geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] Apache Geronimo v2.2 > DataCDInfo -- A sample to demo Struts1 + JPA + Security Annotations
Date Tue, 02 Feb 2010 09:04:00 GMT
<html>
<head>
    <base href="http://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/1519/1/1/_/styles/combined.css?spaceKey=GMOxDOC22&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background-color: white" bgcolor="white">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="http://cwiki.apache.org/confluence/pages/viewpage.action?pageId=12845502">DataCDInfo
-- A sample to demo Struts1 + JPA  + Security Annotations</a></h2>
    <h4>Page  <b>added</b> by             <a href="http://cwiki.apache.org/confluence/display/~xiaming">Forrest
Xia</a>
    </h4>
         <br/>
    <div class="notificationGreySide">
         <style type='text/css'>/*<![CDATA[*/
table.ScrollbarTable  {border: none;padding: 3px;width: 100%;padding: 3px;margin: 0px;background-color:
#f0f0f0}
table.ScrollbarTable td.ScrollbarPrevIcon {text-align: center;width: 16px;border: none;}
table.ScrollbarTable td.ScrollbarPrevName {text-align: left;border: none;}
table.ScrollbarTable td.ScrollbarParent {text-align: center;border: none;}
table.ScrollbarTable td.ScrollbarNextName {text-align: right;border: none;}
table.ScrollbarTable td.ScrollbarNextIcon {text-align: center;width: 16px;border: none;}

/*]]>*/</style><div class="Scrollbar"><table class='ScrollbarTable'><tr><td
class='ScrollbarPrevIcon'><a href="/confluence/display/GMOxDOC22/Customer+Simple+ejb+application+with+a+JPA+entity"><img
border='0' align='middle' src='/confluence/images/icons/back_16.gif' width='16' height='16'></a></td><td
width='33%' class='ScrollbarPrevName'><a href="/confluence/display/GMOxDOC22/Customer+Simple+ejb+application+with+a+JPA+entity">Customer
Simple ejb application with a JPA entity</a>&nbsp;</td><td width='33%'
class='ScrollbarParent'><sup><a href="/confluence/display/GMOxDOC22/Sample+applications"><img
border='0' align='middle' src='/confluence/images/icons/up_16.gif' width='8' height='8'></a></sup><a
href="/confluence/display/GMOxDOC22/Sample+applications">Sample applications</a></td><td
width='33%' class='ScrollbarNextName'>&nbsp;<a href="/confluence/display/GMOxDOC22/daytrader+-+a+more+complex+application">daytrader
- a more complex application</a></td><td class='ScrollbarNextIcon'><a
href="/confluence/display/GMOxDOC22/daytrader+-+a+more+complex+application"><img border='0'
align='middle' src='/confluence/images/icons/forwd_16.gif' width='16' height='16'></a></td></tr></table></div>

<p>This article describes about how to develop a Struts1 web application for Geronimo.
Besides Struts1 technology, you also can find some sample code about JPA and Security annotation.</p>

<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><p>Because of a <a href="https://issues.apache.org/jira/browse/GERONIMO-5020"
rel="nofollow">JIRA</a>, the sample is not available as a geronimo plugin.</p></td></tr></table></div>

<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><p>However, this article
won't serve as a tutorial of developing a typical Struts1 application. For detailed Struts1
tutorial, please refer to </p></td></tr></table></div>

<p>This article is organized into the following sections.</p>
<div>
<ul>
    <li><a href='#DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-Applicationoverview'>Application
overview</a></li>
<ul>
    <li><a href='#DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-Applicationcontents'>Application
contents</a></li>
</ul>
    <li><a href='#DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-TestingoftheSampleApplication'>Testing
of the Sample Application</a></li>
    <li><a href='#DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-Summary'>Summary</a></li>
</ul></div>


<h1><a name="DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-Applicationoverview"></a>Application
overview</h1>

<p>Assuming you have accumulated lot of archival data CDs from your computer, each of
them includes rich of information you ever collected. The collection of the archived CDs is
your valuable knowledge asset, so you want to manage them carefully and organizedly for future
easy references. The DataCDInfo is an application to assist you to manage the information
of your archival data CDs. </p>

<p>With this application, you can register a user, and then login to add records for
your archived CDs. You can record detail information that is not suitable to label on CD surface,
such as detailed list of data CD content, archival date, and CD size. </p>

