Annotating the Service
Annotating the Service
7. Modify the runtime deployment descriptor, sun-web.xml, to map the role used in this
application (basicUser) to a group defined on the Application Server (user). This step is
discussed in
8. Build, package, and deploy the web service. See
or
for the steps to accomplish
this.
9. Build and run the client application. See
or
for the steps to accomplish this.
Annotating the Service
In this example, annotations are used to specify which users are authorized to access which
methods of this service. In this simple example, the @RolesAllowed annotation is used to
specify that users in the application role of basicUser are authorized access to the
sayHello(String name)
method. This application role must be linked to a group of users on
the Application Server. Linking the roles to groups is discussed in
The source code for the original /helloservice application was modified as shown in the
following code snippet (modifications in bold). This file can be found in the following location:
tut-install/javaeetutorial5/examples/jaxws/helloservice-basicauth/src/java/helloservice/
basicauth/endpoint/Hello.java
The code snippet is as follows:
package helloservice.basicauth.endpoint;
import javax.jws.WebMethod;
import javax.jws.WebService;
import javax.annotation.security.RolesAllowed;
@WebService()
public class Hello {
private String message = new String(
"Hello, ");
@WebMethod()
@RolesAllowed("basicUser")
public String sayHello(String name) {
return message + name +
".";
}
}
Examples: Securing Web Applications
Chapter 30 · Securing Web Applications
887