Jersey/JAX-RS expects SecurityContext to be set before you can retrieve any information about principal, user roles etc. Usually, in Jersey, this is done by dedicated ContainerRequestFilter. Take a look at the sample filter from one of our samples: SecurityFilter.
After this, you can inject SecurityContext
(using @Context
) into your resources or other providers such as filters. You can then also call containerRequest.getUserPrincipal()
without getting an UnsupportedOperationException
.
EDIT 1
If you need to obtain Principal
object in grizzly level you can inject the current Request
into your filter and then retrieve the value in filter
method.
@Context
private ThreadLocal<Request> request;