<p>This application set some admin roles to be able to view overall recorded CDs and
help retrieve user's password if there is a forgotten.</p>

<p>In a short summary, DataCDInfo is a simple CRUD(Create, Retrieve, Update and Delete)
application, which adopts Struts1, JPA, JTA, and security annotation techniques.</p>

<h2><a name="DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-Applicationcontents"></a>Application
contents</h2>
<p>DataCDInfo uses the typical Java EE application structure: an EJB module, an Web
module, and an EAR module.</p>

<p>The maven layout of each module as follows:</p>

<p>The EJB module:</p>
<div class="preformatted panel" style="background-color: #FFFFFF;border-color: #FFFFFF;border-style:
solid;border-width: 1px;"><div class="preformattedContent panelContent" style="background-color:
#FFFFFF;">
<pre>|-- pom.xml
`-- src
    `-- main
        |-- java
        |   `-- org
        |       `-- apache
        |           `-- geronimo
        |               `-- samples
        |                   `-- datacdinfo
        |                       |-- beans
        |                       |   |-- DataCDBean.java
        |                       |   `-- OwnerBean.java
        |                       |-- core
        |                       |   |-- DataCDInfoAdmin.java
        |                       |   |-- DataCDInfoAdminLocal.java
        |                       |   |-- DataCDInfoJTAImpl.java
        |                       |   |-- DataCDInfoLocal.java
        |                       |   `-- DataCDInfoRemote.java
        |                       `-- exceptions
        |                           |-- DuplicatedDataCDException.java
        |                           |-- IncorrectPasswordException.java
        |                           |-- InvalidOwnerException.java
        |                           `-- InvalidPasswordException.java
        `-- resources
            `-- META-INF
                |-- ejb-jar.xml
                |-- openejb-jar.xml
                `-- persistence.xml
</pre>
</div></div>

<p>The Web Module:</p>
<div class="preformatted panel" style="background-color: #FFFFFF;border-color: #FFFFFF;border-style:
solid;border-width: 1px;"><div class="preformattedContent panelContent" style="background-color:
#FFFFFF;">
<pre>|-- pom.xml
`-- src
    `-- main
        |-- java
        |   `-- org
        |       `-- apache
        |           `-- geronimo
        |               `-- samples
        |                   `-- datacdinfo
        |                       `-- web
        |                           |-- DataCDInfoAdminServlet.java
        |                           |-- ListOwnerServlet.java
        |                           `-- struts1
        |                               |-- DataCDActions.java
        |                               |-- DataCDForm.java
        |                               |-- DataCDInfoContextListener.java
        |                               |-- OwnerActions.java
        |                               `-- OwnerForm.java
        |-- resources
        |   |-- DataCDInfoResources.properties
        |   |-- DataCDInfoResources_en_US.properties
        |   |-- DataCDInfoResources_zh.properties.template
        |   `-- DataCDInfoResources_zh_CN.properties
        `-- webapp
            |-- META-INF
            |   |-- LICENSE
            |   |-- MANIFEST.MF
            |   `-- NOTICE
            |-- WEB-INF
            |   |-- geronimo-web.xml
            |   |-- struts-config.xml
            |   |-- validation.xml
            |   `-- web.xml
            |-- admin
            |   |-- adminhome.html
            |   |-- showCDs.jsp
            |   |-- showOwners.jsp
            |   `-- showPasswd.jsp
            |-- auth
            |   |-- logon.html
            |   `-- logonError.html
            |-- header.html
            |-- index.html
            `-- view
                `-- jsp
                    |-- AddCD.jsp
                    |-- ListCDs.jsp
                    |-- Logon.jsp
                    |-- Logout.jsp
                    |-- Register.jsp
                    |-- RemoveCD.jsp
                    `-- UpdateCD.jsp
</pre>
</div></div>

<p>The EAR module:</p>
<div class="preformatted panel" style="background-color: #FFFFFF;border-color: #FFFFFF;border-style:
solid;border-width: 1px;"><div class="preformattedContent panelContent" style="background-color:
#FFFFFF;">
<pre>|-- pom.xml
`-- src
    `-- main
        `-- resources
            |-- DataCDInfo_tables_derby.sql
            |-- DataCDInfo_tables_mysql.sql
            `-- META-INF
                |-- application.xml
                |-- geronimo-application-mysql.xml
                `-- geronimo-application.xml
</pre>
</div></div>

