestFilter
    
    ContainerResponseFilter
    
    ReaderInterceptor
    
    WriterInterceptor
    
    Feature
    
    A provider instance or class that does not implement any of the interfaces above may be ignored by the JAX-RS implementation. In such case a warning message must be logged. JAX-RS implementations may support additional provider contracts that can be registered using a dynamic feature concept.
    
    Conceptually, this callback method is called during a resource or sub-resource method discovery phase (typically once per each discovered resource or sub-resource method) to register provider instances or classes in a configuration scope of each particular method identified by the supplied resource information. The responsibility of the feature is to properly update the supplied configuration context.
    Specified by:
    
    configure in interface DynamicFeature
    
    Parameters:
    
    resourceInfo - resource class and method information.
    
    configuration - configurable resource or sub-resource method-level runtime context associated with the resourceInfo in which the feature

Class RolesAllowedDynamicFeature

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

RolesAllowedDynamicFeature

Method Detail

configure