16 Aralık 2021 Perşembe

JBoss @SecurityDomain Anotasyonu

Giriş
Şu satırı dahil ederiz
import org.jboss.security.SecurityDomain;
EJB nesnesini çağıran kişinin belirtilen "security domain" ile doğrulanıp 
javax.annotation.security.RolesAllowed ile belirtilen role sahip olması gerekir.

security domain 4 farklı yere eklenir.
1. standalone-full.xml dosyasında undertow sistemine eklenir. Şöyle yaparız
<subsystem xmlns="urn:jboss:domain:undertow:12.0" 
  default-server="default-server" 
  default-virtual-host="default-host" 
  default-servlet-container="default" 
  default-security-domain="other" 
  statistics-enabled="${wildfly.undertow.statistics-enabled:${wildfly.statistics-enabled:false}}">
  ....
  <application-security-domains>
    <application-security-domain name="imixsrealm" security-domain="imixsrealm"/>
    <application-security-domain name="other" security-domain="ApplicationDomain"/>                                            
  </application-security-domains>
</subsystem>
2. standalone-full.xml dosyasında ejb3:9.0 sistemine eklenir. Şöyle yaparız
<subsystem xmlns="urn:jboss:domain:ejb3:9.0">
  ...
  <default-security-domain value="other"/>
  <application-security-domains>
    <application-security-domain name="imixsrealm" security-domain="imixsrealm"/>
    <application-security-domain name="other" security-domain="ApplicationDomain"/>                
  </application-security-domains>
  ...
</subsystem>
3. src/main/webapp/WEB-INF/jboss-web.xml dosyasına eklenir. Şöyle yaparız
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
  <context-root>/</context-root>	
  <security-domain>imixsrealm</security-domain>
</jboss-web>
4.  jboss-ejb3.xml dosyasına eklenir. Şöyle yaparız
<?xml version="1.1" encoding="UTF-8"?>
<jboss:ejb-jar xmlns:jboss="http://www.jboss.com/xml/ns/javaee"
  xmlns="http://java.sun.com/xml/ns/javaee" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:s="urn:security:1.1"
  xsi:schemaLocation="http://www.jboss.com/xml/ns/javaee http://www.jboss.org/j2ee/schema/jboss-ejb3-2_0.xsd http://java.sun.com/xml/ns/javaee   http://java.sun.com/xml/ns/javaee/ejb-jar_3_1.xsd"
  version="3.1" impl-version="2.0">

  <assembly-descriptor>
    <s:security>
      <ejb-name>*</ejb-name>			
      <s:security-domain>imixsrealm</s:security-domain>
      <!-- This configuration is necessary to enable @runAs for the AdminPService  -->
      <s:missing-method-permissions-deny-access>false</s:missing-method-permissions-deny-access>
    </s:security>
  </assembly-descriptor>

</jboss:ejb-jar>

Örnek
src/main/webapp/WEB-INF/jboss-web.xml dosyasında şöyle yaparız
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web> <jboss-web xmlns="http://www.jboss.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.jboss.org/schema/jbossas http://www.jboss.org/schema/jbossas/jboss-web_7_2.xsd"> <security-domain>legacy-domain</security-domain> </jboss-web>
Kodda @SecurityDomain kullanarak şöyle yaparız
import java.security.Principal;

import javax.annotation.Resource;
import javax.annotation.security.RolesAllowed;
import javax.ejb.Remote;
import javax.ejb.SessionContext;
import javax.ejb.Stateless;

import org.jboss.ejb3.annotation.SecurityDomain;

//Simple secured EJB using EJB security annotations.
@Stateless
@RolesAllowed({"guest"})
@SecurityDomain("legacy-domain")
@Remote(SecuredEJBRemote.class)
public class SecuredEJB implements SecuredEJBRemote {

  // Inject the Session Context
  @Resource
  private SessionContext ctx;

  //Secured EJB method using security annotations
  public String getSecurityInformation() {
    // Session context injected using the resource annotation
    Principal principal = ctx.getCallerPrincipal();
    return principal.toString();
  }

  @RolesAllowed("admin")
  public boolean administrativeMethod() {
    return true;
  }
}

Hiç yorum yok:

Yorum Gönder

Bean Validation @GroupSequence Anotasyonu

Örnek Elimizde şöyle bir kod olsun public class SampleRequest {   @NotNull   LocalDate startDate;   @NotNull   LocalDate endDate;   @AssertT...