<p>In addition to the above JSPs and configurations, two other servlets are also required
to fulfill the business logic of the application.</p>
<ul>
	<li>AddTimeRecordServlet - Read the input data from the Time Report page</li>
	<li>AddEmployeeServlet - Capture input information from Add Employee page</li>
</ul>


<p>Security configuration of the Time Report application is handled by the Geronimo
deployment plan <b>plan.xml</b> and <b>web.xml</b> files.</p>

<p><b>web.xml</b> includes the standard security constraints relating user
roles to resources in the web application. </p>

<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>web.xml</b></div><div
class="codeContent panelContent">
<pre class="code-xml">
<span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span>
encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
&lt;!--
    Licensed to the Apache Software Foundation (ASF) under one
    or more contributor license agreements. See the NOTICE file
    distributed with this work for additional information
    regarding copyright ownership. The ASF licenses this file
    to you under the Apache License, Version 2.0 (the
    <span class="code-quote">"License"</span>); you may not use this file except
in compliance
    with the License. You may obtain a copy of the License at
    
    http://www.apache.org/licenses/LICENSE-2.0
    
    Unless required by applicable law or agreed to in writing,
    software distributed under the License is distributed on an
    <span class="code-quote">"AS IS"</span> BASIS, WITHOUT WARRANTIES OR CONDITIONS
OF ANY
    KIND, either express or implied. See the License for the
    specific language governing permissions and limitations
    under the License.
--&gt;
&lt;web-app xmlns=<span class="code-quote">"http://java.sun.com/xml/ns/j2ee"</span>
         <span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span>
         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
	 http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
         version=<span class="code-quote">"2.4"</span>&gt;

    <span class="code-tag">&lt;welcome-file-list&gt;</span>
        <span class="code-tag">&lt;welcome-file&gt;</span>index.html<span
class="code-tag">&lt;/welcome-file&gt;</span>
    <span class="code-tag">&lt;/welcome-file-list&gt;</span>

    <span class="code-tag">&lt;security-constraint&gt;</span>
        <span class="code-tag">&lt;web-resource-collection&gt;</span>
            <span class="code-tag">&lt;web-resource-name&gt;</span>employee<span
class="code-tag">&lt;/web-resource-name&gt;</span>
            <span class="code-tag">&lt;url-pattern&gt;</span>/employee/*<span
class="code-tag">&lt;/url-pattern&gt;</span>
        <span class="code-tag">&lt;/web-resource-collection&gt;</span>
        <span class="code-tag">&lt;auth-constraint&gt;</span>
            <span class="code-tag">&lt;role-name&gt;</span>employee<span
class="code-tag">&lt;/role-name&gt;</span>
        <span class="code-tag">&lt;/auth-constraint&gt;</span>
    <span class="code-tag">&lt;/security-constraint&gt;</span>

    <span class="code-tag">&lt;security-constraint&gt;</span>
        <span class="code-tag">&lt;web-resource-collection&gt;</span>
            <span class="code-tag">&lt;web-resource-name&gt;</span>manager<span
class="code-tag">&lt;/web-resource-name&gt;</span>
            <span class="code-tag">&lt;url-pattern&gt;</span>/manager/*<span
class="code-tag">&lt;/url-pattern&gt;</span>
        <span class="code-tag">&lt;/web-resource-collection&gt;</span>
        <span class="code-tag">&lt;auth-constraint&gt;</span>
            <span class="code-tag">&lt;role-name&gt;</span>manager<span
class="code-tag">&lt;/role-name&gt;</span>
        <span class="code-tag">&lt;/auth-constraint&gt;</span>
    <span class="code-tag">&lt;/security-constraint&gt;</span>

