[jboss-cvs] JBossAS SVN: r63150 - in trunk/ejb3/docs/tutorial: http_https and 12 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri May 18 12:50:16 EDT 2007
Author: bdecoste
Date: 2007-05-18 12:50:15 -0400 (Fri, 18 May 2007)
New Revision: 63150
Added:
trunk/ejb3/docs/tutorial/http_https/
trunk/ejb3/docs/tutorial/http_https/build.xml
trunk/ejb3/docs/tutorial/http_https/ejb3.deployer/
trunk/ejb3/docs/tutorial/http_https/ejb3.deployer/META-INF/
trunk/ejb3/docs/tutorial/http_https/ejb3.deployer/META-INF/jboss-service.xml
trunk/ejb3/docs/tutorial/http_https/http_https.html
trunk/ejb3/docs/tutorial/http_https/http_https.wiki
trunk/ejb3/docs/tutorial/http_https/jboss-web.deployer/
trunk/ejb3/docs/tutorial/http_https/jboss-web.deployer/server.xml
trunk/ejb3/docs/tutorial/http_https/jndi.properties
trunk/ejb3/docs/tutorial/http_https/localhost.keystore
trunk/ejb3/docs/tutorial/http_https/localhost.truststore
trunk/ejb3/docs/tutorial/http_https/log4j.xml
trunk/ejb3/docs/tutorial/http_https/roles.properties
trunk/ejb3/docs/tutorial/http_https/servlet-invoker.war/
trunk/ejb3/docs/tutorial/http_https/servlet-invoker.war/WEB-INF/
trunk/ejb3/docs/tutorial/http_https/servlet-invoker.war/WEB-INF/web.xml
trunk/ejb3/docs/tutorial/http_https/src/
trunk/ejb3/docs/tutorial/http_https/src/org/
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/Calculator.java
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorBean.java
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpBean.java
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpsBean.java
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/client/
trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/client/Client.java
trunk/ejb3/docs/tutorial/http_https/users.properties
Log:
[EJBTHREE-943] HTTP and HTTPS tutorial
Added: trunk/ejb3/docs/tutorial/http_https/build.xml
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/build.xml (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/build.xml 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,129 @@
+<?xml version="1.0"?>
+
+<!-- ======================================================================= -->
+<!-- JBoss build file -->
+<!-- ======================================================================= -->
+
+<project name="JBoss" default="ejbjar" basedir=".">
+
+ <property file="../local.properties"/> <property environment="env"/>
+ <property name="src.dir" value="${basedir}/src"/>
+ <property name="jboss.home" value="${env.JBOSS_HOME}"/>
+ <property name="jboss.server.config" value="default"/>
+ <property name="build.dir" value="${basedir}/build"/>
+ <property name="build.classes.dir" value="${build.dir}/classes"/>
+ <property name="tmp.dir" value="${basedir}/tmp"/>
+
+ <!-- Build classpath -->
+ <path id="classpath">
+ <pathelement location="${basedir}"/>
+ <fileset dir="${jboss.home}/lib">
+ <include name="**/*.jar"/>
+ </fileset>
+ <fileset dir="${jboss.home}/server/${jboss.server.config}/lib">
+ <include name="**/*.jar"/>
+ </fileset>
+ <fileset dir="${jboss.home}/server/${jboss.server.config}/deploy/ejb3.deployer">
+ <include name="*.jar"/>
+ </fileset>
+ <fileset dir="${jboss.home}/server/${jboss.server.config}/deploy/jboss-aop-jdk50.deployer">
+ <include name="*.jar"/>
+ </fileset>
+ <pathelement location="${build.classes.dir}"/>
+ <!-- So that we can get jndi.properties for InitialContext -->
+ </path>
+
+ <property name="build.classpath" refid="classpath"/>
+
+ <!-- =================================================================== -->
+ <!-- Prepares the build directory -->
+ <!-- =================================================================== -->
+ <target name="prepare">
+ <mkdir dir="${build.dir}"/>
+ <mkdir dir="${build.classes.dir}"/>
+ <mkdir dir="${tmp.dir}"/>
+ </target>
+
+ <!-- =================================================================== -->
+ <!-- Compiles the source code -->
+ <!-- =================================================================== -->
+ <target name="compile" depends="prepare">
+ <javac srcdir="${src.dir}"
+ destdir="${build.classes.dir}"
+ debug="on"
+ deprecation="on"
+ optimize="off"
+ includes="**">
+ <classpath refid="classpath"/>
+ </javac>
+ </target>
+
+ <target name="ejbjar" depends="compile">
+ <jar jarfile="build/tutorial.jar">
+ <fileset dir="${build.classes.dir}">
+ <include name="**/*.class"/>
+ </fileset>
+ <fileset dir=".">
+ <!--include name="ssl-service.xml"/-->
+ <!--include name="localhost.keystore"/-->
+ <include name="*.properties"/>
+ </fileset>
+ </jar>
+ <copy file="localhost.keystore" todir="${jboss.home}/server/${jboss.server.config}/conf"/>
+ <copy file="localhost.truststore" todir="${jboss.home}/server/${jboss.server.config}/conf"/>
+ <copy file="build/tutorial.jar" todir="${jboss.home}/server/${jboss.server.config}/deploy"/>
+ <copy todir="${tmp.dir}" filtering="yes">
+ <fileset dir="${jboss.home}/server/${jboss.server.config}/deploy">
