我正在尝试使用Restlet实现RESTful
API，除了基本的角色和方法授权者之外，我发现的东西很少。我已经在数据库中存储了用户可以访问的路由和这些路由的方法。我现在遇到的问题是如何在Authorizer中获取路径。这是我需要收集的资源吗？我应该如何精确路由到授权者？我已经发布了到目前为止我正在查看的内容，如何在授权器中获取路径或资源。感谢您提供任何信息，尽管我浏览了书籍和许多通用示例，但没有发现我所寻找的内容安静。

我的路由应用程序：

public class MyRoutingApp extends org.restlet.Application {

    @Override  
    public synchronized Restlet createInboundRoot() {

        Context context = getContext();
        Router router = new Router(context);

        router.attach("/user", Users.class);
        router.attach("/post", Posts.class);
        router.attach("/comment", Comments.class);

        ChallengeAuthenticator authenticator = new ChallengeAuthenticator( 
                context, ChallengeScheme.HTTP_BASIC, "My test realm" );

        //create Verifier to ensure that the user is authenicated
        MyVerifier verifier = new MySecretVerifier();
        //grab user Roles and add them to the request
        MyEnroler enroler = new MyEnroler();

        authenticator.setVerifier( verifier );
        authenticator.setEnroler( enroler );

        //Looks up if user can be allowed to resource
        MyAuthorizer authorizer = new MyAuthorizer();
        authorizer.setNext( router );

        authenticator.setNext( authorizer );
        return authenticator; 
    }
}

我的授权人：

public class MyAuthorizer extends Authorizer {

    @Override
    protected boolean authorize( Request request, Response response ) {

        //has the security roles and user from verifier and enroler
        ClientInfo info = request.getClientInfo();
        //get http method
        Method method = request.getMethod();

        //need to get the route or resource user is attempting to access
        //allow or disallow access based on roles and method
    }
}