    <span class="code-tag">&lt;login-config&gt;</span>
        <span class="code-tag">&lt;auth-method&gt;</span>FORM<span
class="code-tag">&lt;/auth-method&gt;</span>
        <span class="code-tag">&lt;realm-name&gt;</span>TimeReportRealm<span
class="code-tag">&lt;/realm-name&gt;</span>
        <span class="code-tag">&lt;form-login-config&gt;</span>
            <span class="code-tag">&lt;form-login-page&gt;</span>/login/login.jsp<span
class="code-tag">&lt;/form-login-page&gt;</span>
            <span class="code-tag">&lt;form-error-page&gt;</span>/login/login_error.jsp<span
class="code-tag">&lt;/form-error-page&gt;</span>
        <span class="code-tag">&lt;/form-login-config&gt;</span>
    <span class="code-tag">&lt;/login-config&gt;</span>

    <span class="code-tag">&lt;security-role&gt;</span>
        <span class="code-tag">&lt;role-name&gt;</span>employee<span
class="code-tag">&lt;/role-name&gt;</span>
    <span class="code-tag">&lt;/security-role&gt;</span>
    <span class="code-tag">&lt;security-role&gt;</span>
        <span class="code-tag">&lt;role-name&gt;</span>manager<span
class="code-tag">&lt;/role-name&gt;</span>
    <span class="code-tag">&lt;/security-role&gt;</span>

    <span class="code-tag">&lt;servlet&gt;</span>
        <span class="code-tag">&lt;display-name&gt;</span>AddTimeRecordServlet<span
class="code-tag">&lt;/display-name&gt;</span>
        <span class="code-tag">&lt;servlet-name&gt;</span>AddTimeRecordServlet<span
class="code-tag">&lt;/servlet-name&gt;</span>
        <span class="code-tag">&lt;servlet-class&gt;</span>org.apache.geronimo.samples.timereport.web.AddTimeRecordServlet<span
class="code-tag">&lt;/servlet-class&gt;</span>
    <span class="code-tag">&lt;/servlet&gt;</span>
    <span class="code-tag">&lt;servlet&gt;</span>
        <span class="code-tag">&lt;display-name&gt;</span>AddEmployeeServlet<span
class="code-tag">&lt;/display-name&gt;</span>
        <span class="code-tag">&lt;servlet-name&gt;</span>AddEmployeeServlet<span
class="code-tag">&lt;/servlet-name&gt;</span>
        <span class="code-tag">&lt;servlet-class&gt;</span>org.apache.geronimo.samples.timereport.web.AddEmployeeServlet<span
class="code-tag">&lt;/servlet-class&gt;</span>
    <span class="code-tag">&lt;/servlet&gt;</span>

    <span class="code-tag">&lt;servlet-mapping&gt;</span>
        <span class="code-tag">&lt;servlet-name&gt;</span>AddTimeRecordServlet<span
class="code-tag">&lt;/servlet-name&gt;</span>
        <span class="code-tag">&lt;url-pattern&gt;</span>/employee/add_timerecord<span
class="code-tag">&lt;/url-pattern&gt;</span>
    <span class="code-tag">&lt;/servlet-mapping&gt;</span>
    <span class="code-tag">&lt;servlet-mapping&gt;</span>
        <span class="code-tag">&lt;servlet-name&gt;</span>AddEmployeeServlet<span
class="code-tag">&lt;/servlet-name&gt;</span>
        <span class="code-tag">&lt;url-pattern&gt;</span>/manager/add_employee<span
class="code-tag">&lt;/url-pattern&gt;</span>
    <span class="code-tag">&lt;/servlet-mapping&gt;</span>

<span class="code-tag">&lt;/web-app&gt;</span>
</pre>
</div></div>

<p>The Geronimo deployment plan ( <b>plan.xml</b> found after building the
project at timereport/timereport-jetty/target/resources/META-INF/plan.xml) includes the Geronimo
specific security configuration including the security realm configuration and the principal-role
mapping relating the principals from the security realm to the application roles defined above
in <b>web.xml</b>  This project uses two roles, manager and employee.  There is
a business rule that every manager is an employee.  This is enforced through the principal-role
mapping: both the EmployeeGroup and ManagerGroup imply the app specific employee role.</p>


