servlet-security
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="generator" content="Asciidoctor 2.0.10"> <meta name="author" content="Sherif F. Makary, Pedro Igor, Stefan Guilhen"> <title>servlet-security: Using Jakarta EE Declarative Security to Control Servlet Access</title> <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700"> <style> /* Asciidoctor default stylesheet | MIT License | https://asciidoctor.org */ /* Uncomment @import statement to use as custom stylesheet */ /*@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700";*/ article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section{display:block} audio,video{display:inline-block} audio:not([controls]){display:none;height:0} html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%} a{background:none} a:focus{outline:thin dotted} a:active,a:hover{outline:0} h1{font-size:2em;margin:.67em 0} abbr[title]{border-bottom:1px dotted} b,strong{font-weight:bold} dfn{font-style:italic} hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0} mark{background:#ff0;color:#000} code,kbd,pre,samp{font-family:monospace;font-size:1em} pre{white-space:pre-wrap} q{quotes:"\201C" "\201D" "\2018" "\2019"} small{font-size:80%} sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline} sup{top:-.5em} sub{bottom:-.25em} img{border:0} svg:not(:root){overflow:hidden} figure{margin:0} fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em} legend{border:0;padding:0} button,input,select,textarea{font-family:inherit;font-size:100%;margin:0} button,input{line-height:normal} button,select{text-transform:none} button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer} button[disabled],html input[disabled]{cursor:default} input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0} button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0} textarea{overflow:auto;vertical-align:top} table{border-collapse:collapse;border-spacing:0} *,*::before,*::after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box} html,body{font-size:100%} body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto;tab-size:4;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased} a:hover{cursor:pointer} img,object,embed{max-width:100%;height:auto} object,embed{height:100%} img{-ms-interpolation-mode:bicubic} .left{float:left!important} .right{float:right!important} .text-left{text-align:left!important} .text-right{text-align:right!important} .text-center{text-align:center!important} .text-justify{text-align:justify!important} .hide{display:none} img,object,svg{display:inline-block;vertical-align:middle} textarea{height:auto;min-height:50px} select{width:100%} .center{margin-left:auto;margin-right:auto} .stretch{width:100%} .subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em} div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr} a{color:#2156a5;text-decoration:underline;line-height:inherit} a:hover,a:focus{color:#1d4b8f} a img{border:0} p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility} p aside{font-size:.875em;line-height:1.35;font-style:italic} h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em} h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0} h1{font-size:2.125em} h2{font-size:1.6875em} h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em} h4,h5{font-size:1.125em} h6{font-size:1em} hr{border:solid #dddddf;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0} em,i{font-style:italic;line-height:inherit} strong,b{font-weight:bold;line-height:inherit} small{font-size:60%;line-height:inherit} code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9)} ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit} ul,ol{margin-left:1.5em} ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em} ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit} ul.square{list-style-type:square} ul.circle{list-style-type:circle} ul.disc{list-style-type:disc} ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0} dl dt{margin-bottom:.3125em;font-weight:bold} dl dd{margin-bottom:1.25em} abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help} abbr{text-transform:none} blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd} blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)} blockquote cite::before{content:"\2014 \0020"} blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)} blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)} @media screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2} h1{font-size:2.75em} h2{font-size:2.3125em} h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em} h4{font-size:1.4375em}} table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede} table thead,table tfoot{background:#f7f8f7} table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left} table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)} table tr.even,table tr.alt{background:#f8f8f7} table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6} h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em} h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400} .clearfix::before,.clearfix::after,.float-group::before,.float-group::after{content:" ";display:table} .clearfix::after,.float-group::after{clear:both} :not(pre):not([class^=L])>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;background:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed;word-wrap:break-word} :not(pre)>code.nobreak{word-wrap:normal} :not(pre)>code.nowrap{white-space:nowrap} pre{color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;line-height:1.45;text-rendering:optimizeSpeed} pre