01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.test.web.servlets;
23:
24: import java.io.IOException;
25:
26: import javax.naming.InitialContext;
27: import javax.rmi.PortableRemoteObject;
28: import javax.servlet.ServletException;
29: import javax.servlet.http.HttpServlet;
30: import javax.servlet.http.HttpServletRequest;
31: import javax.servlet.http.HttpServletResponse;
32:
33: import org.jboss.logging.Logger;
34: import org.jboss.test.security.interfaces.StatelessSession;
35: import org.jboss.test.security.interfaces.StatelessSessionHome;
36:
37: //$Id: SecureServletSecureEJB.java 57211 2006-09-26 12:39:46Z dimitris@jboss.org $
38:
39: /**
40: * Servlet that is secured by the web container and which accesses
41: * some secured EJBs in its service method
42: * @author <a href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
43: * @since Apr 3, 2006
44: * @version $Revision: 57211 $
45: */
46: public class SecureServletSecureEJB extends HttpServlet {
47: /** The serialVersionUID */
48: private static final long serialVersionUID = 3116454567023980935L;
49:
50: private String username = "scott";
51:
52: private static Logger log = Logger
53: .getLogger(SecureServletSecureEJB.class);
54:
55: /**
56: * Access Secured EJBs
57: */
58: protected void service(HttpServletRequest request,
59: HttpServletResponse response) throws ServletException,
60: IOException {
61: StatelessSession bean = null;
62: try {
63: InitialContext context = new InitialContext();
64: Object obj = context
65: .lookup("java:comp/env/ejb/StatelessSession");
66: obj = PortableRemoteObject.narrow(obj,
67: StatelessSessionHome.class);
68: StatelessSessionHome home = (StatelessSessionHome) obj;
69: log.debug("Found StatelessSession");
70: bean = home.create();
71: log.debug("Created StatelessSession");
72: // Test that the bean sees username as its principal
73: String echo = bean.echo(username);
74: log.debug("bean.echo(username) = " + echo);
75: if (echo.equals(username) == false)
76: throw new IllegalStateException("username == echo");
77: } catch (Exception e) {
78: throw new ServletException(e);
79: } finally {
80: if (bean != null)
81: try {
82: bean.remove();
83: } catch (Exception e) {
84: throw new ServletException(e);
85: }
86: }
87: }
88: }
|