Added: openejb/trunk/openejb3/examples/ejb-examples/src/main/java/org/apache/openejb/examples/servlet/SecureServlet.java URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/ejb-examples/src/main/java/org/apache/openejb/examples/servlet/SecureServlet.java?rev=579817&view=auto ============================================================================== --- openejb/trunk/openejb3/examples/ejb-examples/src/main/java/org/apache/openejb/examples/servlet/SecureServlet.java (added) +++ openejb/trunk/openejb3/examples/ejb-examples/src/main/java/org/apache/openejb/examples/servlet/SecureServlet.java Wed Sep 26 14:56:30 2007 @@ -0,0 +1,92 @@ +/** + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.openejb.examples.servlet; + +import javax.ejb.EJB; +import javax.ejb.EJBAccessException; +import javax.servlet.ServletException; +import javax.servlet.ServletOutputStream; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.security.Principal; + +public class SecureServlet extends HttpServlet { + @EJB + private SecureEJBLocal secureEJBLocal; + + protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + response.setContentType("text/plain"); + ServletOutputStream out = response.getOutputStream(); + + out.println("Servlet"); + Principal principal = request.getUserPrincipal(); + if (principal != null) { + out.println("Servlet.getUserPrincipal()=" + principal + " [" + principal.getName() + "]"); + } else { + out.println("Servlet.getUserPrincipal()=<null>" ); + } + out.println("Servlet.isCallerInRole(\"user\")=" + request.isUserInRole("user")); + out.println("Servlet.isCallerInRole(\"manager\")=" + request.isUserInRole("manager")); + out.println("Servlet.isCallerInRole(\"fake\")=" + request.isUserInRole("fake")); + out.println(); + + out.println("@EJB=" + secureEJBLocal); + if (secureEJBLocal != null) { + principal = secureEJBLocal.getCallerPrincipal(); + if (principal != null) { + out.println("@EJB.getCallerPrincipal()=" + principal + " [" + principal.getName() + "]"); + } else { + out.println("@EJB.getCallerPrincipal()=<null>" ); + } + out.println("@EJB.isCallerInRole(\"user\")=" + secureEJBLocal.isCallerInRole("user")); + out.println("@EJB.isCallerInRole(\"manager\")=" + secureEJBLocal.isCallerInRole("manager")); + out.println("@EJB.isCallerInRole(\"fake\")=" + secureEJBLocal.isCallerInRole("fake")); + + try { + secureEJBLocal.allowUserMethod(); + out.println("@EJB.allowUserMethod() ALLOWED"); + } catch(EJBAccessException e) { + out.println("@EJB.allowUserMethod() DENIED"); + } + + try { + secureEJBLocal.allowManagerMethod(); + out.println("@EJB.allowManagerMethod() ALLOWED"); + } catch(EJBAccessException e) { + out.println("@EJB.allowManagerMethod() DENIED"); + } + + try { + secureEJBLocal.allowFakeMethod(); + out.println("@EJB.allowFakeMethod() ALLOWED"); + } catch(EJBAccessException e) { + out.println("@EJB.allowFakeMethod() DENIED"); + } + + try { + secureEJBLocal.denyAllMethod(); + out.println("@EJB.denyAllMethod() ALLOWED"); + } catch(EJBAccessException e) { + out.println("@EJB.denyAllMethod() DENIED"); + } + } + out.println(); + } +}
Modified: openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/WEB-INF/web.xml URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/WEB-INF/web.xml?rev=579817&r1=579816&r2=579817&view=diff ============================================================================== --- openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/WEB-INF/web.xml (original) +++ openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/WEB-INF/web.xml Wed Sep 26 14:56:30 2007 @@ -25,7 +25,7 @@ <servlet> <servlet-name>AnnotatedServlet</servlet-name> - <servlet-class>org.apache.openejb.examples.servlet.AnnotatedServlet</servlet-class> + <servlet-class>org.apache.openejb.examples.servlet.RunAsServlet</servlet-class> </servlet> <servlet-mapping> @@ -42,4 +42,42 @@ <servlet-name>JpaServlet</servlet-name> <url-pattern>/jpa/*</url-pattern> </servlet-mapping> + + <servlet> + <servlet-name>RunAsServlet</servlet-name> + <servlet-class>org.apache.openejb.examples.servlet.RunAsServlet</servlet-class> + <run-as> + <role-name>fake</role-name> + </run-as> + </servlet> + + <servlet-mapping> + <servlet-name>RunAsServlet</servlet-name> + <url-pattern>/runas/*</url-pattern> + </servlet-mapping> + + <servlet> + <servlet-name>SecureServlet</servlet-name> + <servlet-class>org.apache.openejb.examples.servlet.SecureServlet</servlet-class> + </servlet> + + <servlet-mapping> + <servlet-name>SecureServlet</servlet-name> + <url-pattern>/secure/*</url-pattern> + </servlet-mapping> + + <security-constraint> + <web-resource-collection> + <web-resource-name>Secure Area</web-resource-name> + <url-pattern>/secure/*</url-pattern> + <url-pattern>/runas/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>user</role-name> + </auth-constraint> + </security-constraint> + + <login-config> + <auth-method>BASIC</auth-method> + </login-config> </web-app> Modified: openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/index.jsp URL: http://svn.apache.org/viewvc/openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/index.jsp?rev=579817&r1=579816&r2=579817&view=diff ============================================================================== --- openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/index.jsp (original) +++ openejb/trunk/openejb3/examples/ejb-examples/src/main/webapp/index.jsp Wed Sep 26 14:56:30 2007 @@ -3,5 +3,7 @@ <h2>Hello World!</h2> <a href="annotated">Annotated Servlet</a> <br> <a href="jpa">JPA Example</a> <br> +<a href="secure">Secure</a> <br> +<a href="runas">RunAs</a> <br> </body> </html>