code,pre pre{color:inherit;font-size:inherit;line-height:inherit} pre>code{display:block} pre.nowrap,pre.nowrap pre{white-space:pre;word-wrap:normal} em em{font-style:normal} strong strong{font-weight:400} .keyseq{color:rgba(51,51,51,.8)} kbd{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;display:inline-block;color:rgba(0,0,0,.8);font-size:.65em;line-height:1.45;background:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:0 .15em;padding:.2em .5em;vertical-align:middle;position:relative;top:-.1em;white-space:nowrap} .keyseq kbd:first-child{margin-left:0} .keyseq kbd:last-child{margin-right:0} .menuseq,.menuref{color:#000} .menuseq b:not(.caret),.menuref{font-weight:inherit} .menuseq{word-spacing:-.02em} .menuseq b.caret{font-size:1.25em;line-height:.8} .menuseq i.caret{font-weight:bold;text-align:center;width:.45em} b.button::before,b.button::after{position:relative;top:-1px;font-weight:400} b.button::before{content:"[";padding:0 3px 0 2px} b.button::after{content:"]";padding:0 2px 0 3px} p a>code:hover{color:rgba(0,0,0,.9)} #header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em} #header::before,#header::after,#content::before,#content::after,#footnotes::before,#footnotes::after,#footer::before,#footer::after{content:" ";display:table} #header::after,#content::after,#footnotes::after,#footer::after{clear:both} #content{margin-top:1.25em} #content::before{content:none} #header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0} #header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #dddddf} #header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #dddddf;padding-bottom:8px} #header .details{border-bottom:1px solid #dddddf;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap} #header .details span:first-child{margin-left:-.125em} #header .details span.email a{color:rgba(0,0,0,.85)} #header .details br{display:none} #header .details br+span::before{content:"\00a0\2013\00a0"} #header .details br+span.author::before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)} #header .details br+span#revremark::before{content:"\00a0|\00a0"} #header #revnumber{text-transform:capitalize} #header #revnumber::after{content:"\00a0"} #content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #dddddf;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem} #toc{border-bottom:1px solid #e7e7e9;padding-bottom:.5em} #toc>ul{margin-left:.125em} #toc ul.sectlevel0>li>a{font-style:italic} #toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0} #toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none} #toc li{line-height:1.3334;margin-top:.3334em} #toc a{text-decoration:none} #toc a:active{text-decoration:underline} #toctitle{color:#7a2518;font-size:1.2em} @media screen and (min-width:768px){#toctitle{font-size:1.375em} body.toc2{padding-left:15em;padding-right:0} #toc.toc2{margin-top:0!important;background:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #e7e7e9;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto} #toc.toc2 #toctitle{margin-top:0;margin-bottom:.8rem;font-size:1.2em} #toc.toc2>ul{font-size:.9em;margin-bottom:0} #toc.toc2 ul ul{margin-left:0;padding-left:1em} #toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em} body.toc2.toc-right{padding-left:0;padding-right:15em} body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #e7e7e9;left:auto;right:0}} @media screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0} #toc.toc2{width:20em} #toc.toc2 #toctitle{font-size:1.375em} #toc.toc2>ul{font-size:.95em} #toc.toc2 ul ul{padding-left:1.25em} body.toc2.toc-right{padding-left:0;padding-right:20em}} #content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px} #content #toc>:first-child{margin-top:0} #content #toc>:last-child{margin-bottom:0} #footer{max-width:100%;background:rgba(0,0,0,.8);padding:1.25em} #footer-text{color:rgba(255,255,255,.8);line-height:1.44} #content{margin-bottom:.625em} .sect1{padding-bottom:.625em} @media screen and (min-width:768px){#content{margin-bottom:1.25em} .sect1{padding-bottom:1.25em}} .sect1:last-child{padding-bottom:0} .sect1+.sect1{border-top:1px solid #e7e7e9} #content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400} #content h1>a.anchor::before,h2>a.anchor::before,h3>a.anchor::before,#toctitle>a.anchor::before,.sidebarblock>.content>.title>a.anchor::before,h4>a.anchor::before,h5>a.anchor::before,h6>a.anchor::before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em} #content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible} #content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none} #content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221} details,.