+ <include name="ejb3.deployer/**"/>
+ </fileset>
+ <fileset dir="${jboss.home}/server/${jboss.server.config}/deploy">
+ <include name="jboss-web.deployer/**"/>
+ </fileset>
+ </copy>
+ <copy todir="${jboss.home}/server/${jboss.server.config}/deploy" filtering="yes" overwrite="true">
+ <fileset dir=".">
+ <include name="ejb3.deployer/**"/>
+ </fileset>
+ <fileset dir=".">
+ <include name="jboss-web.deployer/**"/>
+ </fileset>
+ <fileset dir=".">
+ <include name="servlet-invoker.war/**"/>
+ </fileset>
+ </copy>
+ </target>
+
+ <target name="run">
+ <java classname="org.jboss.tutorial.http_https.client.Client" fork="yes" dir=".">
+ <jvmarg line="-Djavax.net.ssl.trustStore=${jboss.home}/server/${jboss.server.config}/conf/localhost.truststore -Djavax.net.ssl.trustStorePassword=opensource -Djava.protocol.handler.pkgs=javax.net.ssl"/>
+ <classpath refid="classpath"/>
+ </java>
+ </target>
+
+ <!-- =================================================================== -->
+ <!-- Cleans up generated stuff -->
+ <!-- =================================================================== -->
+ <target name="clean.db">
+ <delete dir="${jboss.home}/server/${jboss.server.config}/data/hypersonic"/>
+ </target>
+
+ <target name="clean">
+ <copy todir="${jboss.home}/server/${jboss.server.config}/deploy" filtering="yes" overwrite="true">
+ <fileset dir="${tmp.dir}">
+ <include name="ejb3.deployer/**"/>
+ </fileset>
+ <fileset dir="${tmp.dir}">
+ <include name="jboss-web.deployer/**"/>
+ </fileset>
+ </copy>
+ <delete dir="${tmp.dir}"/>
+ <delete dir="${build.dir}"/>
+ <delete file="${jboss.home}/server/${jboss.server.config}/deploy/tutorial.jar"/>
+ <delete file="${jboss.home}/server/${jboss.server.config}/conf/localhost.keystore"/>
+ <delete file="${jboss.home}/server/${jboss.server.config}/conf/localhost.truststore"/>
+ <delete dir="${jboss.home}/server/${jboss.server.config}/deploy/servlet-invoker.war"/>
+ </target>
+
+
+</project>
+
Added: trunk/ejb3/docs/tutorial/http_https/ejb3.deployer/META-INF/jboss-service.xml
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/ejb3.deployer/META-INF/jboss-service.xml (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/ejb3.deployer/META-INF/jboss-service.xml 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,310 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ JBoss EJB3Deployer
+
+ $Id: jboss-service.xml 41488 2006-02-25 00:14:09Z dimitris $
+-->
+<server>
+
+ <mbean code="org.jboss.remoting.transport.Connector"
+ name="jboss.remoting:type=Connector,name=DefaultEjb3Connector,handler=ejb3">
+ <depends>jboss.aop:service=AspectDeployer</depends>
+ <attribute name="InvokerLocator">socket://${jboss.bind.address}:3873</attribute>
+ <attribute name="Configuration">
+ <handlers>
+ <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
+ </handlers>
+ </attribute>
+ </mbean>
+
+ <mbean code="org.jboss.ejb3.JarsIgnoredForScanning" name="jboss.ejb3:service=JarsIgnoredForScanning">
+ <attribute name="IgnoredJars">
+ snmp-adaptor.jar,
+ otherimages.jar,
+ applet.jar,
+ jcommon.jar,
+ console-mgr-classes.jar,
+ jfreechart.jar,
+ juddi-service.jar,
+ wsdl4j.jar,
+ commons-collections.jar,
+ commons-pool.jar,
+ juddi.jar,
+ commons-discovery.jar,
+ uddi4j.jar,
+ axis.jar,
+ commons-dbcp.jar,
+ jboss-juddiaxis.jar,
+ trove.jar,
+ javassist.jar,
+ jboss-aop-jdk50.jar,
+ jboss-aspect-library-jdk50.jar,
+ ejb3-persistence.jar,
+ commons-validator-1.1.3.jar,
+ commons-collections.jar,
+ commons-fileupload.jar,
+ commons-pool.jar,
+ hibernate-entitymanager.jar,
+ jboss-ejb3x.jar,
+ commons-digester-1.6.jar,
+ cglib-2.1.1.jar,
+ commons-discovery.jar,
+ jboss-annotations-ejb3.jar,
+ jaxen-1.1-beta-4.jar,
+ hibernate-annotations.jar,
+ commons-httpclient.jar,
+ commons-logging.jar,
+ commons-vfs.jar,
+ hibernate3.jar,
+ commons-logging-api.jar,
+ asm.jar,
+ asm-attrs.jar,
+ commons-lang-2.0.jar,
+ commons-beanutils.jar,
+ jboss-ejb3.jar,
+ dom4j.jar,
+ commons-codec-1.2.jar,
+ wsdl4j.jar,
+ xmlsec.jar,
+ jbossws.jar,
+ jboss-bean-deployer.jar,
+ jboss-microcontainer.jar,
+ jboss-dependency.jar,
+ jboss-container.jar,
+ tomcat-coyote.jar,
+ commons-collections.jar,
+ myfaces.jar,
+ jstl.jar,
+ commons-digester-1.6.jar,
+ myfaces-impl.jar,
+ commons-beanutils.jar,
+ myfaces-jsf-api.jar,
+ commons-codec-1.2.jar,
+ catalina-optional.jar,
+ tomcat-util.jar,
+ jasper-compiler.jar,
+ commons-el.jar,
+ jasper-compiler-jdt.jar,
+ tomcat-http.jar,
+ catalina-manager.jar,
+ jasper-runtime.jar,
+ tomcat55-service.jar,
+ servlets-invoker.jar,
+ catalina.jar,
+ naming-resources.jar,
+ servlets-default.jar,
+ tomcat-ajp.jar,
+ commons-modeler.jar,
+ tomcat-apr.jar,
+ servlets-webdav.jar
+ </attribute>
+ </mbean>
+
+ <mbean code="org.jboss.ejb3.EJB3Deployer" name="jboss.ejb3:service=EJB3Deployer" xmbean-dd="">
+
+ <!-- Inline XMBean Descriptor BEGIN -->
+ <xmbean>
+ <description>The EJB3Deployer responsible for ejb3 deployment</description>
+ <descriptors>
