1
I implemented a service with JAX-RS that features GET and POST operations:
@Path("/funcionario")
@Singleton
public class FuncionarioService {
private List<Funcionario> funcionarios = new ArrayList<>();
@GET
@Path("/{nome}")
@Produces(MediaType.APPLICATION_JSON)
public Response buscarFuncionario(@PathParam(value = "nome") String nome) {
for (Funcionario funcionario : funcionarios) {
if (funcionario.getNome().equals(nome))
return Response.ok(funcionario.toJSON()).build();
}
return Response.status(404).build();
}
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces({ MediaType.APPLICATION_JSON })
public Response criarFuncionario(Funcionario funcionario, @Context UriInfo uriInfo) throws URISyntaxException {
Boolean criado = criar(funcionario);
URI location = uriInfo.getAbsolutePathBuilder().path(funcionario.getNome()).build();
if (criado) {
return Response.created(location).build();
} else {
return Response.status(HttpStatus.SEE_OTHER_303.getStatusCode()).location(location).build();
}
}
}
When I call the GET method, I get the expected response from resource not found:
curl -XGET http://localhost:8080/servicorestfuljee/funcionario/giuliana --verbose
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /funcionario/giuliana HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Connection: keep-alive
< X-Powered-By: Undertow/1
< Server: JBoss-EAP/7
< Content-Length: 74
< Content-Type: text/html
< Date: Fri, 05 Oct 2018 11:51:47 GMT
To support authentication, I created a user named user password-protected password through the script located in $JBOSS_HOME/bin/add-user.sh adding this user to the group user.
After that, I added security to my services in the web.xml file, thus making them request password whenever they are accessed:
<security-constraint>
<web-resource-collection>
<web-resource-name>servicorestfuljee</web-resource-name>
<url-pattern>/funcionario/*</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>POST</http-method>
<http-method>PATCH</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>ApplicationRealm</realm-name>
</login-config>
<security-role>
<role-name>user</role-name>
</security-role>
Now, if I try to access the service without password, I will get error 401:
curl -XGET http://localhost:8080/servicorestfuljee/funcionario/giuliana --verbose
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET /servicorestfuljee/funcionario/giuliana HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Expires: 0
< Cache-Control: no-cache, no-store, must-revalidate
< X-Powered-By: Undertow/1
< Server: JBoss-EAP/7
< Pragma: no-cache
< Date: Fri, 05 Oct 2018 12:12:27 GMT
< Connection: keep-alive
< WWW-Authenticate: Basic realm="ApplicationRealm"
< Content-Type: text/html;charset=UTF-8
< Content-Length: 71
By informing the user and password, I can access the GET method:
curl -XGET http://localhost:8080/servicorestfuljee/funcionario/giuliana -u user:password --verbose
Note: Unnecessary use of -X or --request, GET is already inferred.
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Server auth using Basic with user 'user'
> GET /servicorestfuljee/funcionario/giuliana HTTP/1.1
> Host: localhost:8080
> Authorization: Basic dXNlcjpwYXNzd29yZA==
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Expires: 0
< Cache-Control: no-cache, no-store, must-revalidate
< X-Powered-By: Undertow/1
< Server: JBoss-EAP/7
< Pragma: no-cache
< Date: Fri, 05 Oct 2018 12:16:12 GMT
< Connection: keep-alive
< Content-Type: text/html;charset=UTF-8
< Content-Length: 68
But if I try to access the POST, I get 405 error:
curl --header "Content-Type: application/json" -XPOST --data '{"nome": "giuliana","idade": 20, "cargo": "arquiteta de software"}' http://localhost:8080/servicorestfuljee/funcionario --verbose -u user:password
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
* Server auth using Basic with user 'user'
> POST /servicorestfuljee/funcionario HTTP/1.1
> Host: localhost:8080
> Authorization: Basic dXNlcjpwYXNzd29yZA==
> User-Agent: curl/7.58.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 66
>
* upload completely sent off: 66 out of 66 bytes
< HTTP/1.1 405 Method Not Allowed
< Expires: 0
< Cache-Control: no-cache, no-store, must-revalidate
< X-Powered-By: Undertow/1
< Server: JBoss-EAP/7
< Pragma: no-cache
< Date: Fri, 05 Oct 2018 12:16:46 GMT
< Connection: keep-alive
< Content-Type: text/html;charset=UTF-8
< Content-Length: 104
I looked in the Jboss EAP 7 documentation for something to configure the available HTTP methods, but I didn’t find much. How can I fix this problem in a safe way?
Already tried to do the POST with
servicosrestfuljee/funcionario/, with the slider at the end? Since your slider has the slider at the end:/funcionario/*– Pedro
I tried here, still gives error 405 :/
– Giuliana Bezerra
do you want to change the error code? type from 405 to 401?
– cpll
I need the system to accept the POST, have to return the created object. I put a breakpoint in the service and when I call it doesn’t even reach it. It’s like the endpoint doesn’t exist.
– Giuliana Bezerra
does a test, adds something to the path of your method, e.g. @Path("/collaborator/{name}")
– cpll
I solved the problem, it had to do with the path and the lack of a configuration! Thanks for the help, guys!
– Giuliana Bezerra