We are using CXF 3.x, project has classes MyFeature extends AbstractFeature and `MyFilter extends OAuthRequestFilter.
Inside MyFeature class object of MyFilter created as MyFilter myFilter = new MyFilter (classObj); where classObj is object of class on which filter needs to be applied.
When I hit endpoint it throws error as 403.
Further when I used debugger and LOG messages, I come to know that inside file org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor (cxf-core version 3.0.4.redhat-621159) there is function getTargetMethod and inside that method evaluation of BindingOperationInfo and m.get("org.apache.cxf.resource.method") are coming null, due to which I am getting 403.
Note: We are using osgi (jboss) bundle as deployment strategy.
Filters executed by JAXRSInInterceptor are in unmarshal state. In this state org.apache.cxf.resource.method remains null. I created interceptor in state PRE_STREAM and at that time org.apache.cxf.resource.method gives you correct name that should be executed.