[jboss-cvs] JBossAS SVN: r82539 - in projects/ejb3/trunk/docs/tutorial: security and 2 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Dec 24 02:54:01 EST 2008
Author: jaikiran
Date: 2008-12-24 02:54:00 -0500 (Wed, 24 Dec 2008)
New Revision: 82539
Added:
projects/ejb3/trunk/docs/tutorial/security/
projects/ejb3/trunk/docs/tutorial/security/build.xml
projects/ejb3/trunk/docs/tutorial/security/jndi.properties
projects/ejb3/trunk/docs/tutorial/security/log4j.xml
projects/ejb3/trunk/docs/tutorial/security/pom.xml
projects/ejb3/trunk/docs/tutorial/security/roles.properties
projects/ejb3/trunk/docs/tutorial/security/security.html
projects/ejb3/trunk/docs/tutorial/security/security.wiki
projects/ejb3/trunk/docs/tutorial/security/src/
projects/ejb3/trunk/docs/tutorial/security/users.properties
Removed:
projects/ejb3/trunk/docs/tutorial/security/build.xml
projects/ejb3/trunk/docs/tutorial/security/jndi.properties
projects/ejb3/trunk/docs/tutorial/security/log4j.xml
projects/ejb3/trunk/docs/tutorial/security/roles.properties
projects/ejb3/trunk/docs/tutorial/security/security.html
projects/ejb3/trunk/docs/tutorial/security/security.wiki
projects/ejb3/trunk/docs/tutorial/security/src/
projects/ejb3/trunk/docs/tutorial/security/users.properties
Modified:
projects/ejb3/trunk/docs/tutorial/security/src/org/jboss/tutorial/security/bean/CalculatorBean.java
projects/ejb3/trunk/docs/tutorial/security/src/org/jboss/tutorial/security/client/Client.java
Log:
Working version of the Security tutorial for JBossAS 5.0 GA
Copied: projects/ejb3/trunk/docs/tutorial/security (from rev 82032, projects/oldstuff/ejb3/docs/tutorial/security)
Deleted: projects/ejb3/trunk/docs/tutorial/security/build.xml
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/build.xml 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/build.xml 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1,90 +0,0 @@
-<?xml version="1.0"?>
-
-<!-- ======================================================================= -->
-<!-- JBoss build file -->
-<!-- ======================================================================= -->
-
-<project name="JBoss" default="ejbjar" basedir=".">
-
- <property environment="env"/>
- <property name="src.dir" value="${basedir}/src"/>
- <property name="jboss.home" value="${env.JBOSS_HOME}"/> <property name="jboss.server.config" value="all"/>
- <property name="build.dir" value="${basedir}/build"/>
- <property name="build.classes.dir" value="${build.dir}/classes"/>
-
- <!-- Build classpath -->
- <path id="classpath">
- <!-- So that we can get jndi.properties for InitialContext -->
- <pathelement location="${basedir}"/>
- <fileset dir="${jboss.home}/lib">
- <include name="**/*.jar"/>
- </fileset>
- <fileset dir="${jboss.home}/server/${jboss.server.config}/lib">
- <include name="**/*.jar"/>
- </fileset>
- <fileset dir="${jboss.home}/server/${jboss.server.config}/deploy/ejb3.deployer">
- <include name="*.jar"/>
- </fileset>
- <fileset dir="${jboss.home}/server/${jboss.server.config}/deploy/jboss-aop-jdk50.deployer">
- <include name="*.jar"/>
- </fileset>
- <pathelement location="${build.classes.dir}"/>
- </path>
-
- <property name="build.classpath" refid="classpath"/>
-
- <!-- =================================================================== -->
- <!-- Prepares the build directory -->
- <!-- =================================================================== -->
- <target name="prepare">
- <mkdir dir="${build.dir}"/>
- <mkdir dir="${build.classes.dir}"/>
- </target>
-
- <!-- =================================================================== -->
- <!-- Compiles the source code -->
- <!-- =================================================================== -->
- <target name="compile" depends="prepare">
- <javac srcdir="${src.dir}"
- destdir="${build.classes.dir}"
- debug="on"
- deprecation="on"
- optimize="off"
- includes="**">
- <classpath refid="classpath"/>
- </javac>
- </target>
-
- <target name="ejbjar" depends="compile">
- <jar jarfile="build/tutorial.jar">
- <fileset dir="${build.classes.dir}">
- <include name="**/*.class"/>
- </fileset>
- <fileset dir=".">
- <include name="*.properties"/>
- </fileset>
- </jar>
- <copy file="build/tutorial.jar" todir="${jboss.home}/server/${jboss.server.config}/deploy"/>
- </target>
-
- <target name="run" depends="ejbjar">
- <java classname="org.jboss.tutorial.security.client.Client" fork="yes" dir=".">
- <classpath refid="classpath"/>
- </java>
- </target>
-
- <!-- =================================================================== -->
- <!-- Cleans up generated stuff -->
- <!-- =================================================================== -->
- <target name="clean.db">
