View Javadoc
1   /*
2    * JBoss, Home of Professional Open Source
3    * Copyright 2014, Red Hat, Inc. and/or its affiliates, and individual
4    * contributors by the @authors tag. See the copyright.txt in the
5    * distribution for a full listing of individual contributors.
6    *
7    * Licensed under the Apache License, Version 2.0 (the "License");
8    * you may not use this file except in compliance with the License.
9    * You may obtain a copy of the License at
10   * http://www.apache.org/licenses/LICENSE-2.0
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.jboss.as.quickstarts.ejb.multi.server.app;
18  
19  import java.security.Principal;
20  
21  import javax.annotation.Resource;
22  import javax.annotation.security.RolesAllowed;
23  import javax.ejb.SessionContext;
24  import javax.ejb.Stateless;
25  
26  import org.jboss.logging.Logger;
27  
28  /**
29   * <p>
30   * Simple bean with methods to get the node name of the server and log messages. One method is annotated with a security role.
31   * The security-domain is declared within the deployment descriptor jboss-ejb3.xml instead of using the annotation.
32   * </p>
33   * <p>
34   * If the security-domain is removed the secured method can be invoked from every user. The shown principal user is 'anonymous'
35   * instead of the original logged in user.
36   * </p>
37   * 
38   * <p>
39   * The EJB is marked as clustered by using the xml deployment descriptor, see <code>jboss-ejb3.xml</code>
40   * </p>
41   * 
42   * @author <a href="mailto:wfink@redhat.com">Wolf-Dieter Fink</a>
43   */
44  @Stateless
45  public class AppOneBean implements AppOne {
46      private static final Logger LOGGER = Logger.getLogger(AppOneBean.class);
47  
48      @Resource
49      SessionContext context;
50  
51      @Override
52      public String getJBossNodeName() {
53          return System.getProperty("jboss.node.name");
54      }
55  
56      @Override
57      public String invoke(String text) {
58          Principal caller = context.getCallerPrincipal();
59          LOGGER.info("[" + caller.getName() + "] " + text);
60          return "app1[" + caller.getName() + "]@" + getJBossNodeName();
61      }
62  
63      @Override
64      @RolesAllowed({ "AppOne", "Intern" })
65      public String invokeSecured(String text) {
66          Principal caller = context.getCallerPrincipal();
67          LOGGER.info("Secured invocation [" + caller.getName() + "] " + text);
68          LOGGER.info("Is in Role AppOne=" + context.isCallerInRole("AppOne") + " Intern=" + context.isCallerInRole("Intern"));
69          return "app1[" + caller.getName() + "]@" + getJBossNodeName();
70      }
71  }