01: /*
02: * JBoss, Home of Professional Open Source.
03: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
04: * as indicated by the @author tags. See the copyright.txt file in the
05: * distribution for a full listing of individual contributors.
06: *
07: * This is free software; you can redistribute it and/or modify it
08: * under the terms of the GNU Lesser General Public License as
09: * published by the Free Software Foundation; either version 2.1 of
10: * the License, or (at your option) any later version.
11: *
12: * This software is distributed in the hope that it will be useful,
13: * but WITHOUT ANY WARRANTY; without even the implied warranty of
14: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15: * Lesser General Public License for more details.
16: *
17: * You should have received a copy of the GNU Lesser General Public
18: * License along with this software; if not, write to the Free
19: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21: */
22: package org.jboss.test.web.servlets.ssl;
23:
24: import java.io.IOException;
25: import java.io.PrintWriter;
26: import java.security.Principal;
27: import javax.servlet.ServletConfig;
28: import javax.servlet.ServletException;
29: import javax.servlet.http.HttpServlet;
30: import javax.servlet.http.HttpServletRequest;
31: import javax.servlet.http.HttpServletResponse;
32: import javax.servlet.http.HttpSession;
33:
34: /** A servlet that is secured by the web.xml descriptor. When accessed
35: * it simply prints the getUserPrincipal that accessed the url.
36: *
37: * @author Scott.Stark@jboss.org
38: * @version $Revision: 57211 $
39: */
40: public class SecureServlet extends HttpServlet {
41: private String expectedPrincipalName = null;
42:
43: public void init(ServletConfig config) throws ServletException {
44: super .init(config);
45: expectedPrincipalName = config
46: .getInitParameter("expectedPrincipalName");
47: }
48:
49: protected void processRequest(HttpServletRequest request,
50: HttpServletResponse response) throws ServletException,
51: IOException {
52: // Validate that this is a secure connection
53: if (request.isSecure() == false)
54: throw new ServletException("Expected a secure connection");
55:
56: // If there is an expectedPrincipalName validate it against the caller
57: Principal user = request.getUserPrincipal();
58: if (expectedPrincipalName != null) {
59:
60: }
61:
62: HttpSession session = request.getSession(false);
63: response.setContentType("text/html");
64: PrintWriter out = response.getWriter();
65: out.println("<html>");
66: out.println("<head><title>SecureServlet</title></head>");
67: out.println("<h1>SecureServlet Accessed</h1>");
68: out.println("<body>");
69: out.println("You have accessed this servlet as user:" + user);
70: if (session != null)
71: out.println("<br>The session id is: " + session.getId());
72: else
73: out.println("<br>There is no session");
74: out.println("</body></html>");
75: out.close();
76: }
77:
78: protected void doGet(HttpServletRequest request,
79: HttpServletResponse response) throws ServletException,
80: IOException {
81: processRequest(request, response);
82: }
83:
84: protected void doPost(HttpServletRequest request,
85: HttpServletResponse response) throws ServletException,
86: IOException {
87: processRequest(request, response);
88: }
89:
90: }
|