- <delete dir="${jboss.home}/server/${jboss.server.config}/data/hypersonic"/>
- </target>
-
- <target name="clean">
- <delete dir="${build.dir}"/>
- <delete file="${jboss.home}/server/${jboss.server.config}/deploy/tutorial.jar"/>
- </target>
-
-
-</project>
-
Copied: projects/ejb3/trunk/docs/tutorial/security/build.xml (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/build.xml)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/build.xml (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/build.xml 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,84 @@
+<?xml version="1.0"?>
+
+<!-- ======================================================================= -->
+<!-- JBoss build file -->
+<!-- ======================================================================= -->
+
+<project name="JBoss" default="ejbjar" basedir=".">
+
+ <property environment="env"/>
+ <property name="src.dir" value="${basedir}/src"/>
+ <property name="jboss.home" value="${env.JBOSS_HOME}"/>
+ <property name="jboss.server.config" value="default"/>
+ <property name="build.dir" value="${basedir}/build"/>
+ <property name="build.classes.dir" value="${build.dir}/classes"/>
+ <property name="build.artifact" value="jboss-ejb3-tutorial-security.jar"/>
+
+ <!-- Build classpath -->
+ <path id="classpath">
+ <!-- So that we can get jndi.properties for InitialContext -->
+ <pathelement location="${basedir}"/>
+ <!-- Only the jbossall-client.jar should ideally be sufficient -->
+ <fileset dir="${jboss.home}/client">
+ <include name="**/jbossall-client.jar"/>
+ </fileset>
+ <pathelement location="${build.classes.dir}"/>
+ </path>
+
+ <property name="build.classpath" refid="classpath"/>
+
+ <!-- =================================================================== -->
+ <!-- Prepares the build directory -->
+ <!-- =================================================================== -->
+ <target name="prepare">
+ <mkdir dir="${build.dir}"/>
+ <mkdir dir="${build.classes.dir}"/>
+ </target>
+
+ <!-- =================================================================== -->
+ <!-- Compiles the source code -->
+ <!-- =================================================================== -->
+ <target name="compile" depends="prepare">
+ <javac srcdir="${src.dir}"
+ destdir="${build.classes.dir}"
+ debug="on"
+ deprecation="on"
+ optimize="off"
+ includes="**">
+ <classpath refid="classpath"/>
+ </javac>
+ </target>
+
+ <target name="ejbjar" depends="compile">
+ <jar jarfile="build/${build.artifact}">
+ <fileset dir="${build.classes.dir}">
+ <include name="**/*.class"/>
+ </fileset>
+ <fileset dir=".">
+ <include name="*.properties"/>
+ </fileset>
+ </jar>
+ <copy file="build/${build.artifact}" todir="${jboss.home}/server/${jboss.server.config}/deploy"/>
+ </target>
+
+ <target name="run" depends="ejbjar">
+ <java classname="org.jboss.tutorial.security.client.Client" fork="yes" dir=".">
+ <classpath refid="classpath"/>
+ </java>
+ </target>
+
+ <!-- =================================================================== -->
+ <!-- Cleans up generated stuff -->
+ <!-- =================================================================== -->
+ <target name="clean.db">
+ <delete dir="${jboss.home}/server/${jboss.server.config}/data/hypersonic"/>
+ </target>
+
+ <target name="clean">
+ <delete dir="${build.dir}"/>
+ <delete file="${jboss.home}/server/${jboss.server.config}/deploy/${build.artifact}"/>
+ </target>
+
+
+</project>
+
Deleted: projects/ejb3/trunk/docs/tutorial/security/jndi.properties
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/jndi.properties 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/jndi.properties 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1,3 +0,0 @@
-java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
-java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
-java.naming.provider.url=localhost
Copied: projects/ejb3/trunk/docs/tutorial/security/jndi.properties (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/jndi.properties)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/jndi.properties (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/jndi.properties 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,3 @@
+java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
+java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
+java.naming.provider.url=localhost
Deleted: projects/ejb3/trunk/docs/tutorial/security/log4j.xml
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/log4j.xml 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/log4j.xml 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1,37 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
-
-<!-- ===================================================================== -->
