appserver/tests/appserv-tests/devtests/security/soteria/app-no-role-mapping/src/main/java/test/Servlet.java - glassfish - Git at Google

 /*
  * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0, which is available at
  * http://www.eclipse.org/legal/epl-2.0.
  *
  * This Source Code may also be made available under the following Secondary
  * Licenses when the conditions for such availability set forth in the
  * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
  * version 2 with the GNU Classpath Exception, which is available at
  * https://www.gnu.org/software/classpath/license.html.
  *
  * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
  */

 package test;

 import java.io.IOException;

 import jakarta.annotation.security.DeclareRoles;
 import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
 import org.glassfish.soteria.identitystores.annotation.Credentials;
 import org.glassfish.soteria.identitystores.annotation.EmbeddedIdentityStoreDefinition;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.HttpConstraint;
 import jakarta.servlet.annotation.ServletSecurity;
 import jakarta.servlet.annotation.WebServlet;
 import jakarta.servlet.http.HttpServlet;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;

 /**
  * Test Servlet that prints out the name of the authenticated caller and whether
  * this caller is in any of the roles {foo, bar, kaz}
  */
 @BasicAuthenticationMechanismDefinition(
     realmName="test realm"
 )

 @EmbeddedIdentityStoreDefinition({
     @Credentials(callerName = "reza", password = "secret1", groups = { "foo", "bar" }),
     @Credentials(callerName = "alex", password = "secret2", groups = { "foo", "kaz" }),
     @Credentials(callerName = "arjan", password = "secret3", groups = { "foo" }) ,
     @Credentials(callerName = "sameer", password = "pandit", groups = { "bar" })}
 )

 @WebServlet("/servlet")
 @DeclareRoles({ "foo", "bar", "kaz" })
 @ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
 public class Servlet extends HttpServlet {

     private static final long serialVersionUID = 1L;

     @Override
     public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

         response.getWriter().write("This is a servlet \n");

         String webName = null;
         if (request.getUserPrincipal() != null) {
             webName = request.getUserPrincipal().getName();
         }

         response.getWriter().write("web username: " + webName + "\n");

         response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
         response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
         response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
     }

 }
	/*
	* Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Public License v. 2.0, which is available at
	* http://www.eclipse.org/legal/epl-2.0.
	*
	* This Source Code may also be made available under the following Secondary
	* Licenses when the conditions for such availability set forth in the
	* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
	* version 2 with the GNU Classpath Exception, which is available at
	* https://www.gnu.org/software/classpath/license.html.
	*
	* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
	*/

	package test;

	import java.io.IOException;

	import jakarta.annotation.security.DeclareRoles;
	import javax.security.enterprise.authentication.mechanism.http.BasicAuthenticationMechanismDefinition;
	import org.glassfish.soteria.identitystores.annotation.Credentials;
	import org.glassfish.soteria.identitystores.annotation.EmbeddedIdentityStoreDefinition;
	import jakarta.servlet.ServletException;
	import jakarta.servlet.annotation.HttpConstraint;
	import jakarta.servlet.annotation.ServletSecurity;
	import jakarta.servlet.annotation.WebServlet;
	import jakarta.servlet.http.HttpServlet;
	import jakarta.servlet.http.HttpServletRequest;
	import jakarta.servlet.http.HttpServletResponse;

	/**
	* Test Servlet that prints out the name of the authenticated caller and whether
	* this caller is in any of the roles {foo, bar, kaz}
	*/
	@BasicAuthenticationMechanismDefinition(
	realmName="test realm"
	)

	@EmbeddedIdentityStoreDefinition({
	@Credentials(callerName = "reza", password = "secret1", groups = { "foo", "bar" }),
	@Credentials(callerName = "alex", password = "secret2", groups = { "foo", "kaz" }),
	@Credentials(callerName = "arjan", password = "secret3", groups = { "foo" }) ,
	@Credentials(callerName = "sameer", password = "pandit", groups = { "bar" })}
	)

	@WebServlet("/servlet")
	@DeclareRoles({ "foo", "bar", "kaz" })
	@ServletSecurity(@HttpConstraint(rolesAllowed = "foo"))
	public class Servlet extends HttpServlet {

	private static final long serialVersionUID = 1L;

	@Override
	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

	response.getWriter().write("This is a servlet \n");

	String webName = null;
	if (request.getUserPrincipal() != null) {
	webName = request.getUserPrincipal().getName();
	}

	response.getWriter().write("web username: " + webName + "\n");

	response.getWriter().write("web user has role \"foo\": " + request.isUserInRole("foo") + "\n");
	response.getWriter().write("web user has role \"bar\": " + request.isUserInRole("bar") + "\n");
	response.getWriter().write("web user has role \"kaz\": " + request.isUserInRole("kaz") + "\n");
	}

	}