+ <interceptors>
+ <!-- comment out DynamicInterceptor to disable dynamic addition of interceptors -->
+ <interceptor code="org.jboss.mx.interceptor.DynamicInterceptor"/>
+ </interceptors>
+ </descriptors>
+ <class>org.jboss.ejb3.EJB3Deployer</class>
+
+ <!-- ServiceMBean attributes -->
+ <attribute access="read-only" getMethod="getName">
+ <description>The class name of the MBean</description>
+ <name>Name</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <attribute access="read-only" getMethod="getState">
+ <description>The status of the MBean</description>
+ <name>State</name>
+ <type>int</type>
+ </attribute>
+
+ <attribute access="read-only" getMethod="getStateString">
+ <description>The status of the MBean in text form</description>
+ <name>StateString</name>
+ <type>java.lang.String</type>
+ </attribute>
+
+ <!-- SubDeployerMBean attributes -->
+ <attribute access="read-only" getMethod="getServiceName">
+ <description>The ObjectName of the Subdeployer</description>
+ <name>ServiceName</name>
+ <type>javax.management.ObjectName</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getSuffixes" setMethod="setSuffixes">
+ <description>The suffixes of interest to this deployer</description>
+ <name>Suffixes</name>
+ <type>[Ljava.lang.String;</type>
+ </attribute>
+
+ <attribute access="read-write" getMethod="getRelativeOrder" setMethod="setRelativeOrder">
+ <description>The relative order of the suffixes in the global suffixes list</description>
+ <name>RelativeOrder</name>
+ <type>int</type>
+ </attribute>
+
+ <!-- EJB3DeployerMBean attributes -->
+ <attribute access="read-only" getMethod="getDefaultProperties">
+ <name>DefaultProperties</name>
+ <type>java.util.Properties</type>
+ </attribute>
+
+ <attribute access="write-only" setMethod="setJarsIgnoredForScanning">
+ <description>mbean that has list of jars to ignore</description>
+ <name>JarsIgnoredForScanning</name>
+ <type>org.jboss.ejb3.JarsIgnoredForScanningMBean</type>
+ </attribute>
+
+ <!-- ServiceMBean operations -->
+ <operation>
+ <description>Standard MBean lifecycle method</description>
+ <name>create</name>
+ </operation>
+
+ <operation>
+ <description>The start lifecycle operation</description>
+ <name>start</name>
+ </operation>
+
+ <operation>
+ <description>The stop lifecycle operation</description>
+ <name>stop</name>
+ </operation>
+
+ <operation>
+ <description>The destroy lifecycle operation</description>
+ <name>destroy</name>
+ </operation>
+
+ <operation>
+ <description>The detyped lifecycle operation (for internal use only)</description>
+ <name>jbossInternalLifecycle</name>
+ <parameter>
+ <description>The lifecycle operation</description>
+ <name>method</name>
+ <type>java.lang.String</type>
+ </parameter>
+ <return-type>void</return-type>
+ </operation>
+
+ <!-- SubDeployerMBean operations -->
+ <operation>
+ <description>Accept a module for deployment</description>
+ <name>accepts</name>
+ <parameter>
+ <name>info</name>
+ <type>org.jboss.deployment.DeploymentInfo</type>
+ </parameter>
+ <return-type>boolean</return-type>
+ </operation>
+
+ <operation>
+ <description>Initialize deployment step</description>
+ <name>init</name>
+ <parameter>
+ <name>info</name>
+ <type>org.jboss.deployment.DeploymentInfo</type>
+ </parameter>
+ </operation>
+
+ <operation>
+ <description>Create deployment step</description>
+ <name>create</name>
+ <parameter>
+ <name>info</name>
+ <type>org.jboss.deployment.DeploymentInfo</type>
+ </parameter>
+ </operation>
+
+ <operation>
+ <description>Start deployment step</description>
+ <name>start</name>
+ <parameter>
+ <name>info</name>
+ <type>org.jboss.deployment.DeploymentInfo</type>
+ </parameter>
+ </operation>
+
+ <operation>
+ <description>Stop deployment step</description>
+ <name>stop</name>
+ <parameter>
+ <name>info</name>
+ <type>org.jboss.deployment.DeploymentInfo</type>
+ </parameter>
+ </operation>
+
+ <operation>
+ <description>Destroy deployment step</description>
+ <name>destroy</name>
+ <parameter>
+ <name>info</name>
+ <type>org.jboss.deployment.DeploymentInfo</type>
+ </parameter>
+ </operation>
+
+ <!-- Interceptable operations -->
+ <operation>
+ <description>Add dynamically an operation interceptor</description>
+ <name>addOperationInterceptor</name>
+ <parameter>
+ <description>The Interceptor</description>
+ <name>interceptor</name>
+ <type>org.jboss.mx.interceptor.Interceptor</type>
+ </parameter>
+ </operation>
+
+ <operation>
+ <description>Remove dynamically an operation interceptor</description>
+ <name>removeOperationInterceptor</name>
+ <parameter>
+ <description>The Interceptor</description>
+ <name>interceptor</name>
+ <type>org.jboss.mx.interceptor.Interceptor</type>
+ </parameter>
+ </operation>
+ </xmbean>
+ <!-- Inline XMBean Descriptor END -->
+
+ <depends>jboss.aop:service=AspectDeployer</depends>
+ <depends>jboss.ejb:service=EJBDeployer</depends>
