Determining security information using SecurityContext objects

Using Java API for RESTful Web Services (JAX-RS), you can use the SecurityContext object to access security information from the request context.

About this task

Using an injected SecurityContext object with the JAX-RS runtime environment, you can determine the security information of a Java EE container for a particular request. The procedure provides an example of returning the name of the user that made a request, if a user was logged in.

By using an injected javax.ws.rs.core.SecurityContext object by the JAX-RS runtime environment, you can determine the security information of a Java EE container for a particular request. For example, you can determine if the request was made over a secure transport or if the current user is in a role designated by the Java EE application. You can also determine the principal information of the logged-in user and the authentication scheme that is used.

The security information is helpful to determine whether the request is valid programmatically and to log secure requests, such as a request from a user who accessed an administrator page. To learn about setting up security, see the information about securing JAX-RS applications.

Procedure

Results

You have used the javax.ws.rs.core.SecurityContext object to help provide security information from the Java EE container.

Task topic    

Terms and conditions for information centers | Feedback

Last updated: April 18, 2014 05:01 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-nd-iseries&topic=twbs_jaxrs_contextobjects_securitycontext
File name: twbs_jaxrs_contextobjects_securitycontext.html