Author: sergeyb
Date: Tue Dec 7 23:24:44 2010
New Revision: 1043229
URL: http://svn.apache.org/viewvc?rev=1043229&view=rev
Log:
[CXF-3173] Adding JAXRSSimpleSecurityTest
Added:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
(with props)
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
(with props)
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
(with props)
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
(with props)
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
(with props)
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
(with props)
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
(with props)
Modified:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
Modified:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java?rev=1043229&r1=1043228&r2=1043229&view=diff
==============================================================================
---
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
(original)
+++
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/interceptor/JAXRSInInterceptor.java
Tue Dec 7 23:24:44 2010
@@ -235,6 +235,7 @@ public class JAXRSInInterceptor extends
MultivaluedMap<String, String> values,
int numberOfResources) {
message.getExchange().put(OperationResourceInfo.class, ori);
+ message.put("org.apache.cxf.resource.method", ori.getMethodToInvoke());
message.put(URITemplate.TEMPLATE_PARAMETERS, values);
String plainOperationName = ori.getMethodToInvoke().getName();
Added:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
(added)
+++
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.jaxrs.security;
+
+import java.util.Map;
+
+import javax.ws.rs.core.Response;
+
+import org.apache.cxf.interceptor.security.AbstractAuthorizingInInterceptor;
+import org.apache.cxf.interceptor.security.AccessDeniedException;
+import org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor;
+import org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor;
+import org.apache.cxf.jaxrs.ext.RequestHandler;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.message.Message;
+
+public class SimpleAuthorizingFilter implements RequestHandler {
+
+ private AbstractAuthorizingInInterceptor interceptor;
+
+ public Response handleRequest(Message m, ClassResourceInfo resourceClass) {
+ try {
+ interceptor.handleMessage(m);
+ return null;
+ } catch (AccessDeniedException ex) {
+ return Response.status(Response.Status.FORBIDDEN).build();
+ }
+ }
+
+ public void setMethodRolesMap(Map<String, String> rolesMap) {
+ checkInterceptor();
+ SimpleAuthorizingInterceptor simple = new
SimpleAuthorizingInterceptor();
+ simple.setMethodRolesMap(rolesMap);
+ interceptor = simple;
+ }
+
+ public void setSecuredObject(Object securedObject) {
+ checkInterceptor();
+ SecureAnnotationsInterceptor simple = new
SecureAnnotationsInterceptor();
+ simple.setSecuredObject(securedObject);
+ interceptor = simple;
+ }
+
+ private void checkInterceptor() {
+ if (interceptor != null) {
+ throw new IllegalStateException("Filter has already been
initialized");
+ }
+ }
+}
Propchange:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/SimpleAuthorizingFilter.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java?rev=1043229&r1=1043228&r2=1043229&view=diff
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
(original)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/AbstractSpringServer.java
Tue Dec 7 23:24:44 2010
@@ -22,7 +22,6 @@ package org.apache.cxf.systest.jaxrs;
import java.net.URISyntaxException;
import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
-
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.handler.DefaultHandler;
@@ -80,14 +79,19 @@ public abstract class AbstractSpringServ
handlers.setHandlers(new Handler[] {webappcontext, new
DefaultHandler()});
server.setHandler(handlers);
+
try {
+ configureServer(server);
server.start();
-
} catch (Exception e) {
e.printStackTrace();
}
}
+ protected void configureServer(org.eclipse.jetty.server.Server theserver)
throws Exception {
+
+ }
+
public void tearDown() throws Exception {
super.tearDown();
if (server != null) {
Added:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
(added)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,57 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security;
+
+import java.net.URL;
+
+import org.apache.cxf.systest.jaxrs.AbstractSpringServer;
+import org.eclipse.jetty.security.HashLoginService;
+import org.eclipse.jetty.security.LoginService;
+
+
+
+public class BookServerSimpleSecurity extends AbstractSpringServer {
+
+ public BookServerSimpleSecurity() {
+ super("/jaxrs_simple_security");
+ }
+
+ @Override
+ protected void configureServer(org.eclipse.jetty.server.Server server)
throws Exception {
+ URL resource = getClass()