+ <depends optional-attribute-name="JarsIgnoredForScanning" proxy-type="org.jboss.ejb3.JarsIgnoredForScanningMBean">jboss.ejb3:service=JarsIgnoredForScanning</depends>
+ </mbean>
+
+ <mbean code="org.jboss.remoting.transport.Connector"
+ name="jboss.remoting:service=Connector,transport=Servlet"
+ display-name="Servlet transport Connector">
+ <depends>jboss.aop:service=AspectDeployer</depends>
+ <attribute name="InvokerLocator">
+ servlet://${jboss.bind.address}:8080/servlet-invoker/ServerInvokerServlet
+ </attribute>
+
+ <attribute name="Configuration">
+ <handlers>
+ <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
+ </handlers>
+ </attribute>
+ </mbean>
+
+ <mbean code="org.jboss.remoting.transport.Connector"
+ name="jboss.remoting:service=Connector,transport=SSLServlet"
+ display-name="Servlet ssl transport Connector">
+ <depends>jboss.aop:service=AspectDeployer</depends>
+ <attribute name="InvokerLocator">sslservlet://${jboss.bind.address}:8443/servlet-invoker/SSLServerInvokerServlet</attribute>
+
+ <attribute name="Configuration">
+ <handlers>
+ <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
+ </handlers>
+ </attribute>
+ </mbean>
+
+</server>
Added: trunk/ejb3/docs/tutorial/http_https/http_https.html
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/http_https.html (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/http_https.html 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,113 @@
+<html>
+<body>
+<p>
+<h2>EJB3 over HTTP/HTTPS</h2>
+
+This tutorial describes how to access EJB3s via HTTP or HTTPS (HTTP over SSL). This is typically
+done when the beans are deployed behind a firewall so the client needs to communicate via
+a protocol and port allowed through the firewall. There are several steps required to configure the
+client, the server, and the beans to enable HTTP/HTTPS. Lets cover these one by one.
+</p><p>
+<h3> Enabling Web Connectors</h3>
+
+Take a look at <a href="jboss-web.deployer/server.xml">jboss-web.deployer/server.xml</a>, which is in the
+deploy directory. The <a href="jboss-web.deployer/server.xml">server.xml</a> file
+will need to be modified from the default. Both the HTTP
+and HTTPS Connectors are enabled on ports 8080 and 8443, respectively. Notice the settings that
+distinguish HTTP from HTTPS. Note that the HTTPS Connector has parameters for the keystore
+and truststore. This is where the digitial certificates and public/private keys are stored
+that are used by SSL. More on keystore config later.
+</p><p>
+<h3> Enabling Servlets</h3>
+
+Take a look at <a href="servlet-invoker.war">servlet-invoker.war</a>, specifically the <a href="servlet-invoker.war/WEB-INF/web.xml">WEB-INF/web.xml</a>
+file. The <tt>servlet-invoker.war</tt> directory needs to be created per this example and deployed
+in the deploy directory. This will deploy the servlets that handle the HTTP and HTTPS requests.
+Notice that in <a href="servlet-invoker.war/WEB-INF/web.xml">web.xml</a> file there are two servlets. The HTTP servlet defines the
+<tt>invokerName</tt> and the HTTPS servlet defines the <tt>locatorUrl</tt>. These parameters will be used
+when configuring the EJB3 Connectors and the beans.
+</p><p>
+<h3> Enabling EJB3 Connectors</h3>
+
+Take a look at <a href="ejb3.deployer/META-INF/jboss-service.xml">ejb3.deployer/META-INF/jboss-service.xml</a>,
+which is in the deploy directory. The <a href="ejb3.deployer/META-INF/jboss-service.xml">jboss-service.xml</a>
+will need to be modified from the default. At the bottom of the file you will see two MBeans that are not
+included in the default configuration. These MBeans configure the EJB3 Connectors for HTTP and
+HTTPS. Notice the <tt>InvokerLocator</tt> parameters in each of the Connector configs.
+</p><p>
+<h3> Keystores and Truststores</h3>
+
+You will need to generate public/private key pairs and digital certificates to enable SSL. The
+JDK provides a <tt>keytool</tt> utility for the generation and management of keys and certificates.
+The server keystore contains the server side public and private keys as well as the client's certificate, which
+includes the client public key. The server truststore contains the client's certificate, which
+indicates that the owner of the certificate is trusted. Conversely, the client side needs access
+to the truststore, which contains the server's certificate, which indicates that the owner of the
+certificate is trusted. Typically, the keystore and truststore are placed in the <tt>conf</tt> directory
+on the server side.
+</p><p>
+<h3> Bean Configuration</h3>
+
+Take a look at <a href="src/org/jboss/tutorial/http_https/bean/CalculatorHttpBean.java">CalculatorHttpBean.java</a> and
+<a href="src/org/jboss/tutorial/http_https/bean/CalculatorHttpsBean.java">CalculatorHttpsBean.java</a>. Not the
+<tt>@RemoteBinding(clientBindUrl=".."")</tt> annotations. The <tt>clientBindUrl</tt> settings correspond
+to the <tt>InvokerLocator</tt> parameters configured on the server side.