-<!-- -->
-<!-- Log4j Configuration -->
-<!-- -->
-<!-- ===================================================================== -->
-
-<!-- $Id$ -->
-
-<!--
- | For more configuration infromation and examples see the Jakarta Log4j
- | owebsite: http://jakarta.apache.org/log4j
- -->
-
-<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
-
-<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
- <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
- <param name="Target" value="System.out"/>
- <param name="Threshold" value="INFO"/>
-
- <layout class="org.apache.log4j.PatternLayout">
- <!-- The default pattern: Date Priority [Category] Messagen -->
- <!--
- <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
- -->
- <param name="ConversionPattern" value="%-5p %d{dd-MM HH:mm:ss,SSS} (%F:%M:%L) -%m%n"/>
- </layout>
-</appender>
-
- <root>
- <appender-ref ref="CONSOLE"/>
- </root>
-
-</log4j:configuration>
Copied: projects/ejb3/trunk/docs/tutorial/security/log4j.xml (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/log4j.xml)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/log4j.xml (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/log4j.xml 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
+
+<!-- ===================================================================== -->
+<!-- -->
+<!-- Log4j Configuration -->
+<!-- -->
+<!-- ===================================================================== -->
+
+<!-- $Id$ -->
+
+<!--
+ | For more configuration infromation and examples see the Jakarta Log4j
+ | owebsite: http://jakarta.apache.org/log4j
+ -->
+
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
+
+<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
+ <errorHandler class="org.jboss.logging.util.OnlyOnceErrorHandler"/>
+ <param name="Target" value="System.out"/>
+ <param name="Threshold" value="INFO"/>
+
+ <layout class="org.apache.log4j.PatternLayout">
+ <!-- The default pattern: Date Priority [Category] Messagen -->
+ <!--
+ <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c{1}] %m%n"/>
+ -->
+ <param name="ConversionPattern" value="%-5p %d{dd-MM HH:mm:ss,SSS} (%F:%M:%L) -%m%n"/>
+ </layout>
+</appender>
+
+ <root>
+ <appender-ref ref="CONSOLE"/>
+ </root>
+
+</log4j:configuration>
Added: projects/ejb3/trunk/docs/tutorial/security/pom.xml
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/pom.xml (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/pom.xml 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+
+
+
+
+ <!-- Model Version -->
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.jboss.ejb3</groupId>
+ <artifactId>jboss-ejb3-tutorial-common</artifactId>
+ <version>0.1.0-SNAPSHOT</version>
+ <relativePath>../common/</relativePath>
+ </parent>
+
+ <properties>
+ <ejb3.tutorial.client>org.jboss.tutorial.security.client.Client</ejb3.tutorial.client>
+
+ </properties>
+
+
+ <artifactId>jboss-ejb3-tutorial-security</artifactId>
+ <version>0.1.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+ <name>Security in EJB3</name>
+ <url>http://labs.jboss.com/jbossejb3/</url>
+ <description>
+ Tutorial about securing beans in EJB3
+ </description>
+
+
+
+
+
+
+</project>
Property changes on: projects/ejb3/trunk/docs/tutorial/security/pom.xml
___________________________________________________________________
Name: svn:executable
+ *
Deleted: projects/ejb3/trunk/docs/tutorial/security/roles.properties
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/roles.properties 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/roles.properties 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1 +0,0 @@
-kabir=student
Copied: projects/ejb3/trunk/docs/tutorial/security/roles.properties (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/roles.properties)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/roles.properties (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/roles.properties 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1 @@
+kabir=student
Deleted: projects/ejb3/trunk/docs/tutorial/security/security.html
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/security.html 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/security.html 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1,63 +0,0 @@
-<html>
-<body>
-<p>
-<h2>Transactions and Security</h2>
-
-The EJB 3.0 specification has an optional total replacement of XML deployment descriptors with annotations. This tutorial goes over how to
-use the transaction and security annotations of EJB 3.0.
-</p><p>
-<h4>Transactions</h4>
-
-Using transactions is easy, just use the <tt>javax.ejb.TransactionAttribute</tt> annotation. The <tt>javax.ejb.TransactionAttributeType</tt> enum has every transactional type.
