1 /* 2 * JBoss, Home of Professional Open Source 3 * Copyright 2014, Red Hat, Inc. and/or its affiliates, and individual 4 * contributors by the @authors tag. See the copyright.txt in the 5 * distribution for a full listing of individual contributors. 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); 8 * you may not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 package org.jboss.as.quickstarts.ejb.multi.server.app; 18 19 import java.security.Principal; 20 21 import javax.annotation.Resource; 22 import javax.annotation.security.RolesAllowed; 23 import javax.ejb.SessionContext; 24 import javax.ejb.Stateless; 25 26 import org.jboss.logging.Logger; 27 28 /** 29 * <p> 30 * Simple bean with methods to get the node name of the server and log messages. One method is annotated with a security role. 31 * The security-domain is declared within the deployment descriptor jboss-ejb3.xml instead of using the annotation. 32 * </p> 33 * <p> 34 * If the security-domain is removed the secured method can be invoked from every user. The shown principal user is 'anonymous' 35 * instead of the original logged in user. 36 * </p> 37 * 38 * <p> 39 * The EJB is marked as clustered by using the xml deployment descriptor, see <code>jboss-ejb3.xml</code> 40 * </p> 41 * 42 * @author <a href="mailto:wfink@redhat.com">Wolf-Dieter Fink</a> 43 */ 44 @Stateless 45 public class AppOneBean implements AppOne { 46 private static final Logger LOGGER = Logger.getLogger(AppOneBean.class); 47 48 @Resource 49 SessionContext context; 50 51 @Override 52 public String getJBossNodeName() { 53 return System.getProperty("jboss.node.name"); 54 } 55 56 @Override 57 public String invoke(String text) { 58 Principal caller = context.getCallerPrincipal(); 59 LOGGER.info("[" + caller.getName() + "] " + text); 60 return "app1[" + caller.getName() + "]@" + getJBossNodeName(); 61 } 62 63 @Override 64 @RolesAllowed({ "AppOne", "Intern" }) 65 public String invokeSecured(String text) { 66 Principal caller = context.getCallerPrincipal(); 67 LOGGER.info("Secured invocation [" + caller.getName() + "] " + text); 68 LOGGER.info("Is in Role AppOne=" + context.isCallerInRole("AppOne") + " Intern=" + context.isCallerInRole("Intern")); 69 return "app1[" + caller.getName() + "]@" + getJBossNodeName(); 70 } 71 }