+</p><p>
+<h4>Client</h4>
+
+Take a look at <a href="src/org/jboss/tutorial/http_https/client/Client.java">Client.java</a>. You will see
+examples of invoking the Calculator bean via both HTTP and HTTPS. Note the configuration of the
+<tt>HostnameVerifier</tt>. This is required in some cases where the hostname in the URL does not
+match the expected URL hostname. The <tt>HostnameVerifier</tt> handles this scenario.
+</p><p>
+<h4>Building and Running</h4>
+
+To build and run the example, make sure you have <tt>ejb3.deployer</tt> installed in JBoss 4.x.
+See the reference manual on how to install EJB 3.0. You will need to modify the JBossAS <tt>run</tt> script
+to configure the keystore. The following needs to be added to the JAVA_OPTS, which
+are passed to the VM:
+</p><p>
+<tt>JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore=$JBOSS_HOME/server/default/conf/localhost.keystore -Djavax.net.ssl.keyStorePassword=opensource -Djava.protocol.handler.pkgs=javax.net.ssl"</tt>
+</p><p>
+Then run <tt>ant</tt>. This will replace the default configuration with the HTTP and HTTPS enabled
+configuration. Start JBoss. Once JBoss is started with these options, you can run the client.
+Take a look at <a href="build.xml">build.xml</a>. Note that there are VM options for the truststore being passed to the client VM.
+</p><p>
+<pre>
+Unix: $ export JBOSS_HOME=<where your jboss 4.x distribution is>
+Windows: $ set JBOSS_HOME=<where your jboss 4.x distribution is>
+$ ant run
+Buildfile: build.xml
+
+run:
+ [java] Kabir is a student.
+ [java] Kabir types in the wrong password
+ [java] Saw expected SecurityException: null
+ [java] Kabir types in correct password.
+ [java] Kabir does unchecked addition.
+ [java] 1 + 1 = 2
+ [java] Kabir is not a teacher so he cannot do division
+ [java] null
+ [java] Students are allowed to do subtraction
+ [java] 1 - 1 = 0
+ [java] Kabir is a student.
+ [java] Kabir types in the wrong password
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] Saw expected SecurityException: null
+ [java] Kabir types in correct password.
+ [java] Kabir does unchecked addition.
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] 1 + 1 = 2
+ [java] Kabir is not a teacher so he cannot do division
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] null
+ [java] Students are allowed to do subtraction
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] 1 - 1 = 0
+</pre>
+</p><p>
+</p><p>
+</p><p>
+</p>
+</body>
+</html>
Added: trunk/ejb3/docs/tutorial/http_https/http_https.wiki
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/http_https.wiki (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/http_https.wiki 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,99 @@
+!!!EJB3 over HTTP/HTTPS
+This tutorial describes how to access EJB3s via HTTP or HTTPS (HTTP over SSL). This is typically
+done when the beans are deployed behind a firewall so the client needs to communicate via
+a protocol and port allowed through the firewall. There are several steps required to configure the
+client, the server, and the beans to enable HTTP/HTTPS. Lets cover these one by one.
+
+!! Enabling Web Connectors
+Take a look at [jboss-web.deployer/server.xml|jboss-web.deployer/server.xml], which is in the
+deploy directory. The [server.xml|jboss-web.deployer/server.xml] file
+will need to be modified from the default. Both the HTTP
+and HTTPS Connectors are enabled on ports 8080 and 8443, respectively. Notice the settings that
+distinguish HTTP from HTTPS. Note that the HTTPS Connector has parameters for the keystore
+and truststore. This is where the digitial certificates and public/private keys are stored
+that are used by SSL. More on keystore config later.
+
+!! Enabling Servlets
+Take a look at [servlet-invoker.war|servlet-invoker.war], specifically the [WEB-INF/web.xml|servlet-invoker.war/WEB-INF/web.xml]
+file. The {{servlet-invoker.war}} directory needs to be created per this example and deployed
+in the deploy directory. This will deploy the servlets that handle the HTTP and HTTPS requests.
+Notice that in [web.xml|servlet-invoker.war/WEB-INF/web.xml] file there are two servlets. The HTTP servlet defines the
+{{invokerName}} and the HTTPS servlet defines the {{locatorUrl}}. These parameters will be used
+when configuring the EJB3 Connectors and the beans.
+
+!! Enabling EJB3 Connectors
+Take a look at [ejb3.deployer/META-INF/jboss-service.xml|ejb3.deployer/META-INF/jboss-service.xml],
+which is in the deploy directory. The [jboss-service.xml|ejb3.deployer/META-INF/jboss-service.xml]
+will need to be modified from the default. At the bottom of the file you will see two MBeans that are not
+included in the default configuration. These MBeans configure the EJB3 Connectors for HTTP and
+HTTPS. Notice the {{InvokerLocator}} parameters in each of the Connector configs.
+
+!! Keystores and Truststores
+You will need to generate public/private key pairs and digital certificates to enable SSL. The
+JDK provides a {{keytool}} utility for the generation and management of keys and certificates.
+The server keystore contains the server side public and private keys as well as the client's certificate, which
+includes the client public key. The server truststore contains the client's certificate, which
+indicates that the owner of the certificate is trusted. Conversely, the client side needs access
+to the truststore, which contains the server's certificate, which indicates that the owner of the
+certificate is trusted. Typically, the keystore and truststore are placed in the {{conf}} directory
+on the server side.
+
+!! Bean Configuration
+Take a look at [CalculatorHttpBean.java|src/org/jboss/tutorial/http_https/bean/CalculatorHttpBean.java] and
+[CalculatorHttpsBean.java|src/org/jboss/tutorial/http_https/bean/CalculatorHttpsBean.java]. Not the
+{{@RemoteBinding(clientBindUrl=".."")}} annotations. The {{clientBindUrl}} settings correspond
+to the {{InvokerLocator}} parameters configured on the server side.
