@Override public void filter(final ContainerRequestContext requestContext) throws IOException { String method = requestContext.getMethod(); String requestUrl = requestContext.getUriInfo().getPath(); // We do allow wadl to be retrieve if (method.equals("GET") && (requestUrl.indexOf("application.wadl") > -1 || requestUrl.indexOf("api-docs") > -1)) { return; } // Get the authentification passed in HTTP headers parameters String authToken = requestContext.getHeaderString("authorization"); SecurityContext context = null; if (StringUtils.isNotBlank(authToken)) { AuthorizationRequestContext authRequestContext = AuthorizationRequestContext.with() .httpMethod(method) .requestUrl(requestUrl) .authorizationToken(authToken) .build(); context = authorizationService.authorize(authRequestContext); } else { context = new SecurityContextImpl(); } requestContext.setSecurityContext(context); }