<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>plan.xml</b></div><div
class="codeContent panelContent">
<pre class="code-xml">
<span class="code-tag">&lt;?xml version=<span class="code-quote">"1.0"</span>
encoding=<span class="code-quote">"UTF-8"</span>?&gt;</span>
&lt;!--Licensed to the Apache Software Foundation (ASF) under one
    or more contributor license agreements.  See the NOTICE file
    distributed with this work for additional information
    regarding copyright ownership.  The ASF licenses this file
    to you under the Apache License, Version 2.0 (the
    <span class="code-quote">"License"</span>); you may not use this file except
in compliance
    with the License.  You may obtain a copy of the License at
    
     http://www.apache.org/licenses/LICENSE-2.0
    
    Unless required by applicable law or agreed to in writing,
    software distributed under the License is distributed on an
    <span class="code-quote">"AS IS"</span> BASIS, WITHOUT WARRANTIES OR CONDITIONS
OF ANY
    KIND, either express or implied.  See the License for the
    specific language governing permissions and limitations
    under the License.--&gt;
<span class="code-tag"><span class="code-comment">&lt;!--$Rev: 497879 $ $Date:
2007-01-19 12:11:01 -0500 (Fri, 19 Jan 2007) $--&gt;</span></span>
<span class="code-tag">&lt;web-app xmlns=<span class="code-quote">"http://geronimo.apache.org/xml/ns/j2ee/web-2.0.1"</span>&gt;</span>
  <span class="code-tag">&lt;dep:environment <span class="code-keyword">xmlns:dep</span>=<span
class="code-quote">"http://geronimo.apache.org/xml/ns/deployment-1.2"</span>&gt;</span>
    <span class="code-tag">&lt;dep:moduleId&gt;</span>
      <span class="code-tag">&lt;dep:groupId&gt;</span>org.apache.geronimo.samples<span
class="code-tag">&lt;/dep:groupId&gt;</span>
      <span class="code-tag">&lt;dep:artifactId&gt;</span>timereport-jetty<span
class="code-tag">&lt;/dep:artifactId&gt;</span>
      <span class="code-tag">&lt;dep:version&gt;</span>2.1-SNAPSHOT<span
class="code-tag">&lt;/dep:version&gt;</span>
      <span class="code-tag">&lt;dep:type&gt;</span>car<span class="code-tag">&lt;/dep:type&gt;</span>
    <span class="code-tag">&lt;/dep:moduleId&gt;</span>
    <span class="code-tag">&lt;dep:dependencies&gt;</span>
      <span class="code-tag">&lt;dep:dependency&gt;</span>
        <span class="code-tag">&lt;dep:groupId&gt;</span>org.apache.geronimo.samples<span
class="code-tag">&lt;/dep:groupId&gt;</span>
        <span class="code-tag">&lt;dep:artifactId&gt;</span>sample-datasource<span
class="code-tag">&lt;/dep:artifactId&gt;</span>
        <span class="code-tag">&lt;dep:version&gt;</span>2.1-SNAPSHOT<span
class="code-tag">&lt;/dep:version&gt;</span>
        <span class="code-tag">&lt;dep:type&gt;</span>car<span class="code-tag">&lt;/dep:type&gt;</span>
      <span class="code-tag">&lt;/dep:dependency&gt;</span>
      <span class="code-tag">&lt;dep:dependency&gt;</span>
        <span class="code-tag">&lt;dep:groupId&gt;</span>org.apache.geronimo.configs<span
class="code-tag">&lt;/dep:groupId&gt;</span>
        <span class="code-tag">&lt;dep:artifactId&gt;</span>jasper<span
class="code-tag">&lt;/dep:artifactId&gt;</span>
        <span class="code-tag">&lt;dep:version&gt;</span>2.1<span class="code-tag">&lt;/dep:version&gt;</span>
        <span class="code-tag">&lt;dep:type&gt;</span>car<span class="code-tag">&lt;/dep:type&gt;</span>
      <span class="code-tag">&lt;/dep:dependency&gt;</span>
      <span class="code-tag">&lt;dep:dependency&gt;</span>
        <span class="code-tag">&lt;dep:groupId&gt;</span>org.apache.geronimo.configs<span
class="code-tag">&lt;/dep:groupId&gt;</span>
        <span class="code-tag">&lt;dep:artifactId&gt;</span>jetty6<span
class="code-tag">&lt;/dep:artifactId&gt;</span>
        <span class="code-tag">&lt;dep:version&gt;</span>2.1<span class="code-tag">&lt;/dep:version&gt;</span>
        <span class="code-tag">&lt;dep:type&gt;</span>car<span class="code-tag">&lt;/dep:type&gt;</span>
      <span class="code-tag">&lt;/dep:dependency&gt;</span>
    <span class="code-tag">&lt;/dep:dependencies&gt;</span>
    <span class="code-tag">&lt;dep:hidden-classes/&gt;</span>
    <span class="code-tag">&lt;dep:non-overridable-classes/&gt;</span>
  <span class="code-tag">&lt;/dep:environment&gt;</span>
  <span class="code-tag">&lt;context-root&gt;</span>/timereport<span
class="code-tag">&lt;/context-root&gt;</span>
  <span class="code-tag">&lt;security-realm-name&gt;</span>TimeReportRealm<span
class="code-tag">&lt;/security-realm-name&gt;</span>
  <span class="code-tag">&lt;security&gt;</span>
    <span class="code-tag">&lt;default-principal realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
      <span class="code-tag">&lt;principal name=<span class="code-quote">"anonymous"</span>
