001: /**
002: * EasyBeans
003: * Copyright (C) 2006 Bull S.A.S.
004: * Contact: easybeans@ow2.org
005: *
006: * This library is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU Lesser General Public
008: * License as published by the Free Software Foundation; either
009: * version 2.1 of the License, or any later version.
010: *
011: * This library is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this library; if not, write to the Free Software
018: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
019: * USA
020: *
021: * --------------------------------------------------------------------------
022: * $Id: StatelessBean.java 1970 2007-10-16 11:49:25Z benoitf $
023: * --------------------------------------------------------------------------
024: */package org.ow2.easybeans.examples.security;
025:
026: import javax.annotation.Resource;
027: import javax.annotation.security.DeclareRoles;
028: import javax.annotation.security.DenyAll;
029: import javax.annotation.security.PermitAll;
030: import javax.annotation.security.RolesAllowed;
031: import javax.ejb.EJB;
032: import javax.ejb.Remote;
033: import javax.ejb.SessionContext;
034: import javax.ejb.Stateless;
035:
036: /**
037: * Stateless Bean with secured methods.
038: * Two roles are declared : user and admin.
039: * @author Florent Benoit
040: */
041: @Stateless(mappedName="securityBean")
042: @Remote(StatelessRemote.class)
043: @DeclareRoles({"user","admin"})
044: public class StatelessBean implements StatelessRemote {
045:
046: /**
047: * SessionContext used to get current caller.
048: */
049: @Resource
050: private SessionContext sessionContext;
051:
052: /**
053: * Link to run-as bean.
054: */
055: @EJB
056: private StatelessRunAsRemote other;
057:
058: /**
059: * Method can be called by some roles.
060: */
061: @RolesAllowed({"user","admin"})
062: public void someRolesAllowed() {
063: System.out.println("someRolesAllowed() called");
064: printCurrentCaller();
065: }
066:
067: /**
068: * Method can be called by all security roles.
069: */
070: @PermitAll
071: public void allRolesAllowed() {
072: System.out.println("someRolesAllowed() called");
073: printCurrentCaller();
074: System.out.print("for run-as bean, caller is ");
075: other.printCurrentCaller();
076: }
077:
078: /**
079: * Only "admin" role can invoke this method.
080: */
081: @RolesAllowed("admin")
082: public void onlyAdminAllowed() {
083: System.out.println("onlyAdminAllowed() called");
084: printCurrentCaller();
085: }
086:
087: /**
088: * No role can invoke this method.
089: */
090: @DenyAll
091: public void deniedForAll() {
092: // nothing as it can't be called
093: throw new RuntimeException(
094: "Method denied, should not be called");
095: }
096:
097: /**
098: * Prints the current caller.
099: */
100: public void printCurrentCaller() {
101: System.out.println("-> Caller is '"
102: + sessionContext.getCallerPrincipal() + "'.");
103: }
104:
105: /**
106: * Make a call on a run-as bean which call our bean after that..
107: */
108: public void callRunAsBean() {
109: other.callBeanWithRunAsAdmin();
110: }
111: }
|