1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.jboss.as.quickstarts.ejb_security_interceptors;
18
19 import javax.annotation.Resource;
20 import javax.annotation.security.RolesAllowed;
21 import javax.ejb.Remote;
22 import javax.ejb.SessionContext;
23 import javax.ejb.Stateless;
24
25 import org.jboss.ejb3.annotation.SecurityDomain;
26
27
28
29
30
31
32 @Stateless
33 @Remote(SecuredEJBRemote.class)
34 @SecurityDomain("quickstart-domain")
35 public class SecuredEJB implements SecuredEJBRemote {
36
37 @Resource
38 private SessionContext context;
39
40 @RolesAllowed("User")
41 public String getSecurityInformation() {
42 StringBuilder sb = new StringBuilder("[");
43 sb.append("Principal={").append(context.getCallerPrincipal().getName()).append("}, ");
44 userInRole("User", sb).append(", ");
45 userInRole("RoleOne", sb).append(", ");
46 userInRole("RoleTwo", sb).append("]");
47
48 return sb.toString();
49 }
50
51 @RolesAllowed("RoleOne")
52 public boolean roleOneMethod() {
53 return true;
54 }
55
56 @RolesAllowed("RoleTwo")
57 public boolean roleTwoMethod() {
58 return true;
59 }
60
61 private StringBuilder userInRole(final String role, final StringBuilder sb) {
62 sb.append("In role {").append(role).append("}=").append(context.isCallerInRole(role));
63
64 return sb;
65 }
66
67 }