class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"</span>/&gt;</span>
    <span class="code-tag">&lt;/default-principal&gt;</span>
    <span class="code-tag">&lt;role-mappings&gt;</span>
      <span class="code-tag">&lt;role role-name=<span class="code-quote">"employee"</span>&gt;</span>
        <span class="code-tag">&lt;realm realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
          <span class="code-tag">&lt;principal name=<span class="code-quote">"EmployeeGroup"</span>
class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>/&gt;</span>
        <span class="code-tag">&lt;/realm&gt;</span>
        <span class="code-tag">&lt;realm realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
          <span class="code-tag">&lt;principal name=<span class="code-quote">"ManagerGroup"</span>
class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>/&gt;</span>
        <span class="code-tag">&lt;/realm&gt;</span>
      <span class="code-tag">&lt;/role&gt;</span>
      <span class="code-tag">&lt;role role-name=<span class="code-quote">"manager"</span>&gt;</span>
        <span class="code-tag">&lt;realm realm-name=<span class="code-quote">"TimeReportRealm"</span>&gt;</span>
          <span class="code-tag">&lt;principal name=<span class="code-quote">"ManagerGroup"</span>
class=<span class="code-quote">"org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"</span>/&gt;</span>
        <span class="code-tag">&lt;/realm&gt;</span>
      <span class="code-tag">&lt;/role&gt;</span>
    <span class="code-tag">&lt;/role-mappings&gt;</span>
  <span class="code-tag">&lt;/security&gt;</span>
  <span class="code-tag">&lt;gbean name=<span class="code-quote">"DBInitialization"</span>
class=<span class="code-quote">"org.apache.geronimo.connector.DatabaseInitializationGBean"</span>&gt;</span>
    <span class="code-tag"><span class="code-comment">&lt;!--&lt;attribute
name=<span class="code-quote">"testSQL"</span>&gt;</span>select * from
users<span class="code-tag">&lt;/attribute&gt;</span>--&gt;</span>
    <span class="code-tag">&lt;attribute name=<span class="code-quote">"path"</span>&gt;</span>TimeReportDB.sql<span
class="code-tag">&lt;/attribute&gt;</span>
    <span class="code-tag">&lt;reference name=<span class="code-quote">"DataSource"</span>&gt;</span>
      <span class="code-tag">&lt;name&gt;</span>SampleTxDatasource<span
class="code-tag">&lt;/name&gt;</span>
    <span class="code-tag">&lt;/reference&gt;</span>
  <span class="code-tag">&lt;/gbean&gt;</span>
  <span class="code-tag">&lt;gbean name=<span class="code-quote">"TimeReportRealm"</span>
class=<span class="code-quote">"org.apache.geronimo.security.realm.GenericSecurityRealm"</span>&gt;</span>
    <span class="code-tag">&lt;attribute name=<span class="code-quote">"realmName"</span>&gt;</span>TimeReportRealm<span
class="code-tag">&lt;/attribute&gt;</span>
    <span class="code-tag">&lt;reference name=<span class="code-quote">"ServerInfo"</span>&gt;</span>
      <span class="code-tag">&lt;name&gt;</span>ServerInfo<span class="code-tag">&lt;/name&gt;</span>
    <span class="code-tag">&lt;/reference&gt;</span>
    <span class="code-tag">&lt;xml-reference name=<span class="code-quote">"LoginModuleConfiguration"</span>&gt;</span>
      <span class="code-tag">&lt;log:login-config <span class="code-keyword">xmlns:log</span>=<span
class="code-quote">"http://geronimo.apache.org/xml/ns/loginconfig-1.1"</span>&gt;</span>
        <span class="code-tag">&lt;log:login-module control-flag=<span class="code-quote">"REQUIRED"</span>
wrap-principals=<span class="code-quote">"false"</span>&gt;</span>
          <span class="code-tag">&lt;log:login-domain-name&gt;</span>TimeReportRealm<span
class="code-tag">&lt;/log:login-domain-name&gt;</span>
          <span class="code-tag">&lt;log:login-module-class&gt;</span>org.apache.geronimo.security.realm.providers.SQLLoginModule<span
class="code-tag">&lt;/log:login-module-class&gt;</span>
          <span class="code-tag">&lt;log:option name=<span class="code-quote">"dataSourceName"</span>&gt;</span>SampleNoTxDatasource<span
class="code-tag">&lt;/log:option&gt;</span>
          <span class="code-tag">&lt;log:option name=<span class="code-quote">"userSelect"</span>&gt;</span>select
userid, password from users where userid=?<span class="code-tag">&lt;/log:option&gt;</span>
          <span class="code-tag">&lt;log:option name=<span class="code-quote">"groupSelect"</span>&gt;</span>select
userid, groupname from usergroups where userid=?<span class="code-tag">&lt;/log:option&gt;</span>
        <span class="code-tag">&lt;/log:login-module&gt;</span>
      <span class="code-tag">&lt;/log:login-config&gt;</span>
    <span class="code-tag">&lt;/xml-reference&gt;</span>
  <span class="code-tag">&lt;/gbean&gt;</span>
<span class="code-tag">&lt;/web-app&gt;</span>
</pre>
</div></div> 