+
+!Client
+Take a look at [Client.java|src/org/jboss/tutorial/http_https/client/Client.java]. You will see
+examples of invoking the Calculator bean via both HTTP and HTTPS. Note the configuration of the
+{{HostnameVerifier}}. This is required in some cases where the hostname in the URL does not
+match the expected URL hostname. The {{HostnameVerifier}} handles this scenario.
+
+!Building and Running
+To build and run the example, make sure you have {{ejb3.deployer}} installed in JBoss 4.x.
+See the reference manual on how to install EJB 3.0. You will need to modify the JBossAS {{run}} script
+to configure the keystore. The following needs to be added to the JAVA_OPTS, which
+are passed to the VM:
+
+{{JAVA_OPTS="$JAVA_OPTS -Djavax.net.ssl.keyStore=$JBOSS_HOME/server/default/conf/localhost.keystore -Djavax.net.ssl.keyStorePassword=opensource -Djava.protocol.handler.pkgs=javax.net.ssl"}}
+
+Then run {{ant}}. This will replace the default configuration with the HTTP and HTTPS enabled
+configuration. Start JBoss. Once JBoss is started with these options, you can run the client.
+Take a look at [build.xml|build.xml]. Note that there are VM options for the truststore being passed to the client VM.
+
+{{{
+Unix: $ export JBOSS_HOME=<where your jboss 4.x distribution is>
+Windows: $ set JBOSS_HOME=<where your jboss 4.x distribution is>
+$ ant run
+Buildfile: build.xml
+
+run:
+ [java] Kabir is a student.
+ [java] Kabir types in the wrong password
+ [java] Saw expected SecurityException: null
+ [java] Kabir types in correct password.
+ [java] Kabir does unchecked addition.
+ [java] 1 + 1 = 2
+ [java] Kabir is not a teacher so he cannot do division
+ [java] null
+ [java] Students are allowed to do subtraction
+ [java] 1 - 1 = 0
+ [java] Kabir is a student.
+ [java] Kabir types in the wrong password
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] Saw expected SecurityException: null
+ [java] Kabir types in correct password.
+ [java] Kabir does unchecked addition.
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] 1 + 1 = 2
+ [java] Kabir is not a teacher so he cannot do division
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] null
+ [java] Students are allowed to do subtraction
+ [java] Warning: URL Host: localhost vs. 192.168.1.57
+ [java] 1 - 1 = 0
+}}}
+
+
+
Added: trunk/ejb3/docs/tutorial/http_https/jboss-web.deployer/server.xml
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/jboss-web.deployer/server.xml (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/jboss-web.deployer/server.xml 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,172 @@
+<Server>
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JasperListener" />
+
+ <!-- Use a custom version of StandardService that allows the
+ connectors to be started independent of the normal lifecycle
+ start to allow web apps to be deployed before starting the
+ connectors.
+ -->
+ <Service name="jboss.web">
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Documentation at :
+ Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
+ Java AJP Connector: /docs/config/ajp.html
+ APR (HTTP/AJP) Connector: /docs/apr.html
+ Define a non-SSL HTTP/1.1 Connector on port 8080
+ -->
+ <Connector port="8080" address="${jboss.bind.address}"
+ maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
+ emptySessionPath="true" protocol="HTTP/1.1"
+ enableLookups="false" redirectPort="8443" acceptCount="100"
+ connectionTimeout="20000" disableUploadTimeout="true" />
+
+ <!-- Define a SSL HTTP/1.1 Connector on port 8443
+ This connector uses the JSSE configuration, when using APR, the
+ connector should be using the OpenSSL style configuration
+ described in the APR documentation -->
+
+ <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
+ maxThreads="150" scheme="https" secure="true"
+ clientAuth="false"
+ address="${jboss.bind.address}"
+ keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
+ keystorePass="opensource"
+ truststoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
+ truststorePass="opensource"
+ sslProtocol="TLS"/>
+
+ <!-- Define an AJP 1.3 Connector on port 8009 -->
+ <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3"
+ emptySessionPath="true" enableLookups="false" redirectPort="8443" />
+
+ <Engine name="jboss.web" defaultHost="localhost">
+
+ <!-- The JAAS based authentication and authorization realm implementation
+ that is compatible with the jboss 3.2.x realm implementation.
+ - certificatePrincipal : the class name of the
+ org.jboss.security.auth.certs.CertificatePrincipal impl
+ used for mapping X509[] cert chains to a Princpal.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ -->
+ <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ <!-- A subclass of JBossSecurityMgrRealm that uses the authentication
+ behavior of JBossSecurityMgrRealm, but overrides the authorization
+ checks to use JACC permissions with the current java.security.Policy
+ to determine authorized access.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ -->
+
+ <Host name="localhost"
+ autoDeploy="false" deployOnStartup="false" deployXML="false"
+ configClass="org.jboss.web.tomcat.security.config.JBossContextConfig"
+ >
+
+ <!-- Uncomment to enable request dumper. This Valve "logs interesting
+ contents from the specified Request (before processing) and the
+ corresponding Response (after processing). It is especially useful
+ in debugging problems related to headers and cookies."
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ -->
+
+ <!-- Access logger -->
+ <!--
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ prefix="localhost_access_log." suffix=".log"
+ pattern="common" directory="${jboss.server.home.dir}/log"
+ resolveHosts="false" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host. Does not provide SSO across a cluster.
+
+ If this valve is used, do not use the JBoss ClusteredSingleSignOn
+ valve shown below.
