@DenyAll public String getDenyAll() { return denyAll; }
@GET @Path("denyAll") @DenyAll public RestrictedEntity denyAll() { return RestrictedEntity.instance(); }
@DenyAll String jsr250();
@Override @DenyAll public int subtract(int x, int y) { return x - y; }
@DenyAll public Book05 findConfidentialBook(Long secureId) { return em.find(Book05.class, secureId); } }
@Path("/endp") @DenyAll @RequestScoped public class SubjectEndpoint { @GET @Path("/getSubjectClass") @RolesAllowed("Tester") public String getSubjectClass(@Context SecurityContext sec) throws Exception { Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); Set<? extends Principal> principalSet = subject.getPrincipals(JsonWebToken.class); if (principalSet.size() > 0) { return "subject.getPrincipals(JWTPrincipal.class) ok"; } throw new IllegalStateException("subject.getPrincipals(JWTPrincipal.class) == 0"); } }
@Path("/endp") @DenyAll @RequestScoped public class EjbEndpoint { @EJB private IService serviceEJB; @GET @Path("/getEJBEcho") @RolesAllowed("Echoer") public String getEJBEcho(@Context SecurityContext sec, @QueryParam("input") String input) { return serviceEJB.echo(input); } @GET @Path("/getEJBPrincipalClass") @RolesAllowed("Tester") public String getEJBPrincipalClass(@Context SecurityContext sec) { return serviceEJB.getPrincipalClass(); } @GET @Path("/getEJBSubjectClass") @RolesAllowed("Tester") public String getEJBSubjectClass(@Context SecurityContext sec) throws Exception { return serviceEJB.getSubjectClass(); } }
@Path("/endp") @DenyAll @RequestScoped public class RolesEndpoint {