-</p><p>
-<pre>
- @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
- public int add(int x, int y)
- {
- return x + y;
- }
-</pre>
-</p><p>
-<h4>Security</h4>
-
-Take a look at <a href="src/org/jboss/tutorial/security/bean/CalculatorBean.java">calculatorBean</a>.
-</p><p>
-The <tt>javax.annotation.security.RolesAllowed</tt> and <tt>javax.annotation.security.PermitAll</tt> are the EJB 3.0 security annotations. You can attach a MethodPermission to any method and define which roles are allowed to invoke on that method. The <tt>javax.ejb.RunAs</tt> annotation can also be applied at the class level. There is also an additional JBoss specific annotation that you must supply at the class level. <tt>org.jboss.ejb3.security.SecurityDomain</tt>. The SecurityDomain specifies the JAAS repository which will be used by JBoss to authenticate and authorize. See the JBoss Application Server documentation for more details. In this particular example, the "other" domain is used. The "other" domain corresponds to a users.properties and roles.properties files that contain cleartext user, password, and user/role associations. If you open the built tutorial.jar file you will see these two files in there.
-</p><p>
-<h4>Client</h4>
-
-Open up <a href="src/org/jboss/tutorial/security/client/Client.java">Client.java</a>. You'll see that it looks up the stateless bean under its remote interface's fully qualified classname. Also notice that there is no Home interface and you can begin executing on the stateless bean right away. The client uses a proprietary backdoor to set the user name and password through JBoss's SecurityAssociation class. JBoss recommends using JAAS for more portable applicatons.
-</p><p>
-<h4>Building and Running</h4>
-
-To build and run the example, make sure you have <tt>ejb3.deployer</tt> installed in JBoss 4.0.x and have JBoss running. See the reference manual on how to install EJB 3.0.
-<pre>
-Unix: $ export JBOSS_HOME=<where your jboss 4.0 distribution is>
-Windows: $ set JBOSS_HOME=<where your jboss 4.0 distribution is>
-$ ant
-$ ant run
-
-run:
- [java] Kabir is a student.
- [java] Kabir types in the wrong password
- [java] 2004-10-07 15:32:50,916 INFO org.jboss.remoting.InvokerRegistry[main] - Failed to load soap remoting transpo
-rt: org/apache/axis/AxisFault
- [java] Authentication exception, principal=kabir
- [java] Kabir types in correct password.
- [java] Kabir does unchecked addition.
- [java] 1 + 1 = 2
- [java] Kabir is not a teacher so he cannot do division
- [java] Insufficient method permissions, principal=kabir, interface=org.jboss.ejb3.EJBContainerInvocation, requiredR
-oles=[teacher], principalRoles=[student]
- [java] Students are allowed to do subtraction
- [java] 1 - 1 = 0
-</pre>
-</p><p>
-The INFO message you can ignore. It will be fixed in later releases of JBoss 4.0.
-</p><p>
-</p><p>
-</p><p>
-</p><p>
-</p>
-</body>
-</html>
Copied: projects/ejb3/trunk/docs/tutorial/security/security.html (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/security.html)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/security.html (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/security.html 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,63 @@
+<html>
+<body>
+<p>
+<h2>Transactions and Security</h2>
+
+The EJB 3.0 specification has an optional total replacement of XML deployment descriptors with annotations. This tutorial goes over how to
+use the transaction and security annotations of EJB 3.0.
+</p><p>
+<h4>Transactions</h4>
+
+Using transactions is easy, just use the <tt>javax.ejb.TransactionAttribute</tt> annotation. The <tt>javax.ejb.TransactionAttributeType</tt> enum has every transactional type.
+</p><p>
+<pre>
+ @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
+ public int add(int x, int y)
+ {
+ return x + y;
+ }
+</pre>
+</p><p>
+<h4>Security</h4>
+
+Take a look at <a href="src/org/jboss/tutorial/security/bean/CalculatorBean.java">calculatorBean</a>.
