@RolesAllowed({"ROLE_ADMIN"})
@GET
public User getObject(final @Context SecurityContext securityContext) {
User user = getUserFromSecurityContext(securityContext);
if(user == null) {
throw new UserNotFoundException();
}
return new User(user);
}
Wednesday, October 22, 2014
JavaEE with Spring Security @RolesAllowed
Tuesday, August 5, 2014
JavaEE REST JAX-RS with Spring Security
Java EE REST JAX-RS with Spring Security
If you are using a JavaEE application server like Jboss, WildFly, GlassFish you get JAX-RS , JPA etc runtimes for 'free', if using Tomcat, Jetty etc, you might as well use the full Spring stack.
I tested on Jboss EAP 6.11, 7, WildFly and Glassfish.
/WEB-INF/applicationContext.xml Spring context file.
The web.xml
The jax-rs path secured with annotation.
Dependencies for spring security -
If you are using a JavaEE application server like Jboss, WildFly, GlassFish you get JAX-RS , JPA etc runtimes for 'free', if using Tomcat, Jetty etc, you might as well use the full Spring stack.
I tested on Jboss EAP 6.11, 7, WildFly and Glassfish.
/WEB-INF/applicationContext.xml Spring context file.
<?xml version='1.0' encoding='UTF-8' ?>
<!-- was: <?xml version="1.0" encoding="UTF-8"?> -->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security.xsd">
<!--bean id="propertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"
p:location="/WEB-INF/jdbc.properties" />
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource"
p:driverClassName="${jdbc.driverClassName}"
p:url="${jdbc.url}"
p:username="${jdbc.username}"
p:password="${jdbc.password}" /-->
<!-- ADD PERSISTENCE SUPPORT HERE (jpa, hibernate, etc) -->
<!--basic login security-->
<security:http>
<security:intercept-url pattern="/**" access="ROLE_USER" />
<security:form-login />
<security:logout />
</security:http>
<!--example from spring.io security reference-->
<security:authentication-manager>
<security:authentication-provider>
<security:user-service>
<security:user name="jimi" password="jimispassword" authorities="ROLE_USER, ROLE_ADMIN" />
<security:user name="bob" password="bobspassword" authorities="ROLE_USER" />
</security:user-service>
</security:authentication-provider>
</security:authentication-manager>
<!--secures all methods-->
<security:global-method-security secured-annotations="enabled" />
</beans>
The web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>redirect.jsp</welcome-file>
</welcome-file-list>
</web-app>
The jax-rs path secured with annotation.
1: @Secured("ROLE_ADMIN")
2: @GET
3: @Override
4: @Produces({ "application/json"})
5: public List<Customer> findAll() {
6: Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
7: Object principal = authentication.getPrincipal();
8: if(principal instanceof User)
9: System.err.println("principal: " + ((User)principal).getUsername());
10: else
11: System.err.println("instance"+ principal.getClass().getTypeName());
12: System.err.println("roles :" + authentication.getAuthorities());
13: return super.findAll();
14: }
Dependencies for spring security -
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>4.0.6.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>4.0.6.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
<version>3.2.4.RELEASE</version>
</dependency>
Thursday, July 10, 2014
Use Spring Integration To Consume Soap Web Services
Spring Integration Consume Soap Web Service
//interface
import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebService;
import javax.jws.soap.SOAPBinding;
/**
*
* @author
*/
@WebService
@SOAPBinding(style= SOAPBinding.Style.DOCUMENT,parameterStyle= SOAPBinding.ParameterStyle.BARE,use= SOAPBinding.Use.LITERAL)
public interface IService {
@WebMethod(operationName="calculateSomething")
public String calculateSomething();
}
//implementation
import java.util.Date;
import javax.jws.WebService;
import javax.xml.ws.*;
import javax.jws.*;
/**
*
* @author
*/
@WebService
public class ServiceClass implements IService {
public static void main(String ... args){
ServiceClass sc = new ServiceClass();
Endpoint.publish("http://127.0.0.1:15041/service", sc);
System.out.println("Server Started: " + new Date().toString());
}
public String calculateSomething() {
System.out.println(" method called " + new Date());
return new Date().toString();
}
}
//consumer
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.integration.support.MessageBuilder;
import org.springframework.integration.support.channel.BeanFactoryChannelResolver;
import org.springframework.messaging.Message;
import org.springframework.messaging.MessageChannel;
import org.springframework.messaging.core.DestinationResolver;
public class MyConsumer {
public static void main(String[] args) {
ClassPathXmlApplicationContext context =
new ClassPathXmlApplicationContext("/META-INF/spring/integration/ws-context.xml");
DestinationResolver<MessageChannel> channelResolver = new BeanFactoryChannelResolver(context);
