Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I intercept every rest request to check security?

JamieA
JamieA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 3, 2014

Let's say I have some rest modules, a bunch of classes and endpoints.

In every case I want to check the user accessing is admin. I don't really want to add the code to every method, eg:

if (! isAdmin) {return Response.status(403).build()}

Has anyone used a request interceptor to handle these kind of security requirements? I looked at some various blogs, eg http://anismiles.wordpress.com/2012/03/02/securing-versioning-and-auditing-rest-jax-rs-jersey-apis/, but it doesn't seem as simple as I think it should be.

Ideally I was hoping for an @AdminRequired annotation. Also this is cross-product so I can't use anything that only exists in say jira.

Watch
Like Dastin_Kuwałek__SoftwarePlant_ likes this
1835 views

2 answers

1 accepted

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Answer accepted
JamieA
JamieA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 4, 2014

To answer my own question, @ResourceFilters was what I was looking for.

> Anyone know how to find out what version of the rest-common plugin is in each product?

https://developer.atlassian.com/display/DOCS/REST+API+Plugin+Version+Matrix, but it's not up to date.

Reply
0 votes
JamieA
JamieA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 3, 2014

Maybe I will try to use this: https://bitbucket.org/atlassian/atlassian-rest/src/cc7f6aa16c340e5c7860b6fd6d611395396f0313/atlassian-rest-common/src/main/java/com/atlassian/plugins/rest/common/security/jersey/AdminOnlyResourceFilter.java?at=master- seems to be what I am looking for. Anyone know how to find out what version of the rest-common plugin is in each product?

Reply
Atlassian logo
Answers Developer Questions
TAGS
AUG Leaders

Atlassian Community Events

    See all events