Jersey and exyus

2008-03-07 @ 20:34#

Marc Hadley offers a post on how to set up RESTful authentication (i.e. HTTP Auth) using Jersey. while i don't travel in the Java world, i notice that the basic look-and-feel of Jersey is quite close to the exyus engine i've been working on for the last several months.

for example, check out a comparison of a Jersey and exyus for the "helloword" sample:

// The Java class will be hosted at the URI path "/helloworld"
@Path("/helloworld")
public class HelloWorldResource {

    @HttpContext
    private UriInfo context;

    /** Creates a new instance of HelloWorldResource */
    public HelloWorldResource() {
    }

   /**
   * Retrieves representation of an instance of hello.world.HelloWorldResource
   * @return an instance of java.lang.String
   */
   @GET
   @ProduceMime("text/plain")
   public String getClichedMessage() {
       //Return some cliched textual content
       "Hello World! Here is " + context.getAbsolutePath();
   }
}

// the exyus (C#) version of "/helloworld"
[UriPattern(@"/helloworld\.xcs"")]
[MediaTypes("text/plain")]
public class HelloWorldResource : StaticResource
{
    public HelloWorldResource()
    {
        this.Content = "Hello World! Here is $_absolute-path$";
    }
}

they handle authentication declarations similarly as well. Jersey uses sections in the web.xml to declare a secured path and exyus uses auth-urls.xml and auth-users.xml to handle the details:

// jersey web.xml
<security-constraint>
    <display-name>DropBox</display-name>
    <web-resource-collection>
        <web-resource-name>DropBox</web-resource-name>
        <description></description>
        <url-pattern>/dropbox</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
        <http-method>HEAD</http-method>
        <http-method>PUT</http-method>
        <http-method>OPTIONS</http-method>
        <http-method>TRACE</http-method>
        <http-method>DELETE</http-method>
    </web-resource-collection>
    <auth-constraint>
        <description>Have to be a USER</description>
        <role-name>USERS</role-name>
    </auth-constraint>
</security-constraint>

// exyus auth-urls.xml
<urls>
	...
	<url path="/helloworld" auth="true" />
	...
</urls>
// exyus auth-users.xml
<users>
	...
	<user name="user" password="XXXXX">
		<role name="admin" />
		<permission path="/helloworld" methods="*" />
	</user>
	...
</users>

again, nice to see things moving along the same lines. the exyus code is a bit more 'terse' and i like that. but still, nice to see the similarities.

code