KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > ejb3 > test > dd > web > servlets > SecureServlet


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.ejb3.test.dd.web.servlets;
23
24 import java.io.IOException JavaDoc;
25 import java.io.PrintWriter JavaDoc;
26 import java.security.Principal JavaDoc;
27 import javax.servlet.ServletException JavaDoc;
28 import javax.servlet.http.HttpServlet JavaDoc;
29 import javax.servlet.http.HttpServletRequest JavaDoc;
30 import javax.servlet.http.HttpServletResponse JavaDoc;
31 import javax.servlet.http.HttpSession JavaDoc;
32 import javax.security.auth.Subject JavaDoc;
33
34 import org.jboss.security.SecurityAssociation;
35
36 /** A servlet that is secured by the web.xml descriptor. When accessed
37  * it simply prints the getUserPrincipal that accessed the url.
38  *
39  * @author Scott.Stark@jboss.org
40  * @version $Revision: 37459 $
41  */
42 public class SecureServlet extends HttpServlet JavaDoc
43 {
44    protected void processRequest(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
45       throws ServletException JavaDoc, IOException JavaDoc
46    {
47       Principal JavaDoc user = request.getUserPrincipal();
48       String JavaDoc validateSubject = request.getParameter("validateSubject");
49       if( validateSubject != null && Boolean.valueOf(validateSubject).booleanValue() )
50       {
51          // Assert that there is a valid SecurityAssociation Subject
52 Subject JavaDoc subject = SecurityAssociation.getSubject();
53          if( subject == null )
54             throw new ServletException JavaDoc("No valid subject found, user="+user);
55       }
56       HttpSession JavaDoc session = request.getSession(false);
57       response.setContentType("text/html");
58       PrintWriter JavaDoc out = response.getWriter();
59       out.println("<html>");
60       out.println("<head><title>SecureServlet</title></head>");
61       out.println("<h1>SecureServlet Accessed</h1>");
62       out.println("<body>");
63       out.println("You have accessed this servlet as user:"+user);
64       if( session != null )
65          out.println("<br>The session id is: "+session.getId());
66       else
67          out.println("<br>There is no session");
68       out.println("</body></html>");
69       out.close();
70    }
71
72    protected void doGet(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
73       throws ServletException JavaDoc, IOException JavaDoc
74    {
75       processRequest(request, response);
76    }
77
78    protected void doPost(HttpServletRequest JavaDoc request, HttpServletResponse JavaDoc response)
79       throws ServletException JavaDoc, IOException JavaDoc
80    {
81       processRequest(request, response);
82    }
83
84 }
85
Popular Tags