Source Code Cross Referenced for UnsecureEJBServlet.java in  » EJB-Server-JBoss-4.2.1 » testsuite » org » jboss » test » web » servlets » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * JBoss, Home of Professional Open Source.
003:         * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004:         * as indicated by the @author tags. See the copyright.txt file in the
005:         * distribution for a full listing of individual contributors.
006:         *
007:         * This is free software; you can redistribute it and/or modify it
008:         * under the terms of the GNU Lesser General Public License as
009:         * published by the Free Software Foundation; either version 2.1 of
010:         * the License, or (at your option) any later version.
011:         *
012:         * This software is distributed in the hope that it will be useful,
013:         * but WITHOUT ANY WARRANTY; without even the implied warranty of
014:         * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015:         * Lesser General Public License for more details.
016:         *
017:         * You should have received a copy of the GNU Lesser General Public
018:         * License along with this software; if not, write to the Free
019:         * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020:         * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021:         */
022:        package org.jboss.test.web.servlets;
023:
024:        import java.io.IOException;
025:        import java.io.PrintWriter;
026:        import java.security.Principal;
027:        import javax.naming.InitialContext;
028:        import javax.naming.Context;
029:        import javax.servlet.ServletException;
030:        import javax.servlet.http.HttpServlet;
031:        import javax.servlet.http.HttpServletRequest;
032:        import javax.servlet.http.HttpServletResponse;
033:
034:        import org.jboss.test.web.interfaces.StatelessSessionLocalHome;
035:        import org.jboss.test.web.interfaces.StatelessSessionLocal;
036:        import org.jboss.logging.Logger;
037:
038:        /** A servlet deployed under an unrestricted path that invokes the method
039:         * specified as a parameter on a secured EJB.
040:         *
041:         * @author  Scott.Stark@jboss.org
042:         * @version $Revision: 57211 $
043:         */
044:        public class UnsecureEJBServlet extends HttpServlet {
045:            Logger log = Logger.getLogger(UnsecureEJBServlet.class);
046:
047:            protected void processRequest(HttpServletRequest request,
048:                    HttpServletResponse response) throws ServletException,
049:                    IOException {
050:                boolean includeHead = true;
051:                String param = request.getParameter("includeHead");
052:                if (param != null)
053:                    includeHead = Boolean.valueOf(param).booleanValue();
054:                String method = request.getParameter("method");
055:                if (method == null)
056:                    method = "echo";
057:
058:                try {
059:                    InitialContext ctx = new InitialContext();
060:                    StatelessSessionLocalHome home = null;
061:                    Context enc = (Context) ctx.lookup("java:comp/env");
062:                    home = (StatelessSessionLocalHome) enc
063:                            .lookup("ejb/local/SecuredEJB");
064:                    StatelessSessionLocal bean = home.create();
065:                    if (method.equals("echo"))
066:                        bean.echo("UnsecureEJBServlet called SecuredEJB.echo");
067:                    else if (method.equals("unchecked"))
068:                        bean.unchecked();
069:                    else if (method.equals("checkRunAs"))
070:                        bean.checkRunAs();
071:                    else
072:                        throw new IllegalArgumentException(
073:                                "method must be one of: echo, unchecked, checkRunAs");
074:                } catch (Exception e) {
075:                    log.error("Access to failed to method: " + method, e);
076:                    throw new ServletException("Access to failed to method: "
077:                            + method, e);
078:                }
079:
080:                Principal user = request.getUserPrincipal();
081:                PrintWriter out = response.getWriter();
082:                if (includeHead == true) {
083:                    response.setContentType("text/html");
084:                    out.println("<html>");
085:                    out
086:                            .println("<head><title>UnsecureEJBServlet</title></head><body>");
087:                }
088:                out.println("<h1>UnsecureEJBServlet Accessed</h1>");
089:                out.println("<pre>You have accessed this servlet as user: "
090:                        + user + "<br>");
091:                out.println("You have accessed SecuredEJB as user: " + user);
092:                out.println("You have invoked SecuredEJB." + method);
093:                out.println("</pre>");
094:                if (includeHead == true)
095:                    out.println("</pre></body></html>");
096:                out.close();
097:            }
098:
099:            protected void doGet(HttpServletRequest request,
100:                    HttpServletResponse response) throws ServletException,
101:                    IOException {
102:                processRequest(request, response);
103:            }
104:
105:            protected void doPost(HttpServletRequest request,
106:                    HttpServletResponse response) throws ServletException,
107:                    IOException {
108:                processRequest(request, response);
109:            }
110:
111:        }