Giriş
Şu satırı dahil ederiz
import org.jboss.security.SecurityDomain;
EJB nesnesini çağıran kişinin belirtilen "security domain" ile doğrulanıp
javax.annotation.security.RolesAllowed ile belirtilen role sahip olması gerekir.
security domain 4 farklı yere eklenir.
1. standalone-full.xml dosyasında undertow sistemine eklenir. Şöyle yaparız
<subsystem xmlns="urn:jboss:domain:undertow:12.0" default-server="default-server" default-virtual-host="default-host" default-servlet-container="default" default-security-domain="other" statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}"> .... <application-security-domains> <application-security-domain name="imixsrealm" security-domain="imixsrealm"/> <application-security-domain name="other" security-domain="ApplicationDomain"/> </application-security-domains> </subsystem>
2. standalone-full.xml dosyasında ejb3:9.0 sistemine eklenir. Şöyle yaparız
<subsystem xmlns="urn:jboss:domain:ejb3:9.0"> ... <default-security-domain value="other"/> <application-security-domains> <application-security-domain name="imixsrealm" security-domain="imixsrealm"/> <application-security-domain name="other" security-domain="ApplicationDomain"/> </application-security-domains> ... </subsystem>
3. src/main/webapp/WEB-INF/jboss-web.xml dosyasına eklenir. Şöyle yaparız
<?xml version="1.0" encoding="UTF-8"?> <jboss-web> <context-root>/</context-root> <security-domain>imixsrealm</security-domain> </jboss-web>
4. jboss-ejb3.xml dosyasına eklenir. Şöyle yaparız
<?xml version="1.1" encoding="UTF-8"?> <jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:s="urn:security:1.1" xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd" version="3.1" impl-version="2.0"> <assembly-descriptor> <s:security> <ejb-name>*</ejb-name> <s:security-domain>imixsrealm</s:security-domain> <!-- This configuration is necessary to enable @runAs for the AdminPService --> <s:missing-method-permissions-deny-access>false</s:missing-method-permissions-deny-access> </s:security> </assembly-descriptor> </jboss:ejb-jar>
Örnek
src/main/webapp/WEB-INF/jboss-web.xml dosyasında şöyle yaparız
<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE jboss-web> <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.org/schema/jbossas http://www.jboss.org/schema/jbossas/jboss-web_7_2.xsd"> <security-domain>legacy-domain</security-domain> </jboss-web>
Kodda @SecurityDomain kullanarak şöyle yaparız
import java.security.Principal;import javax.annotation.Resource;import javax.annotation.security.RolesAllowed;import javax.ejb.Remote;import javax.ejb.SessionContext;import javax.ejb.Stateless;import org.jboss.ejb3.annotation.SecurityDomain;//Simple secured EJB using EJB security annotations.@Stateless@RolesAllowed({"guest"})@SecurityDomain("legacy-domain")@Remote(SecuredEJBRemote.class)public class SecuredEJB implements SecuredEJBRemote {// Inject the Session Context@Resourceprivate SessionContext ctx;//Secured EJB method using security annotationspublic String getSecurityInformation() {// Session context injected using the resource annotationPrincipal principal = ctx.getCallerPrincipal();return principal.toString();}@RolesAllowed("admin")public boolean administrativeMethod() {return true;}}
Hiç yorum yok:
Yorum Gönder