+
.getResource("/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties");
+ LoginService realm =
+ new HashLoginService("BookStoreRealm", resource.toString());
+ server.addBean(realm);
+ }
+
+ public static void main(String args[]) {
+ try {
+ BookServerSimpleSecurity s = new BookServerSimpleSecurity();
+ s.start();
+ } catch (Exception ex) {
+ ex.printStackTrace();
+ System.exit(-1);
+ } finally {
+ System.out.println("done!");
+ }
+ }
+
+}
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerSimpleSecurity.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
(added)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,65 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.jaxrs.security;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class JAXRSSimpleSecurityTest extends AbstractSpringSecurityTest {
+ public static final String PORT = BookServerSecuritySpringClass.PORT;
+
+ @BeforeClass
+ public static void startServers() throws Exception {
+ assertTrue("server did not launch correctly",
+ launchServer(BookServerSimpleSecurity.class));
+ }
+
+ @Test
+ public void testGetBookUserAdminWithFaultInterceptor() throws Exception {
+ String endpointAddress =
+ "http://localhost:"; + PORT +
"/security1/bookstorestorage/thosebooks/123";
+ getBook(endpointAddress, "foo", "bar", 403);
+ getBook(endpointAddress, "bob", "bobspassword", 200);
+ }
+
+ @Test
+ public void testGetBookUserAdminWithFilter() throws Exception {
+ String endpointAddress =
+ "http://localhost:"; + PORT +
"/security2/bookstorestorage/thosebooks/123";
+ getBook(endpointAddress, "foo", "bar", 403);
+ getBook(endpointAddress, "bob", "bobspassword", 200);
+ }
+
+ @Test
+ public void testGetBookUserAdminWithAnnotationsInterceptor() throws
Exception {
+ String endpointAddress =
+ "http://localhost:"; + PORT +
"/security3/bookstorestorage/thebook/123";
+ getBook(endpointAddress, "foo", "bar", 403);
+ getBook(endpointAddress, "bob", "bobspassword", 200);
+ }
+
+ @Test
+ public void testGetBookUserAdminWithAnnotationsFilter() throws Exception {
+ String endpointAddress =
+ "http://localhost:"; + PORT +
"/security4/bookstorestorage/thebook/123";
+ getBook(endpointAddress, "foo", "bar", 403);
+ getBook(endpointAddress, "bob", "bobspassword", 200);
+ }
+}
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Modified:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java?rev=1043229&r1=1043228&r2=1043229&view=diff
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
(original)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecureBookStoreNoInterface.java
Tue Dec 7 23:24:44 2010
@@ -98,4 +98,12 @@ public class SecureBookStoreNoInterface
public SecureBook getSecureBook() throws BookNotFoundFault {
return new SecureBook("CXF in Action", 123L);
}
+
+ @GET
+ @Path("/thebook/{bookId}")
+ @Produces("application/xml")
+ @RolesAllowed({"ROLE_BOOK_OWNER" })
+ public Book getBook(@PathParam("bookId") Long id) {
+ return books.get(id);
+ }
}
Added:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
(added)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,50 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.systest.jaxrs.security;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.interceptor.security.AccessDeniedException;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.transport.http.AbstractHTTPDestination;
+
+public class SecurityOutFaultInterceptor extends
AbstractPhaseInterceptor<Message> {
+
+ public SecurityOutFaultInterceptor() {
+ super(Phase.PRE_STREAM);
+
+ }
+
+ public void handleMessage(Message message) throws Fault {
+ Exception ex = message.getContent(Exception.class);
+ if (!(((Fault)ex).getCause() instanceof AccessDeniedException)) {
+ throw new RuntimeException("Security Exception is expected is
expected");
+ }
+
+ HttpServletResponse response =
(HttpServletResponse)message.getExchange().getInMessage()
+ .get(AbstractHTTPDestination.HTTP_RESPONSE);
+ response.setStatus(403);
+
+ message.getInterceptorChain().abort();
+ }
+
+}
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Rev Date
Added:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
(added)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,3 @@
+foo: bar,ROLE_USER
+bob: bobspassword,ROLE_BOOK_OWNER
+
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jetty-realm.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
(added)
+++
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans";
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs";
+ xmlns:util="http://www.springframework.org/schema/util";
+ xsi:schemaLocation="
+http://www.springframework.org/schema/beans
+http://www.springframework.org/schema/beans/spring-beans.xsd
+http://www.springframework.org/schema/util