+</p><p>
+The <tt>javax.annotation.security.RolesAllowed</tt> and <tt>javax.annotation.security.PermitAll</tt> are the EJB 3.0 security annotations. You can attach a MethodPermission to any method and define which roles are allowed to invoke on that method. The <tt>javax.ejb.RunAs</tt> annotation can also be applied at the class level. There is also an additional JBoss specific annotation that you must supply at the class level. <tt>org.jboss.ejb3.security.SecurityDomain</tt>. The SecurityDomain specifies the JAAS repository which will be used by JBoss to authenticate and authorize. See the JBoss Application Server documentation for more details. In this particular example, the "other" domain is used. The "other" domain corresponds to a users.properties and roles.properties files that contain cleartext user, password, and user/role associations. If you open the built tutorial.jar file you will see these two files in there.
+</p><p>
+<h4>Client</h4>
+
+Open up <a href="src/org/jboss/tutorial/security/client/Client.java">Client.java</a>. You'll see that it looks up the stateless bean under its remote interface's fully qualified classname. Also notice that there is no Home interface and you can begin executing on the stateless bean right away. The client uses a proprietary backdoor to set the user name and password through JBoss's SecurityAssociation class. JBoss recommends using JAAS for more portable applicatons.
+</p><p>
+<h4>Building and Running</h4>
+
+To build and run the example, make sure you have <tt>ejb3.deployer</tt> installed in JBoss 4.0.x and have JBoss running. See the reference manual on how to install EJB 3.0.
+<pre>
+Unix: $ export JBOSS_HOME=<where your jboss 4.0 distribution is>
+Windows: $ set JBOSS_HOME=<where your jboss 4.0 distribution is>
+$ ant
+$ ant run
+
+run:
+ [java] Kabir is a student.
+ [java] Kabir types in the wrong password
+ [java] 2004-10-07 15:32:50,916 INFO org.jboss.remoting.InvokerRegistry[main] - Failed to load soap remoting transpo
+rt: org/apache/axis/AxisFault
+ [java] Authentication exception, principal=kabir
+ [java] Kabir types in correct password.
+ [java] Kabir does unchecked addition.
+ [java] 1 + 1 = 2
+ [java] Kabir is not a teacher so he cannot do division
+ [java] Insufficient method permissions, principal=kabir, interface=org.jboss.ejb3.EJBContainerInvocation, requiredR
+oles=[teacher], principalRoles=[student]
+ [java] Students are allowed to do subtraction
+ [java] 1 - 1 = 0
+</pre>
+</p><p>
+The INFO message you can ignore. It will be fixed in later releases of JBoss 4.0.
+</p><p>
+</p><p>
+</p><p>
+</p><p>
+</p>
+</body>
+</html>
Deleted: projects/ejb3/trunk/docs/tutorial/security/security.wiki
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/security.wiki 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/security.wiki 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1,52 +0,0 @@
-!!!Transactions and Security
-The EJB 3.0 specification has an optional total replacement of XML deployment descriptors with annotations. This tutorial goes over how to
-use the transaction and security annotations of EJB 3.0.
-
-!Transactions
-Using transactions is easy, just use the {{javax.ejb.TransactionAttribute}} annotation. The {{javax.ejb.TransactionAttributeType}} enum has every transactional type.
-
-{{{
- @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
- public int add(int x, int y)
- {
- return x + y;
- }
-}}}
-
-!Security
-Take a look at [calculatorBean|src/org/jboss/tutorial/security/bean/CalculatorBean.java].
-
-The {{javax.annotation.security.RolesAllowed}} and {{javax.annotation.security.PermitAll}} are the EJB 3.0 security annotations. You can attach a MethodPermission to any method and define which roles are allowed to invoke on that method. The {{javax.ejb.RunAs}} annotation can also be applied at the class level. There is also an additional JBoss specific annotation that you must supply at the class level. {{org.jboss.ejb3.security.SecurityDomain}}. The SecurityDomain specifies the JAAS repository which will be used by JBoss to authenticate and authorize. See the JBoss Application Server documentation for more details. In this particular example, the "other" domain is used. The "other" domain corresponds to a users.properties and roles.properties files that contain cleartext user, password, and user/role associations. If you open the built tutorial.jar file you will see these two files in there.
-
-!Client
-Open up [Client.java|src/org/jboss/tutorial/security/client/Client.java]. You'll see that it looks up the stateless bean under its remote interface's fully qualified classname. Also notice that there is no Home interface and you can begin executing on the stateless bean right away. The client uses a proprietary backdoor to set the user name and password through JBoss's SecurityAssociation class. JBoss recommends using JAAS for more portable applicatons.
-
-!Building and Running
-To build and run the example, make sure you have {{ejb3.deployer}} installed in JBoss 4.0.x and have JBoss running. See the reference manual on how to install EJB 3.0.