+
+ A new configuration attribute is available beginning with
+ release 4.0.4:
+
+ cookieDomain configures the domain to which the SSO cookie
+ will be scoped (i.e. the set of hosts to
+ which the cookie will be presented). By default
+ the cookie is scoped to "/", meaning the host
+ that presented it. Set cookieDomain to a
+ wider domain (e.g. "xyz.com") to allow an SSO
+ to span more than one hostname.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host AND to all other hosts in the cluster.
+
+ If this valve is used, do not use the standard Tomcat SingleSignOn
+ valve shown above.
+
+ Valve uses a JBossCache instance to support SSO credential
+ caching and replication across the cluster. The JBossCache
+ instance must be configured separately. By default, the valve
+ shares a JBossCache with the service that supports HttpSession
+ replication. See the "jboss-web-cluster-service.xml" file in the
+ server/all/deploy directory for cache configuration details.
+
+ Besides the attributes supported by the standard Tomcat
+ SingleSignOn valve (see the Tomcat docs), this version also
+ supports the following attributes:
+
+ cookieDomain see above
+
+ treeCacheName JMX ObjectName of the JBossCache MBean used to
+ support credential caching and replication across
+ the cluster. If not set, the default value is
+ "jboss.cache:service=TomcatClusteringCache", the
+ standard ObjectName of the JBossCache MBean used
+ to support session replication.
+ -->
+ <!--
+ <Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" />
+ -->
+
+ <!-- Check for unclosed connections and transaction terminated checks
+ in servlets/jsps.
+
+ Important: The dependency on the CachedConnectionManager
+ in META-INF/jboss-service.xml must be uncommented, too
+ -->
+ <Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
+ cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
+ transactionManagerObjectName="jboss:service=TransactionManager" />
+
+ </Host>
+
+ </Engine>
+
+ </Service>
+
+</Server>
Added: trunk/ejb3/docs/tutorial/http_https/jndi.properties
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/jndi.properties (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/jndi.properties 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,3 @@
+java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
+java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
+java.naming.provider.url=localhost
Added: trunk/ejb3/docs/tutorial/http_https/localhost.keystore
===================================================================
(Binary files differ)
Property changes on: trunk/ejb3/docs/tutorial/http_https/localhost.keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/ejb3/docs/tutorial/http_https/localhost.truststore
===================================================================
(Binary files differ)
Property changes on: trunk/ejb3/docs/tutorial/http_https/localhost.truststore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/ejb3/docs/tutorial/http_https/log4j.xml
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/log4j.xml (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/log4j.xml 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<!-- ===================================================================== -->
+<!-- -->
+<!-- Log4j Configuration -->
+<!-- -->
+<!-- ===================================================================== -->
+
+<!-- $Id: log4j.xml 60233 2007-02-03 10:13:23Z wolfc $ -->
+
+<!--
+ | For more configuration infromation and examples see the Jakarta Log4j
+ | owebsite: http://jakarta.apache.org/log4j
+ -->
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
+
+<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
+ <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
+ <param name="Target" value="System.out"/>
+ <param name="Threshold" value="INFO"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <!-- The default pattern: Date Priority [Category] Messagen -->
+ <!--
+ <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
+ -->
+ <param name="ConversionPattern" value="%-5p %d{dd-MM HH:mm:ss,SSS} (%F:%M:%L) -%m%n"/>
+ </layout>
+</appender>
+
+ <root>
+ <appender-ref ref="CONSOLE"/>
+ </root>
+
+</log4j:configuration>
Added: trunk/ejb3/docs/tutorial/http_https/roles.properties
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/roles.properties (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/roles.properties 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1 @@
+kabir=student
Added: trunk/ejb3/docs/tutorial/http_https/servlet-invoker.war/WEB-INF/web.xml
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/servlet-invoker.war/WEB-INF/web.xml (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/servlet-invoker.war/WEB-INF/web.xml 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE web-app PUBLIC
+ "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<!-- The the JBossRemoting server invoker servlet web.xml descriptor
+$Id: web.xml,v 1.1 2005/06/16 21:12:48 telrod Exp $
+-->
+<web-app>
+ <servlet>
+ <servlet-name>ServerInvokerServlet</servlet-name>
+ <description>The ServerInvokerServlet receives requests via HTTP
+ protocol from within a web container and passes it onto the
+ ServletServerInvoker for processing.
+ </description>
+ <servlet-class>org.jboss.remoting.transport.servlet.web.ServerInvokerServlet</servlet-class>
+ <init-param>
+ <param-name>invokerName</param-name>
+ <param-value>jboss.remoting:service=invoker,transport=servlet</param-value>
+ <description>The servlet server invoker</description>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet>
+ <servlet-name>SSLServerInvokerServlet</servlet-name>
+ <description>The ServerInvokerServlet receives requests via HTTPS
+ protocol from within a web container and passes it onto the
+ ServletServerInvoker for processing.
