Here is my use case.
I develop one API jar which I can use for server and client part to request my JAX-RS services. This contains interfaces with @Path and other javax.ws.rs annotations.
On the server part I have the concrete implementation of those interfaces.
There, I want to develop a specific security Filter using the PreProcessInterceptor and AcceptedByMethod technics to handle specific home brewed annotations on methods I want to protect.
My problem is that the AcceptedByMethod.accept and PreProcessInterceptor.preProcess receive the declaring method (the one which is annotated with @Path I suppose) and not the real one, the one that will be invoked a bit after, the one of the "target" Object in ResourceMethod.invokeOnTarget(request, response, target).
That's my interface in api.jar :
That's my implementation in my server.war :
My SecurityInterceptor will receive RestService.compute in ResourceMethod.getMethod() for preProcess(HttpRequest, ResourceMethod), and not RestServiceImpl.compute, so I can't retreive the @AllowedRole on that method in order to handle security...