Message Boards

  1. Home
  2. Development
  3. How to get HttpServletRequest in JSONWebService of a custom service?

How to get HttpServletRequest in JSONWebService of a custom service?

thumbnail
Ishaan Arora, modified 2 Years ago.

How to get HttpServletRequest in JSONWebService of a custom service?

New Member Posts: 7 Join Date: 3/19/15 Recent Posts

I have created a JSON Web service using service builder. While validating this web service call I need to check how many requests have been made from the caller's IP address to this web service. Hence I need the HttpServletRequest instance so that I can get the remote address by checking X_FORWARDED_FOR header. 

So far I am unable to get it. I have tried following but the LiferayPortletRequest received from ServiceContextThreadLocal is null.

ServiceContextThreadLocal.getServiceContext().getLiferayPortletRequest().getHttpServletRequest()

Please let me know if someone has been able to achieve it. I am using Liferay DXP 7.2

service builder
thumbnail
Mohammed Yasin, modified 2 Years ago.

RE: How to get HttpServletRequest in JSONWebService of a custom service?

Liferay Master Posts: 591 Join Date: 8/8/14 Recent Posts

Hi,

You will not have request object in JSON WebService Impl, For Audit/tracking purpose you can create Servlet Filter and use the request object there

https://help.liferay.com/hc/en-us/articles/360020486752-Servlet-Filters

thumbnail
Stian Sigvartsen, modified 2 Years ago.

RE: How to get HttpServletRequest in JSONWebService of a custom service? (Answer)

New Member Posts: 6 Join Date: 5/1/15 Recent Posts

Hi Ishaan. Because this is to do with access control, I would suggest you implement a com.liferay.portal.kernel.security.access.control.AccessControlPolicy in a @Component.

Your implementation of onServiceRemoteAccess() will then get called. From there you can static call com.liferay.portal.kernel.security.access.control.AccessControlUtil#getAccessControlContex . This will allow access to the HttpServletRequest .

The Filter approach is also viable, but likely more sensitive to product changes in the future.

thumbnail
Ishaan Arora, modified 2 Years ago.

RE: How to get HttpServletRequest in JSONWebService of a custom service?

New Member Posts: 7 Join Date: 3/19/15 Recent Posts

Thank you Mohammed Yasin and Stian Sigvartsen for you answers. 

I was familiar with the filter approach but it did not suit my needs as my purpose was more than auditing. I took the AcessControlPolicy approch suggested by Stian and reached the desired ourcome.