// Compose the XML message according to the server's schema
String requestXml =
"<calculateSomething xmlns=\"http://samplenamespacefromwsdl/\">"+
"</calculateSomething>";
// Create the Message object
Message<String> message = MessageBuilder.withPayload(requestXml).build();
// Send the Message to the handler's input channel
MessageChannel channel = channelResolver.resolveDestination("myChannel");
boolean response = channel.send(message);
System.out.println("channel: "+channel.toString());
System.out.println("msg sent: "+response + " payload " + message.getPayload());
}
}
//spring integration context
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/integration"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:stream="http://www.springframework.org/schema/integration/stream"
xmlns:ws="http://www.springframework.org/schema/integration/ws"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/integration
http://www.springframework.org/schema/integration/spring-integration.xsd
http://www.springframework.org/schema/integration/stream
http://www.springframework.org/schema/integration/stream/spring-integration-stream.xsd
http://www.springframework.org/schema/integration/ws
http://www.springframework.org/schema/integration/ws/spring-integration-ws.xsd">
<chain input-channel="myChannel" output-channel="outChannel">
<!--ws:header-enricher>
<ws:soap-action value=""/>
</ws:header-enricher-->
<ws:outbound-gateway uri="http://localhost:15041/service"/>
</chain>
<!-- The response from the service is logged to the console. -->
<stream:stdout-channel-adapter id="outChannel"/>
</beans:beans>
// For The Maven Dependencies
<dependencies>
<dependency>
<groupId>org.springframework.integration</groupId>
<artifactId>spring-integration-stream</artifactId>
<version>4.0.0.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-all</artifactId>
<version>1.3</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.integration</groupId>
<artifactId>spring-integration-ws</artifactId>
<version>4.0.0.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>1.9.5</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>4.0.3.RELEASE</version>
<scope>test</scope>
</dependency>
</dependencies>
Tuesday, June 17, 2014
Friday, June 6, 2014
How to test Soap services using Metro on Java SE
How to test Soap services using Metro on Java SE
package com.services;
import java.util.Date;
import javax.xml.ws.*;
/**
*
* @author name
*/
public class ServicePublisher {
public static void main(String[] args){
CalculatorServiceImpl calculatorServiceImpl = new CalculatorServiceImpl();
Endpoint.publish("http://127.0.0.1:10000/service", calculatorServiceImpl);
System.out.println("Service Started: " + new Date().toString());
}
}
package com.services;
import java.util.Date;
import javax.xml.ws.*;
/**
*
* @author name
*/
public class ServicePublisher {
public static void main(String[] args){
CalculatorServiceImpl calculatorServiceImpl = new CalculatorServiceImpl();
Endpoint.publish("http://127.0.0.1:10000/service", calculatorServiceImpl);
System.out.println("Service Started: " + new Date().toString());
}
}
Wednesday, March 19, 2014
JSF 2.2 Spring 4.X Configuration
JSF 2.2 with Spring 4.X
File : web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</context-param>
<!-- Configuration locations must consist of one or more comma- or space-delimited
fully-qualified @Configuration classes. Fully-qualified packages may also be
specified for component-scanning -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>com.org.config.AppConfig</param-value>
</context-param>
<!-- Bootstrap the root application context as usual using ContextLoaderListener -->
<context-param>
<param-name>contextAttribute</param-name>
<param-value>org.springframework.web.context.WebApplicationContext.ROOT</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>AppUserServlet</servlet-name>
<servlet-class>com.org.servlet.AppUserServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AppUserServlet</servlet-name>
<url-pattern>/AppUserServlet</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
Initialize Web Config
import org.springframework.security.web.context.*;
public class SecurityWebApplicationInitializer
extends AbstractSecurityWebApplicationInitializer {
public SecurityWebApplicationInitializer() {
super(WebSecurityConfig.class);
}
}
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
authManagerBuilder
.inMemoryAuthentication().withUser("test").password("test").roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/faces/login.xhtml")
.permitAll();
}
//http://www.petrikainulainen.net/programming/spring-framework/adding-social-sign-in-to-a-spring-mvc-web-application-configuration/
@Override
public void configure(WebSecurity web) throws Exception {
web
//Spring Security ignores request to static resources such as CSS or JS files.
