mindol1004/spring-boot-rest
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

java ee 8 security api

Browse Source
This commit is contained in:
eelhazati
2018-05-28 21:45:51 +00:00
parent ce645b67d2
commit fc5ad8e88e
38 changed files with 1143 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
java-ee-8-security-api/app-auth-custom-no-store/pom.xml Normal file
View File

@@ -0,0 +1,72 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>app-auth-custom-no-store</artifactId>
<packaging>war</packaging>
<parent>
<groupId>com.baeldung</groupId>
<artifactId>java-ee-8-security-api</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<properties>
<h2-version>1.4.197</h2-version>
</properties>
<build>
<plugins>
<plugin>
<groupId>net.wasdev.wlp.maven.plugins</groupId>
<artifactId>liberty-maven-plugin</artifactId>
<executions>
<execution>
<id>install-server</id>
<phase>prepare-package</phase>
<goals>
<goal>install-server</goal>
<goal>create-server</goal>
<goal>install-feature</goal>
</goals>
</execution>
<execution>
<id>install-apps</id>
<phase>package</phase>
<goals>
<goal>install-apps</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>copy</id>
<phase>package</phase>
<goals>
<goal>copy</goal>
</goals>
</execution>
</executions>
<configuration>
<artifactItems>
<artifactItem>
<groupId>com.h2database</groupId>
<artifactId>h2</artifactId>
<version>${h2-version}</version>
<type>jar</type>
<outputDirectory>
${project.build.directory}/liberty/wlp/usr/servers/defaultServer/lib/global
</outputDirectory>
</artifactItem>
</artifactItems>
</configuration>
</plugin>
</plugins>
</build>
</project>

28
java-ee-8-security-api/app-auth-custom-no-store/src/main/java/com/baeldung/javaee/security/AdminServlet.java Normal file
View File

@@ -0,0 +1,28 @@
package com.baeldung.javaee.security;
import javax.inject.Inject;
import javax.security.enterprise.SecurityContext;
import javax.servlet.ServletException;
import javax.servlet.annotation.HttpConstraint;
import javax.servlet.annotation.ServletSecurity;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.Principal;
@WebServlet("/admin")
@ServletSecurity(value = @HttpConstraint(rolesAllowed = {"admin_role"}))
public class AdminServlet extends HttpServlet {
@Inject
SecurityContext securityContext;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.getWriter().append("getCallerPrincipal :" + securityContext.getCallerPrincipal() + "\n");
response.getWriter().append("CustomPrincipal :" + securityContext.getPrincipalsByType(CustomPrincipal.class) + "\n");
response.getWriter().append("Principal :" + securityContext.getPrincipalsByType(Principal.class) + "\n");
}
}

7
java-ee-8-security-api/app-auth-custom-no-store/src/main/java/com/baeldung/javaee/security/AppConfig.java Normal file
View File

@@ -0,0 +1,7 @@
package com.baeldung.javaee.security;
import javax.enterprise.context.ApplicationScoped;
@ApplicationScoped
public class AppConfig {
}

36
java-ee-8-security-api/app-auth-custom-no-store/src/main/java/com/baeldung/javaee/security/CustomAuthentication.java Normal file
View File

@@ -0,0 +1,36 @@
package com.baeldung.javaee.security;
import javax.enterprise.context.ApplicationScoped;
import javax.security.enterprise.AuthenticationException;
import javax.security.enterprise.AuthenticationStatus;
import javax.security.enterprise.authentication.mechanism.http.HttpAuthenticationMechanism;
import javax.security.enterprise.authentication.mechanism.http.HttpMessageContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashSet;
@ApplicationScoped
public class CustomAuthentication implements HttpAuthenticationMechanism {
@Override
public AuthenticationStatus validateRequest(HttpServletRequest httpServletRequest,
HttpServletResponse httpServletResponse,
HttpMessageContext httpMessageContext) throws AuthenticationException {
String username = httpServletRequest.getParameter("username");
String password = httpServletRequest.getParameter("password");
//Mocking UserDetail, but in real life, we can find it from a database.
UserDetail userDetail = findByUserNameAndPassword(username, password);
if (userDetail != null) {
return httpMessageContext.notifyContainerAboutLogin(
new CustomPrincipal(userDetail),
new HashSet<>(userDetail.getRoles()));
}
return httpMessageContext.responseUnauthorized();
}
private UserDetail findByUserNameAndPassword(String username, String password) {
UserDetail userDetail = new UserDetail("uid_10", username, password);
userDetail.addRole("admin_role");
return userDetail;
}
}

22
java-ee-8-security-api/app-auth-custom-no-store/src/main/java/com/baeldung/javaee/security/CustomPrincipal.java Normal file
View File

@@ -0,0 +1,22 @@
package com.baeldung.javaee.security;
import java.security.Principal;
public class CustomPrincipal implements Principal {
private UserDetail userDetail;
public CustomPrincipal(UserDetail userDetail) {
this.userDetail = userDetail;
}
@Override
public String getName() {
return userDetail.getLogin();
}
@Override
public String toString() {
return this.getClass().getSimpleName() + ":" + getName();
}
}

38
java-ee-8-security-api/app-auth-custom-no-store/src/main/java/com/baeldung/javaee/security/UserDetail.java Normal file
View File

@@ -0,0 +1,38 @@
package com.baeldung.javaee.security;
import java.util.ArrayList;
import java.util.List;
public class UserDetail {
private String uid;
private String login;
private String password;
private List<String> roles = new ArrayList<>();
//...
UserDetail(String uid, String login, String password) {
this.uid = uid;
this.login = login;
this.password = password;
}
public String getUid() {
return uid;
}
public String getLogin() {
return login;
}
public String getPassword() {
return password;
}
public List<String> getRoles() {
return roles;
}
public void addRole(String role) {
roles.add(role);
}
}

9
java-ee-8-security-api/app-auth-custom-no-store/src/main/liberty/config/server.xml Normal file
View File

@@ -0,0 +1,9 @@
<server description="OpenLiberty MicroProfile server">
<featureManager>
<feature>webProfile-8.0</feature>
</featureManager>
<httpEndpoint httpPort="${default.http.port}" httpsPort="${default.https.port}"
id="defaultHttpEndpoint" host="*"/>
</server>

10
java-ee-8-security-api/app-auth-custom-no-store/src/main/webapp/login-error.html Normal file
View File

@@ -0,0 +1,10 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
Authentication Error
</body>
</html>

25
java-ee-8-security-api/app-auth-custom-no-store/src/main/webapp/login.html Normal file
View File

@@ -0,0 +1,25 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<p>
Form-based Authentication
</p>
<form action="j_security_check">
<p>
<strong>Username </strong>
<input name="j_username" type="text"/>
</p>
<p>
<strong>Password </strong>
<input name="j_password" type="text"/>
</p>
<p>
<input type="submit" value="Login">
</p>
</form>
</body>
</html>