You should definitely check the JAX-RS filters (org.apache.cxf.jaxrs.ext.RequestHandler) to intercept, verify, process the request, for example. for security parameters or parameter validation.
If you declared all of your parameters using annotations, you can parse the web.xml file for resource class names (see a possible regular expression below) and use the full class names to access the declared annotations for methods (e.g. javax.ws. Rs. GET) and method parameters (for example, javax.ws.rs.QueryParam) for scanning all available web service resources - this way you do not need to manually add all resource classes to your filter. Store this information in static variables, so you just need to parse this material the first time you click on your filter.
In your filter, you can access org.apache.cxf.message.Message for an incoming request. The query string is easy to access - if you also want to check the form parameters and multi-line names, you should use the contents of the message and write it back to the message (this is a bit unpleasant since you have to deal with multi-page borders, etc.).
To βindexβ resources, I just take the HTTP method and add a path (which is then used as a key to access the declared parameters.
You can use ServletContext to read the web.xml file. For retrieving resource classes, this regular expression may be useful
String webxml = readInputStreamAsString(context.getResourceAsStream("WEB-INF/web.xml")); Pattern serviceClassesPattern = Pattern.compile("<param-name>jaxrs.serviceClasses</param-name>.*?<param-value>(.*?)</param-value>", Pattern.DOTALL | Pattern.MULTILINE);