REST: zabezpečení – PUT, POST, DELETE může dělat jen uživatel s rolí „redaktor“
authorFrantišek Kučera <franta-hg@frantovo.cz>
Tue, 06 Apr 2010 01:02:49 +0200
changeset 95ec671fc8fb9c
parent 94 ac4a5fc868eb
child 96 9f6225d83611
REST: zabezpečení – PUT, POST, DELETE může dělat jen uživatel s rolí „redaktor“
java/nekurak.net-ejb/src/java/cz/frantovo/nekurak/ejb/ClanekEJB.java
java/nekurak.net-rest/web/WEB-INF/sun-web.xml
java/nekurak.net-rest/web/WEB-INF/web.xml
     1.1 --- a/java/nekurak.net-ejb/src/java/cz/frantovo/nekurak/ejb/ClanekEJB.java	Tue Apr 06 00:50:30 2010 +0200
     1.2 +++ b/java/nekurak.net-ejb/src/java/cz/frantovo/nekurak/ejb/ClanekEJB.java	Tue Apr 06 01:02:49 2010 +0200
     1.3 @@ -35,7 +35,7 @@
     1.4  	clanekDAO.upravClanek(clanek);
     1.5      }
     1.6  
     1.7 -    //@RolesAllowed("redaktor")
     1.8 +    @RolesAllowed("redaktor")
     1.9      public void smazClanek(Clanek clanek) {
    1.10  	clanekDAO.smazClanek(clanek);
    1.11      }
     2.1 --- a/java/nekurak.net-rest/web/WEB-INF/sun-web.xml	Tue Apr 06 00:50:30 2010 +0200
     2.2 +++ b/java/nekurak.net-rest/web/WEB-INF/sun-web.xml	Tue Apr 06 01:02:49 2010 +0200
     2.3 @@ -8,4 +8,8 @@
     2.4  	    <description>Keep a copy of the generated servlet class' java code.</description>
     2.5  	</property>
     2.6      </jsp-config>
     2.7 +    <security-role-mapping>
     2.8 +	<role-name>redaktor</role-name>
     2.9 +	<group-name>redaktor</group-name>
    2.10 +    </security-role-mapping>
    2.11  </sun-web-app>
     3.1 --- a/java/nekurak.net-rest/web/WEB-INF/web.xml	Tue Apr 06 00:50:30 2010 +0200
     3.2 +++ b/java/nekurak.net-rest/web/WEB-INF/web.xml	Tue Apr 06 01:02:49 2010 +0200
     3.3 @@ -14,4 +14,25 @@
     3.4  	    30
     3.5  	</session-timeout>
     3.6      </session-config>
     3.7 +    <!--  <zabezpečení> -->
     3.8 +    <security-role>
     3.9 +	<role-name>redaktor</role-name>
    3.10 +    </security-role>
    3.11 +    <security-constraint>
    3.12 +	<web-resource-collection>
    3.13 +	    <web-resource-name>Nekuřák.net REST API</web-resource-name>
    3.14 +	    <url-pattern>/*</url-pattern>
    3.15 +	    <http-method>PUT</http-method>
    3.16 +	    <http-method>POST</http-method>
    3.17 +	    <http-method>DELETE</http-method>
    3.18 +	</web-resource-collection>
    3.19 +	<auth-constraint>
    3.20 +	    <role-name>redaktor</role-name>
    3.21 +	</auth-constraint>
    3.22 +    </security-constraint>
    3.23 +    <login-config>
    3.24 +	<auth-method>BASIC</auth-method>
    3.25 +	<realm-name>nekurakNET</realm-name>
    3.26 +    </login-config>
    3.27 +    <!--  </zabezpečení> -->
    3.28  </web-app>