+ </description>
+ <servlet-class>org.jboss.remoting.transport.servlet.web.ServerInvokerServlet</servlet-class>
+ <init-param>
+ <param-name>locatorUrl</param-name>
+ <param-value>sslservlet://localhost:8443/servlet-invoker/SSLServerInvokerServlet</param-value>
+ <description>The ssl servlet server invoker locator url</description>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+ <servlet-mapping>
+ <servlet-name>ServerInvokerServlet</servlet-name>
+ <url-pattern>/ServerInvokerServlet/*</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>SSLServerInvokerServlet</servlet-name>
+ <url-pattern>/SSLServerInvokerServlet/*</url-pattern>
+ </servlet-mapping>
+</web-app>
+
Added: trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/Calculator.java
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/Calculator.java (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/Calculator.java 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,34 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.tutorial.http_https.bean;
+
+import javax.ejb.Remote;
+
+ at Remote
+public interface Calculator
+{
+ int add(int x, int y);
+
+ int subtract(int x, int y);
+
+ int divide(int x, int y);
+}
Added: trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorBean.java
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorBean.java (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorBean.java 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,49 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.tutorial.http_https.bean;
+
+import javax.ejb.TransactionAttribute;
+import javax.ejb.TransactionAttributeType;
+import javax.annotation.security.PermitAll;
+import javax.annotation.security.RolesAllowed;
+
+public class CalculatorBean implements Calculator
+{
+ @PermitAll
+ @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
+ public int add(int x, int y)
+ {
+ return x + y;
+ }
+
+ @RolesAllowed({"student"})
+ public int subtract(int x, int y)
+ {
+ return x - y;
+ }
+
+ @RolesAllowed({"teacher"})
+ public int divide(int x, int y)
+ {
+ return x / y;
+ }
+}
Added: trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpBean.java
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpBean.java (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpBean.java 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.tutorial.http_https.bean;
+
+import org.jboss.annotation.security.SecurityDomain;
+import org.jboss.annotation.ejb.RemoteBinding;
+
+import javax.ejb.Stateless;
+import javax.ejb.Remote;
+import javax.ejb.TransactionAttribute;
+import javax.ejb.TransactionAttributeType;
+import javax.annotation.security.PermitAll;
+import javax.annotation.security.RolesAllowed;
+
+ at Stateless
+ at RemoteBinding(clientBindUrl="http://localhost:8080/servlet-invoker/ServerInvokerServlet")
+ at Remote(Calculator.class)
+ at SecurityDomain("other")
+public class CalculatorHttpBean extends CalculatorBean
+{
+}
Added: trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpsBean.java
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpsBean.java (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/bean/CalculatorHttpsBean.java 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,36 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.tutorial.http_https.bean;
+
+import org.jboss.annotation.security.SecurityDomain;
+import org.jboss.annotation.ejb.RemoteBinding;
+
+import javax.ejb.Remote;
+import javax.ejb.Stateless;
+
+ at Stateless
+ at RemoteBinding(clientBindUrl="https://localhost:8443/servlet-invoker/SSLServerInvokerServlet")
+ at Remote(Calculator.class)
+ at SecurityDomain("other")
+public class CalculatorHttpsBean extends CalculatorBean
+{
+}
Added: trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/client/Client.java
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/client/Client.java (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/src/org/jboss/tutorial/http_https/client/Client.java 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,107 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.tutorial.http_https.client;
+
+import org.jboss.tutorial.http_https.bean.Calculator;
+
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLSession;
+import javax.ejb.EJBAccessException;
+import java.util.Properties;
+
+/**
+ */
+public class Client
+{
+ public static void main(String[] args) throws Exception
+ {
+ setHostNameVerifier();
+
+ // Invoke via HTTP
+ calculate("CalculatorHttpBean/remote");
+
+ // Invoke via HTTPS
+ calculate("CalculatorHttpsBean/remote");
+ }
+
+ private static void calculate(String jndiName) throws Exception
+ {
+ // Establish the proxy with an incorrect security identity
+ Properties env = new Properties();
+ env.setProperty(Context.SECURITY_PRINCIPAL, "kabir");
+ env.setProperty(Context.SECURITY_CREDENTIALS, "invalidpassword");
+ env.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory");
+ InitialContext ctx = new InitialContext(env);
+ Calculator calculator = (Calculator) ctx.lookup(jndiName);
+
+ System.out.println("Kabir is a student.");
+ System.out.println("Kabir types in the wrong password");
+ try
+ {
+ System.out.println("1 + 1 = " + calculator.add(1, 1));
+ }
+ catch (Exception ex)
+ {
+ System.out.println("Saw expected SecurityException: " + ex.getMessage());
+ }
+
+ System.out.println("Kabir types in correct password.");
+ System.out.println("Kabir does unchecked addition.");
+
+ // Re-establish the proxy with the correct security identity
+ env.setProperty(Context.SECURITY_CREDENTIALS, "validpassword");
+ ctx = new InitialContext(env);
+ calculator = (Calculator) ctx.lookup(jndiName);
+
+ System.out.println("1 + 1 = " + calculator.add(1, 1));
+
+ System.out.println("Kabir is not a teacher so he cannot do division");
+ try
+ {
+ calculator.divide(16, 4);
+ }
+ catch (Exception ex)
+ {
+ System.out.println(ex.getMessage());
+ }
+
+ System.out.println("Students are allowed to do subtraction");
+ System.out.println("1 - 1 = " + calculator.subtract(1, 1));
+ }
+
+ private static void setHostNameVerifier()
+ {
+ HostnameVerifier hv = new HostnameVerifier()
+ {
+ public boolean verify(String urlHostName, SSLSession session)
+ {
+ System.out.println("Warning: URL Host: "+urlHostName+" vs. "+session.getPeerHost());
+ return true;
+ }
+ };
+ HttpsURLConnection.setDefaultHostnameVerifier(hv);
+ }
+
+}
Added: trunk/ejb3/docs/tutorial/http_https/users.properties
===================================================================
--- trunk/ejb3/docs/tutorial/http_https/users.properties (rev 0)
+++ trunk/ejb3/docs/tutorial/http_https/users.properties 2007-05-18 16:50:15 UTC (rev 63150)
@@ -0,0 +1,2 @@
+kabir=validpassword
+
More information about the jboss-cvs-commits
mailing list