-{{{
-Unix: $ export JBOSS_HOME=<where your jboss 4.0 distribution is>
-Windows: $ set JBOSS_HOME=<where your jboss 4.0 distribution is>
-$ ant
-$ ant run
-
-run:
- [java] Kabir is a student.
- [java] Kabir types in the wrong password
- [java] 2004-10-07 15:32:50,916 INFO org.jboss.remoting.InvokerRegistry[main] - Failed to load soap remoting transpo
-rt: org/apache/axis/AxisFault
- [java] Authentication exception, principal=kabir
- [java] Kabir types in correct password.
- [java] Kabir does unchecked addition.
- [java] 1 + 1 = 2
- [java] Kabir is not a teacher so he cannot do division
- [java] Insufficient method permissions, principal=kabir, interface=org.jboss.ejb3.EJBContainerInvocation, requiredR
-oles=[teacher], principalRoles=[student]
- [java] Students are allowed to do subtraction
- [java] 1 - 1 = 0
-}}}
-
-The INFO message you can ignore. It will be fixed in later releases of JBoss 4.0.
-
-
-
-
Copied: projects/ejb3/trunk/docs/tutorial/security/security.wiki (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/security.wiki)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/security.wiki (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/security.wiki 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,52 @@
+!!!Transactions and Security
+The EJB 3.0 specification has an optional total replacement of XML deployment descriptors with annotations. This tutorial goes over how to
+use the transaction and security annotations of EJB 3.0.
+
+!Transactions
+Using transactions is easy, just use the {{javax.ejb.TransactionAttribute}} annotation. The {{javax.ejb.TransactionAttributeType}} enum has every transactional type.
+
+{{{
+ @TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
+ public int add(int x, int y)
+ {
+ return x + y;
+ }
+}}}
+
+!Security
+Take a look at [calculatorBean|src/org/jboss/tutorial/security/bean/CalculatorBean.java].
+
+The {{javax.annotation.security.RolesAllowed}} and {{javax.annotation.security.PermitAll}} are the EJB 3.0 security annotations. You can attach a MethodPermission to any method and define which roles are allowed to invoke on that method. The {{javax.ejb.RunAs}} annotation can also be applied at the class level. There is also an additional JBoss specific annotation that you must supply at the class level. {{org.jboss.ejb3.security.SecurityDomain}}. The SecurityDomain specifies the JAAS repository which will be used by JBoss to authenticate and authorize. See the JBoss Application Server documentation for more details. In this particular example, the "other" domain is used. The "other" domain corresponds to a users.properties and roles.properties files that contain cleartext user, password, and user/role associations. If you open the built tutorial.jar file you will see these two files in there.
+
+!Client
+Open up [Client.java|src/org/jboss/tutorial/security/client/Client.java]. You'll see that it looks up the stateless bean under its remote interface's fully qualified classname. Also notice that there is no Home interface and you can begin executing on the stateless bean right away. The client uses a proprietary backdoor to set the user name and password through JBoss's SecurityAssociation class. JBoss recommends using JAAS for more portable applicatons.
+
+!Building and Running
+To build and run the example, make sure you have {{ejb3.deployer}} installed in JBoss 4.0.x and have JBoss running. See the reference manual on how to install EJB 3.0.
+{{{
+Unix: $ export JBOSS_HOME=<where your jboss 4.0 distribution is>
+Windows: $ set JBOSS_HOME=<where your jboss 4.0 distribution is>
+$ ant
+$ ant run
+
+run:
+ [java] Kabir is a student.
+ [java] Kabir types in the wrong password
+ [java] 2004-10-07 15:32:50,916 INFO org.jboss.remoting.InvokerRegistry[main] - Failed to load soap remoting transpo
+rt: org/apache/axis/AxisFault
+ [java] Authentication exception, principal=kabir
+ [java] Kabir types in correct password.
+ [java] Kabir does unchecked addition.
+ [java] 1 + 1 = 2
+ [java] Kabir is not a teacher so he cannot do division
+ [java] Insufficient method permissions, principal=kabir, interface=org.jboss.ejb3.EJBContainerInvocation, requiredR
+oles=[teacher], principalRoles=[student]
+ [java] Students are allowed to do subtraction
+ [java] 1 - 1 = 0
+}}}
+
+The INFO message you can ignore. It will be fixed in later releases of JBoss 4.0.
