Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Path("/authenticate")
- @RolesAllowed({"Admin","Guest"})
- public class BasicAuthenticationSecurity {
- @GET
- @Path("/wbiPing")
- @Produces(MediaType.TEXT_PLAIN)
- @RolesAllowed("Admin")
- public Response wbiPing(){
- System.out.println("Pinged!!!");
- return Response.ok("Pinged!!!").build();
- }
- }
- <servlet>
- <servlet-name>jersey-serlvet</servlet-name>
- <servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
- <init-param>
- <param-name>com.sun.jersey.config.property.packages</param-name>
- <param-value>
- com.security;
- com.exception
- </param-value>
- </init-param>
- <init-param>
- <param-name>com.sun.jersey.spi.container.ResourceFilters</param-name>
- <param-value>com.sun.jersey.api.container.filter.RolesAllowedResourceFilterFactory</param-value>
- </init-param>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>jersey-serlvet</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>BasicDemo</web-resource-name>
- <url-pattern>/*</url-pattern>
- <http-method>GET</http-method>
- </web-resource-collection>
- <auth-constraint>
- <role-name>Admin</role-name>
- </auth-constraint>
- </security-constraint>
- <login-config>
- <auth-method>BASIC</auth-method>
- <!-- The realm name is typically displayed by the browser in the login dialog box. -->
- <realm-name>Login</realm-name>
- </login-config>
- import javax.annotation.security.RolesAllowed;
- @DeclareRoles
- @DenyAll
- @PermitAll
- @RolesAllowed
- @RunAs
- <dependency>
- <!-- Annotations for role management -->
- <groupId>javax.annotation</groupId>
- <artifactId>jsr250-api</artifactId>
- <version>1.0</version>
- </dependency>
- <?xml version="1.0" encoding="UTF-8"?>
- <role rolename="editor"/>
- <role rolename="member"/>
- <user username="admin" password="qwerty" roles="editor,member"/>
- <user username="gavin" password="qwerty" roles="editor"/>
- <user username="julie" password="qwerty" roles="member"/>
- </tomcat-users>
- <?xml version="1.0" encoding="UTF-8"?>
- <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns="http://java.sun.com/xml/ns/javaee"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
- version="3.0">
- </web-app>
- package ph.activelearning.rest.security;
- import org.glassfish.jersey.server.ResourceConfig;
- import org.glassfish.jersey.server.filter.RolesAllowedDynamicFeature;
- public class MyApplication extends ResourceConfig {
- public MyApplication() {
- super(TestResource.class);
- register(RolesAllowedDynamicFeature.class);
- }
- }
- <servlet>
- <servlet-name>Jersey Web Application</servlet-name>
- <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
- <init-param>
- <param-name>jersey.config.server.provider.packages</param-name>
- <param-value>ph.activelearning.rest.security</param-value>
- </init-param>
- <init-param>
- <param-name>javax.ws.rs.Application</param-name>
- <param-value>ph.activelearning.rest.security.MyApplication</param-value>
- </init-param>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <web-app …>
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>test</web-resource-name>
- <url-pattern>/test/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>editor</role-name>
- <role-name>member</role-name>
- </auth-constraint>
- </security-constraint>
- </web-app>
- <web-app …>
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>test</realm-name>
- </login-config>
- </web-app>
- <web-app ...>
- <security-role>
- <description>This is editor</description>
- <role-name>editor</role-name>
- </security-role>
- <security-role>
- <description>This is member</description>
- <role-name>member</role-name>
- </security-role>
- </web-app>
- package ph.activelearning.rest.security;
- import javax.annotation.security.PermitAll;
- import javax.annotation.security.RolesAllowed;
- import javax.ws.rs.GET;
- import javax.ws.rs.Path;
- import javax.ws.rs.Produces;
- import javax.ws.rs.core.Context;
- import javax.ws.rs.core.MediaType;
- import javax.ws.rs.core.SecurityContext;
- @Path("test")
- @PermitAll
- public class TestResource {
- @GET
- @Path("editor")
- @Produces(MediaType.TEXT_PLAIN)
- @RolesAllowed("editor")
- public String editorOnly() {
- return "Got to editor path!";
- }
- @GET
- @Path("member")
- @Produces(MediaType.TEXT_PLAIN)
- @RolesAllowed("member")
- public String memberOnly() {
- return "Got to member path!";
- }
- @GET
- @Path("open")
- @Produces(MediaType.TEXT_PLAIN)
- public String open(@Context SecurityContext context) {
- return "Open to all! - " + context.getUserPrincipal().getName();
- }
- }
- <?xml version="1.0" encoding="UTF-8"?>
- <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns="http://java.sun.com/xml/ns/javaee"
- xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
- http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
- version="3.0">
- <servlet>
- <servlet-name>Jersey Web Application</servlet-name>
- <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
- <init-param>
- <param-name>jersey.config.server.provider.packages</param-name>
- <param-value>ph.activelearning.rest.security</param-value>
- </init-param>
- <!-- Define the Application class where we enable security annotations -->
- <init-param>
- <param-name>javax.ws.rs.Application</param-name>
- <param-value>ph.activelearning.rest.security.MyApplication</param-value>
- </init-param>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>Jersey Web Application</servlet-name>
- <url-pattern>/*</url-pattern>
- </servlet-mapping>
- <!-- Required even though we use annotations -->
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>test</web-resource-name>
- <url-pattern>/test/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>editor</role-name>
- <role-name>member</role-name>
- </auth-constraint>
- </security-constraint>
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>test</realm-name>
- </login-config>
- <!-- Optional: Define security roles that are defined in your app server -->
- <!--
- <security-role>
- <description>This is editor</description>
- <role-name>editor</role-name>
- </security-role>
- <security-role>
- <description>This is member</description>
- <role-name>member</role-name>
- </security-role>
- -->
- </web-app>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement