Giter Site home page Giter Site logo

jsr375-examples's Introduction

jsr375-examples

Examples of Java EE 8 security API

app-mem-basic

Basic example to get familiar with Http Mechanism, IdentityStore and the configuration by the CDI definition annotation.

Runs fine on GlassFish 5.0

ldap-customform

More realistic scenario using a custom login form (Using PrimeFaces) and authentication/authorization against an external LDAP.

External LDAP is configured by the CDI definition annotation in the Servlet class.

Example LDAP entries can be found within apacheDS_JCP.ldif

Runs fine on GlassFish 5.0

ldapform-jsf

Same as previous but now the protected resource is a JSF page, not a servlet.

Additional config is made within web.xml to define the protected and free accessible pages.

On GlassFish 5.0, there is an Internal Server Error with no explanation.

Therefor a EE7 profile is created in Maven so that the application runs on WildFly 10+.

multiple-store

This is an example of custom implementations for HttpAuthenticationMechanism, IdentityStore and IdentityStoreHandler.

  • TestAuthenticationMechanism -> Custom implementation which reds user name and password from query parameters.
  • AuthorizationIdentityStore -> Custom implementation which only provide the groups. Authentication is performed by a store through CDI definition annotation
  • CustomIdentityStoreHandler -> Custom implementation which loops over all IdentityStores doing authentication so implement a 'black list'. See also BlackListedIdentityStore and beans.xml

Runs fine on GlassFish 5.0

jwt for JAX-RS endpoint

This example protects JAX-RS endpoints by JWT Bearer tokens.

Code and example can be found in the Atbash JSR375 extensions repository.

There is an issue on my machine with the JAX-RS endpoints on GlassFish 5.0. Therefor a EE7 profile is created in Maven so that the application runs on WildFly 10+.

OAuth2 authentication for JSF application

POC for the usage of an OAuth2 provider (Google) for retrieving the end user information.

Code and example can be found in the Atbash JSR375 extensions repository.

There is an issue on GlassFish 5.0 with custom Principals (which needs to be allowed according to the JSR-375 spec). Therefor a EE7 profile is created in Maven so that the application runs on WildFly 10+.

app-db

Extracted the app-db example from the Soteria repository https://github.com/javaee/security-soteria/tree/master/test/app-db and removed the 'dynamic' configuration aspects (EL within configuration annotation)

Contains example of using Pbkdf2 password hashing algorithm.

Runs fine on GlassFish 5.0

jsr375-examples's People

Contributors

dheffelfinger avatar rdebusscher avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.