Use Interceptors To Check Permission
File: EmployeeBean.java
import javax.ejb.Stateless;
import javax.interceptor.Interceptors;
@Stateless
@Interceptors( { MyInterceptor.class })
public class EmployeeBean implements EmployeeServiceLocal, EmployeeServiceRemote {
public EmployeeBean() {
}
public Long addBid(String userId,Long itemId,Double bidPrice) {
System.out.println("Bid for " + itemId + " received with price" + bidPrice);
return 0L;
}
}
File: EmployeeServiceLocal.java
import javax.ejb.Local;
import javax.jws.WebParam;
@Local
public interface EmployeeServiceLocal {
public Long addBid(String userId,Long itemId,Double bidPrice);
}
File: EmployeeServiceRemote.java
import javax.ejb.Remote;
@Remote
public interface EmployeeServiceRemote {
public Long addBid(String userId,Long itemId,Double bidPrice);
}
File: MyInterceptor.java
import javax.annotation.Resource;
import javax.interceptor.AroundInvoke;
import javax.interceptor.InvocationContext;
public class MyInterceptor {
@Resource
private javax.ejb.SessionContext ctx;
@AroundInvoke
public Object checkUserRole(InvocationContext ic) throws Exception {
System.out.println("*** CheckPermission Interceptor invoked for " + ic.getTarget() + " ***");
if (!ctx.isCallerInRole("admin")) {
throw new SecurityException("User: '" + ctx.getCallerPrincipal().getName()
+ "' does not have permissions for method " + ic.getMethod());
}
return ic.proceed();
}
}
File: Employee.java
import javax.persistence.Entity;
import javax.persistence.EntityListeners;
import javax.persistence.GeneratedValue;
import javax.persistence.Id;
import javax.persistence.PostRemove;
@Entity
public class Employee implements java.io.Serializable {
private int id;
private String firstName;
private String lastName;
@Id
@GeneratedValue
public int getId() {
return id;
}
@PostRemove
public void postRemove()
{
System.out.println("@PostRemove");
}
public void setId(int id) {
this.id = id;
}
public String getFirstName() {
return firstName;
}
public void setFirstName(String first) {
this.firstName = first;
}
public String getLastName() {
return lastName;
}
public void setLastName(String last) {
this.lastName = last;
}
}
File: Main.java
import javax.ejb.EJB;
import javax.naming.InitialContext;
public class Main {
public static void main(String[] a) throws Exception {
EmployeeServiceRemote service = null;
// Context compEnv = (Context) new InitialContext().lookup("java:comp/env");
// service = (HelloService)new
// InitialContext().lookup("java:comp/env/ejb/HelloService");
service = (EmployeeServiceRemote) new InitialContext().lookup("EmployeeBean/remote");
service.addBid("userId",1L,0.1);
}
}
File: jndi.properties
java.naming.factory.initial=org.jnp.interfaces.NamingContextFactory
java.naming.factory.url.pkgs=org.jboss.naming:org.jnp.interfaces
java.naming.provider.url=localhost:1099
EJB-UseInterceptorsToCheckPermission.zip( 4,490 k)Related examples in the same category