嵌入式码头:如何在http请求到达后立即运行安全处理程序?

我正在使用嵌入式码头和泽西岛。我的问题是：是否有可能在 HTTP 请求到达泽西类之前使码头SecurityHandler生效？

这是我的代码：(很抱歉可能太多了。 码头服务器初始化的类：

public class JettyHttpComponent extends AbstractLifeCycleComponent {
private static final String REST_SOURCE_KEY = "jersey.config.server.provider.classnames";
//TODO Security config and implementation
public int start() throws RuntimeException {
Server jettyServer = new Server(8080);
ServletContextHandler context = new ServletContextHandler(jettyServer, "/", ServletContextHandler.SESSIONS|ServletContextHandler.SECURITY);
context.setContextPath("/");
context.setSecurityHandler(basicAuth());

ServletHolder jerseyServlet = context.addServlet(
org.glassfish.jersey.servlet.ServletContainer.class, "/*");
jerseyServlet.setInitOrder(0);
//load rest resources
jerseyServlet.setInitParameter(REST_SOURCE_KEY, IndexService.class.getCanonicalName());

try {
jettyServer.start();
jettyServer.join();
} catch(Exception e) {
e.printStackTrace();
} finally {
jettyServer.destroy();
}
return 0;
}
public int stop() throws RuntimeException {
//close resources
try {
close();
} catch (IOException e) {
throw new RuntimeException(e);
}
System.out.println("Server stopped.");
return 0;
}
private SecurityHandler basicAuth() {
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
LoginService loginService = new LDAPLoginService();
securityHandler.setLoginService(loginService);  
return securityHandler;
}
}

basicAuth()中的LDAPLoginService类是我自定义的登录类扩展AbstractLoginService。

泽西类处理 http 请求：

@Path("/index")
public class IndexService extends BaseRestService {
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response index(@Context SecurityContext securityContext,
@Context HttpHeaders headers,
@Context HttpServletRequest httpRequest,
@QueryParam("algorithm") String algorithm,
@QueryParam("executionMode") String mode,
String request) {
long t1 = System.currentTimeMillis();
String response = null;
IndexContext context = null;
try {
init();
//setup context with security, headers, options and request
ServiceUserContext suc = buildServiceUserContext(securityContext, httpRequest);
if (suc == null) {
return Response.status(Status.UNAUTHORIZED).entity(response).build();
}
ServiceDataContext sdc = buildServiceDataContext(request);
context = IndexContext.builder().algorithm(algorithm).serviceDataContext(sdc).
serviceUserContext(suc).build();
//dispatch service to entity matching core services
dispatch(context);
} catch(Throwable t) {
handlerErrors(t, context);
} finally {
if (context != null) {
close(context);
response = context.getServiceDataContext().getResponse();
System.out.println("Index takes: " + (System.currentTimeMillis() - t1) + " ms");
}
}
return Response.status(Status.OK).entity(response).build();
}   
}

在方法buildServiceDataContext()中，我调用了securityContext.getUserPrincipal()，并且扩展AbstractLoginService的LDAPLoginService类在达到securityContext.getUserPrincipal()之前不执行任何操作。是否可以在一开始就运行安全检查，甚至在 Jersey 类开始处理请求之前？谢谢。