+http://www.springframework.org/schema/util/spring-util-2.0.xsd
+http://cxf.apache.org/jaxrs
+http://cxf.apache.org/schemas/jaxrs.xsd";>
+
+ <import resource="classpath:META-INF/cxf/cxf.xml" />
+ <import resource="classpath:META-INF/cxf/cxf-extension-jaxrs-binding.xml" />
+ <import resource="classpath:META-INF/cxf/cxf-servlet.xml" />
+
+ <jaxrs:server id="bookservice"
+ address="/security1">
+ <jaxrs:serviceBeans>
+ <bean
class="org.apache.cxf.systest.jaxrs.security.SecureBookStoreNoAnnotations"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:inInterceptors>
+ <ref bean="authorizationInterceptor"/>
+ </jaxrs:inInterceptors>
+ <jaxrs:outFaultInterceptors>
+ <bean
class="org.apache.cxf.systest.jaxrs.security.SecurityOutFaultInterceptor"/>
+ </jaxrs:outFaultInterceptors>
+ </jaxrs:server>
+
+ <jaxrs:server id="bookservice2"
+ address="/security2">
+ <jaxrs:serviceBeans>
+ <bean
class="org.apache.cxf.systest.jaxrs.security.SecureBookStoreNoAnnotations"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="authorizationFilter"/>
+ </jaxrs:providers>
+ </jaxrs:server>
+
+ <jaxrs:server id="bookservice3"
+ address="/security3">
+ <jaxrs:serviceBeans>
+ <ref bean="securedObject"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:inInterceptors>
+ <ref bean="annotationsInterceptor"/>
+ </jaxrs:inInterceptors>
+ <jaxrs:outFaultInterceptors>
+ <bean
class="org.apache.cxf.systest.jaxrs.security.SecurityOutFaultInterceptor"/>
+ </jaxrs:outFaultInterceptors>
+ </jaxrs:server>
+
+ <jaxrs:server id="bookservice4"
+ address="/security4">
+ <jaxrs:serviceBeans>
+ <ref bean="securedObject"/>
+ </jaxrs:serviceBeans>
+ <jaxrs:providers>
+ <ref bean="annotationsFilter"/>
+ </jaxrs:providers>
+ </jaxrs:server>
+
+ <bean id="authorizationInterceptor"
class="org.apache.cxf.interceptor.security.SimpleAuthorizingInterceptor">
+ <property name="methodRolesMap" ref="rolesMap"/>
+ </bean>
+
+ <bean id="annotationsInterceptor"
class="org.apache.cxf.interceptor.security.SecureAnnotationsInterceptor">
+ <property name="securedObject" ref="securedObject"/>
+ </bean>
+
+ <bean id="securedObject"
class="org.apache.cxf.systest.jaxrs.security.SecureBookStoreNoInterface"/>
+
+ <bean id="authorizationFilter"
class="org.apache.cxf.jaxrs.security.SimpleAuthorizingFilter">
+ <property name="methodRolesMap" ref="rolesMap"/>
+ </bean>
+
+ <bean id="annotationsFilter"
class="org.apache.cxf.jaxrs.security.SimpleAuthorizingFilter">
+ <property name="securedObject" ref="securedObject"/>
+ </bean>
+
+ <util:map id="rolesMap">
+ <entry key="getThatBook" value="ROLE_BOOK_OWNER"/>
+ <entry key="getBook" value="ROLE_BOOK_OWNER"/>
+ </util:map>
+
+</beans>
+<!-- END SNIPPET: beans -->
+
Propchange:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/beans.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
Added:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml?rev=1043229&view=auto
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
(added)
+++
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
Tue Dec 7 23:24:44 2010
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE web-app
+ PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
+ "http://java.sun.com/dtd/web-app_2_3.dtd";>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<!-- START SNIPPET: webxml -->
+<web-app>
+ <context-param>
+ <param-name>contextConfigLocation</param-name>
+ <param-value>WEB-INF/beans.xml</param-value>
+ </context-param>
+
+ <listener>
+ <listener-class>
+ org.springframework.web.context.ContextLoaderListener
+ </listener-class>
+ </listener>
+
+ <servlet>
+ <servlet-name>CXFServlet</servlet-name>
+ <display-name>CXF Servlet</display-name>
+ <servlet-class>
+ org.apache.cxf.transport.servlet.CXFServlet
+ </servlet-class>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
+
+ <servlet-mapping>
+ <servlet-name>CXFServlet</servlet-name>
+ <url-pattern>/*</url-pattern>
+ </servlet-mapping>
+<!--
+ <security-constraint>
+
+ <web-resource-collection>
+ <web-resource-name>CXFServlet</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+
+ <auth-constraint>
+ <role-name>ROLE_BOOK_OWNER</role-name>
+ </auth-constraint>
+ </security-constraint>
+-->
+ <login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>BookStoreRealm</realm-name>
+ </login-config>
+<!--
+<security-role>
+<role-name>JBossAdmin</role-name>
+</security-role>
+-->
+</web-app>
+<!-- END SNIPPET: webxml -->
Propchange:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
------------------------------------------------------------------------------
svn:keywords = Rev Date
Propchange:
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_simple_security/WEB-INF/web.xml
------------------------------------------------------------------------------
svn:mime-type = text/xml