+
+
+
+
Copied: projects/ejb3/trunk/docs/tutorial/security/src (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/src)
Modified: projects/ejb3/trunk/docs/tutorial/security/src/org/jboss/tutorial/security/bean/CalculatorBean.java
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/src/org/jboss/tutorial/security/bean/CalculatorBean.java 2008-12-23 07:30:02 UTC (rev 82494)
+++ projects/ejb3/trunk/docs/tutorial/security/src/org/jboss/tutorial/security/bean/CalculatorBean.java 2008-12-24 07:54:00 UTC (rev 82539)
@@ -28,8 +28,7 @@
import javax.annotation.security.PermitAll;
import javax.annotation.security.RolesAllowed;
import javax.ejb.Remote;
-import org.jboss.annotation.security.SecurityDomain;
-import org.jboss.annotation.security.SecurityDomain;
+import org.jboss.ejb3.annotation.SecurityDomain;
@Stateless
@SecurityDomain("other")
Modified: projects/ejb3/trunk/docs/tutorial/security/src/org/jboss/tutorial/security/client/Client.java
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/src/org/jboss/tutorial/security/client/Client.java 2008-12-23 07:30:02 UTC (rev 82494)
+++ projects/ejb3/trunk/docs/tutorial/security/src/org/jboss/tutorial/security/client/Client.java 2008-12-24 07:54:00 UTC (rev 82539)
@@ -21,10 +21,11 @@
*/
package org.jboss.tutorial.security.client;
-import java.util.Properties;
import javax.ejb.EJBAccessException;
-import javax.naming.Context;
import javax.naming.InitialContext;
+
+import org.jboss.security.client.SecurityClient;
+import org.jboss.security.client.SecurityClientFactory;
import org.jboss.tutorial.security.bean.Calculator;
/**
@@ -35,11 +36,12 @@
public static void main(String[] args) throws Exception
{
// Establish the proxy with an incorrect security identity
- Properties env = new Properties();
- env.setProperty(Context.SECURITY_PRINCIPAL, "kabir");
- env.setProperty(Context.SECURITY_CREDENTIALS, "invalidpassword");
- env.setProperty(Context.INITIAL_CONTEXT_FACTORY, "org.jboss.security.jndi.JndiLoginInitialContextFactory");
- InitialContext ctx = new InitialContext(env);
+ // Initially login with an incorrect password
+ SecurityClient securityClient = SecurityClientFactory.getSecurityClient();
+ securityClient.setSimple("kabir", "invalidpassword");
+ securityClient.login();
+
+ InitialContext ctx = new InitialContext();
Calculator calculator = (Calculator) ctx.lookup("CalculatorBean/remote");
System.out.println("Kabir is a student.");
@@ -57,8 +59,10 @@
System.out.println("Kabir does unchecked addition.");
// Re-establish the proxy with the correct security identity
- env.setProperty(Context.SECURITY_CREDENTIALS, "validpassword");
- ctx = new InitialContext(env);
+ securityClient.logout();
+ securityClient.setSimple("kabir", "validpassword");
+ securityClient.login();
+
calculator = (Calculator) ctx.lookup("CalculatorBean/remote");
System.out.println("1 + 1 = " + calculator.add(1, 1));
@@ -68,7 +72,7 @@
{
calculator.divide(16, 4);
}
- catch (javax.ejb.EJBAccessException ex)
+ catch (javax.ejb.EJBAccessException ex)
{
System.out.println(ex.getMessage());
}
Deleted: projects/ejb3/trunk/docs/tutorial/security/users.properties
===================================================================
--- projects/oldstuff/ejb3/docs/tutorial/security/users.properties 2008-12-04 08:31:45 UTC (rev 82032)
+++ projects/ejb3/trunk/docs/tutorial/security/users.properties 2008-12-24 07:54:00 UTC (rev 82539)
@@ -1,2 +0,0 @@
-kabir=validpassword
-
Copied: projects/ejb3/trunk/docs/tutorial/security/users.properties (from rev 82494, projects/oldstuff/ejb3/docs/tutorial/security/users.properties)
===================================================================
--- projects/ejb3/trunk/docs/tutorial/security/users.properties (rev 0)
+++ projects/ejb3/trunk/docs/tutorial/security/users.properties 2008-12-24 07:54:00 UTC (rev 82539)
@@ -0,0 +1,2 @@
+kabir=validpassword
+
More information about the jboss-cvs-commits
mailing list