.ignoring()
.antMatchers("/appContextRoot/faces/javax.faces.resource/**");
}
}
Get AppContext from FacesContext;
ApplicationContext ctx = org.springframework.web.jsf.FacesContextUtils.getWebApplicationContext(FacesContext.getCurrentInstance());
File : web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<context-param>
<param-name>contextClass</param-name>
<param-value>
org.springframework.web.context.support.AnnotationConfigWebApplicationContext
</param-value>
</context-param>
<!-- Configuration locations must consist of one or more comma- or space-delimited
fully-qualified @Configuration classes. Fully-qualified packages may also be
specified for component-scanning -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>com.org.config.AppConfig</param-value>
</context-param>
<!-- Bootstrap the root application context as usual using ContextLoaderListener -->
<context-param>
<param-name>contextAttribute</param-name>
<param-value>org.springframework.web.context.WebApplicationContext.ROOT</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>AppUserServlet</servlet-name>
<servlet-class>com.org.servlet.AppUserServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>AppUserServlet</servlet-name>
<url-pattern>/AppUserServlet</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
</web-app>
Initialize Web Config
import org.springframework.security.web.context.*;
public class SecurityWebApplicationInitializer
extends AbstractSecurityWebApplicationInitializer {
public SecurityWebApplicationInitializer() {
super(WebSecurityConfig.class);
}
}
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder authManagerBuilder) throws Exception {
authManagerBuilder
.inMemoryAuthentication().withUser("test").password("test").roles("ADMIN");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/faces/login.xhtml")
.permitAll();
}
//http://www.petrikainulainen.net/programming/spring-framework/adding-social-sign-in-to-a-spring-mvc-web-application-configuration/
@Override
public void configure(WebSecurity web) throws Exception {
web
//Spring Security ignores request to static resources such as CSS or JS files.
.ignoring()
.antMatchers("/appContextRoot/faces/javax.faces.resource/**");
}
}
Get AppContext from FacesContext;
ApplicationContext ctx = org.springframework.web.jsf.FacesContextUtils.getWebApplicationContext(FacesContext.getCurrentInstance());
Friday, March 14, 2014
JSF 2.2 HTML5
With JSF 2.2 you can now use html5 syntax and all you need for Jsf to process the element is jsf:id="", html passthroughs are allowed now, See example below!
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:p="http://xmlns.jcp.org/jsf/passthrough"
xmlns:jsf="http://xmlns.jcp.org/jsf">
<head jsf:id="head">
<title>Facelet Title</title>
<h:outputStylesheet name="css/app.css"/>
</head>
<body>
<input class="span3" required="required" value="#{index.name}" jsf:id="name" name="name" placeholder="Full Name" type="text"/>
</body>
</html>
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:p="http://xmlns.jcp.org/jsf/passthrough"
xmlns:jsf="http://xmlns.jcp.org/jsf">
<head jsf:id="head">
<title>Facelet Title</title>
<h:outputStylesheet name="css/app.css"/>
</head>
<body>
<input class="span3" required="required" value="#{index.name}" jsf:id="name" name="name" placeholder="Full Name" type="text"/>
</body>
</html>
Java Enum In Switch Statements
How to use Java Enums in Switch statements; use Java 1.7 and up.
/**
*
* @author h@ppyF@ce
*/
public class LogicClass {
enum Month {
JANUARY(1),
FEBRUARY(2);
private final int monthCode;
Month(int monthCode) {
this.monthCode = monthCode;
}
public int getMonthCode() {
return monthCode;
}
};
public static void main(String... args) {
Month ci = Month.FEBRUARY;
switch (ci) {
case JANUARY:
System.out.println("1st");
break;
case FEBRUARY:
System.out.println("2nd");
break;
default:
System.out.println("default");
}
}
}
/**
*
* @author h@ppyF@ce
*/
public class LogicClass {
enum Month {
JANUARY(1),
FEBRUARY(2);
private final int monthCode;
Month(int monthCode) {
this.monthCode = monthCode;
}
public int getMonthCode() {
return monthCode;
}
};
public static void main(String... args) {
Month ci = Month.FEBRUARY;
switch (ci) {
case JANUARY:
System.out.println("1st");
break;
case FEBRUARY:
System.out.println("2nd");
break;
default:
System.out.println("default");
}
}
}
Subscribe to:
Posts (Atom)