Does someone know how I can extend the dropwizard interface? Now it just have the required option, but I need to add rights for the anooteted method.
For example:
I have a user admin and a normal user. Both can authenticate and reaches my @auth annotated ressource. But I want to allow some (not all) http method request just for admins and dissalow for normal user. How can I do this outside of ressource? Something like
@Auth(required = true, right="admin", httpMethod="POST") User user)
@Auth(required = true, right="normalUser", httpMethod="GET") User user)
@Auth(required = true, right="masterOfTheuniverse", httpMethod="*") User user)
As annotation inheritance is not supported by Java; you can't.
I had a similar case so I had ended up copying the relevant classes from dropwizard and modify as I wished. I've combined AuthFilter with OAuthCredentialFilter as I didn't need the abstraction, and used my own class instead of Authenticator<C,P>.
Note: I've just realized, they have rewritten the @Auth logic using RequestFilters for the next release which looks more flexible and could meet your needs (I might just migrate to that too). The current version (0.8.x) uses Factorys, which you can find at Java8 implementation. Also the Auth annotation which is not in the master branch anymore.