<p>To restrict access to the Add Employee functionality from Time Report page, programmatic
authentication has beeen used as in indicated below. </p>

<div class="code panel" style="border-style: solid;border-width: 1px;"><div class="codeHeader
panelHeader" style="border-bottom-width: 1px;border-bottom-style: solid;"><b>employee/index.jsp</b></div><div
class="codeContent panelContent">
<pre class="code-java">
...
&lt;BR&gt;
&lt;%<span class="code-keyword">if</span>(request.isUserInRole(<span class="code-quote">"manager"</span>)){%&gt;
&lt;A href=<span class="code-quote">"../manager/"</span>&gt;Add Employees&lt;/A&gt;
&lt;BR&gt;
...
</pre>
</div></div>


<h1><a name="DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-TestingoftheSampleApplication"></a>Testing
of the Sample Application</h1>

<p>To test the sample application open a browser and type <a href="http://localhost:8080/timereport"
rel="nofollow">http://localhost:8080/timereport</a>. It will forward to the Welcome
page of the application.</p>

<p>User can access Time Report page providing username as <b>emp1</b> and
password with <b>pass1</b>. To login to the application as a Manager provide <b>mgm1</b>
and <b>pass3</b> credentials.</p>

<p><span class="error">Unable to render embedded object: File (timereport_app.png)
not found.</span></p>

<h1><a name="DataCDInfo--AsampletodemoStruts1%2BJPA%2BSecurityAnnotations-Summary"></a>Summary</h1>

<p>This article has shown you how to deploy web application in to the Geronimo Application
server with J2EE declarative security features. You followed step-by-step instructions to
build, deploy and test the sample application.</p>

<p>Some highlights of the article are:</p>
<ul>
	<li>Apache Geronimo provides two different web containers namely Jetty and Tomcat.</li>
	<li>Create a database to hold security data with built-in Derby.</li>
	<li>Define security roles in Geronimo Web applications.</li>
	<li>Deploy deployment plans and web archives using the Geronimo Console.</li>
</ul>

    </div>
    <div id="commentsSection" class="wiki-content pageSection">
       <div style="float: right;">
            <a href="http://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
       </div>
       <a href="http://cwiki.apache.org/confluence/pages/viewpage.action?pageId=12845502">View
Online</a>
              |
       <a href="http://cwiki.apache.org/confluence/pages/viewpage.action?pageId=12845502&showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
           </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message