https://github.com/panga/jboss-security-extended
JBoss Security Extended
https://github.com/panga/jboss-security-extended
jboss security
Last synced: 11 months ago
JSON representation
JBoss Security Extended
- Host: GitHub
- URL: https://github.com/panga/jboss-security-extended
- Owner: panga
- License: apache-2.0
- Created: 2015-04-04T13:24:56.000Z (about 11 years ago)
- Default Branch: master
- Last Pushed: 2015-05-02T15:46:58.000Z (about 11 years ago)
- Last Synced: 2025-04-10T17:38:52.994Z (about 1 year ago)
- Topics: jboss, security
- Language: Java
- Homepage:
- Size: 191 KB
- Stars: 6
- Watchers: 1
- Forks: 2
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# JBoss Security Extended
Propagate Security Context through JMS and WebSocket endpoint in JBoss/WildFly container.
* Maven
```xml
com.github.panga
jboss-security-extended
1.0.0
```
* Usage for JMS
```java
@Stateless
public class QueueSender {
@Inject
private JMSContext jmsContext;
@Resource(mappedName = "java:/jms/Queue")
private Queue destination;
@Resource
private EJBContext context;
public void sendToQueue(final MyObject myObject) {
final SecureObjectMessage message = new SecureObjectMessage(myObject, context.getCallerPrincipal());
jmsContext.createProducer().send(destination, message);
}
}
```
```java
@MessageDriven(activationConfig = {
@ActivationConfigProperty(propertyName = "acknowledgeMode",
propertyValue = "Auto-acknowledge"),
@ActivationConfigProperty(propertyName = "destinationType",
propertyValue = "javax.jms.Queue"),
@ActivationConfigProperty(propertyName = "destinationLookup",
propertyValue = "java:/jms/Queue")
})
@Interceptors(JmsSecurityInterceptor.class)
public class QueueConsumer implements MessageListener {
@EJB
private SecuredEJB securedEJB;
@Override
public void onMessage(Message message) {
try {
securedEJB.process(message.getBody(MyObject.class));
} catch (JMSException ex) {
ex.printStackTrace();
}
}
}
```
* Usage for WebSocket (must have a Session parameter)
```java
@Interceptors({WebsocketSecurityInterceptor.class})
@ServerEndpoint(value = "/echo", configurator = WebsocketSecurityConfigurator.class)
public class EchoEndpoint {
@Inject
private SecuredEJB securedEJB;
@OnOpen
public void open(Session session) {
securedEJB.process(null);
}
@OnMessage
public void message(String message, Session session) {
securedEJB.process(null);
}
@OnClose
public void close(Session session) {
securedEJB.process(null);
}
}
```
* Secured EJB
```java
@Stateless
@RolesAllowed("admin")
public class SecuredEJB {
@Resource
private EJBContext context;
public void process(MyObject myObject) {
System.out.println("User: " + context.getCallerPrincipal().getName());
}
}
```