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em} details>summary:first-of-type{cursor:pointer;display:list-item;outline:none;margin-bottom:.75em} .admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic} table.tableblock.fit-content>caption.title{white-space:nowrap;width:0} .paragraph.lead>p,#preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:1.21875em;line-height:1.6;color:rgba(0,0,0,.85)} table.tableblock #preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:inherit} .admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%} .admonitionblock>table td.icon{text-align:center;width:80px} .admonitionblock>table td.icon img{max-width:none} .admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase} .admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #dddddf;color:rgba(0,0,0,.6)} .admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0} .exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px} .exampleblock>.content>:first-child{margin-top:0} .exampleblock>.content>:last-child{margin-bottom:0} .sidebarblock{border-style:solid;border-width:1px;border-color:#dbdbd6;margin-bottom:1.25em;padding:1.25em;background:#f3f3f2;-webkit-border-radius:4px;border-radius:4px} .sidebarblock>:first-child{margin-top:0} .sidebarblock>:last-child{margin-bottom:0} .sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center} .exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0} .literalblock pre,.listingblock>.content>pre{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;overflow-x:auto;padding:1em;font-size:.8125em} @media screen and (min-width:768px){.literalblock pre,.listingblock>.content>pre{font-size:.90625em}} @media screen and (min-width:1280px){.literalblock pre,.listingblock>.content>pre{font-size:1em}} .literalblock pre,.listingblock>.content>pre:not(.highlight),.listingblock>.content>pre[class="highlight"],.listingblock>.content>pre[class^="highlight "]{background:#f7f7f8} .literalblock.output pre{color:#f7f7f8;background:rgba(0,0,0,.9)} .listingblock>.content{position:relative} .listingblock code[data-lang]::before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:inherit;opacity:.5} .listingblock:hover code[data-lang]::before{display:block} .listingblock.terminal pre .command::before{content:attr(data-prompt);padding-right:.5em;color:inherit;opacity:.5} .listingblock.terminal pre .command:not([data-prompt])::before{content:"$"} .listingblock pre.highlightjs{padding:0} .listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px} .listingblock pre.prettyprint{border-width:0} .prettyprint{background:#f7f7f8} pre.prettyprint .linenums{line-height:1.45;margin-left:2em} pre.prettyprint li{background:none;list-style-type:inherit;padding-left:0} pre.prettyprint li code[data-lang]::before{opacity:1} pre.prettyprint li:not(:first-child) code[data-lang]::before{display:none} table.linenotable{border-collapse:separate;border:0;margin-bottom:0;background:none} table.linenotable td[class]{color:inherit;vertical-align:top;padding:0;line-height:inherit;white-space:normal} table.linenotable td.code{padding-left:.75em} table.linenotable td.linenos{border-right:1px solid currentColor;opacity:.35;padding-right:.5em} pre.pygments .lineno{border-right:1px solid currentColor;opacity:.35;display:inline-block;margin-right:.75em} pre.pygments .lineno::before{content:"";margin-right:-.125em} .quoteblock{margin:0 1em 1.25em 1.5em;display:table} .quoteblock:not(.excerpt)>.title{margin-left:-1.5em;margin-bottom:.75em} .quoteblock blockquote,.quoteblock p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify} .quoteblock blockquote{margin:0;padding:0;border:0} .quoteblock blockquote::before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)} .quoteblock blockquote>.paragraph:last-child p{margin-bottom:0} .quoteblock .attribution{margin-top:.75em;margin-right:.5ex;text-align:right} .verseblock{margin:0 1em 1.25em} .verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility} .verseblock pre strong{font-weight:400} .verseblock .attribution{margin-top:1.25rem;margin-left:.5ex} .quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic} .quoteblock .attribution br,.verseblock .attribution br{display:none} .quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.025em;color:rgba(0,0,0,.6)} .quoteblock.abstract blockquote::before,.quoteblock.excerpt blockquote::before,.quoteblock .quoteblock blockquote::before{display:none} .quoteblock.abstract blockquote,.quoteblock.abstract p,.quoteblock.excerpt blockquote,.quoteblock.excerpt p,.quoteblock .quoteblock blockquote,.quoteblock .quoteblock p{line-height:1.6;word-spacing:0} .quoteblock.abstract{margin:0 1em 1.25em;display:block} .quoteblock.abstract>.title{margin:0 0 .375em;font-size:1.15em;text-align:center} .quoteblock.excerpt>blockquote,.quoteblock .quoteblock{padding:0 0 .25em 1em;border-left:.25em solid #dddddf} .quoteblock.excerpt,.quoteblock .quoteblock{margin-left:0} .quoteblock.excerpt blockquote,.quoteblock.excerpt p,.quoteblock .quoteblock blockquote,.quoteblock .quoteblock p{color:inherit;font-size:1.0625rem} .quoteblock.excerpt .attribution,.quoteblock .quoteblock .attribution{color:inherit;text-align:left;margin-right:0} table.tableblock{max-width:100%;border-collapse:separate} p.tableblock:last-child{margin-bottom:0} td.tableblock>.content>:last-child{margin-bottom:-1.25em} td.tableblock>.content>:last-child.sidebarblock{margin-bottom:0} table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede} table.grid-all>thead>tr>.tableblock,table.grid-all>tbody>tr>.tableblock{border-width:0 1px 1px 0} table.grid-all>tfoot>tr>.tableblock{border-width:1px 1px 0 0} table.grid-cols>*>tr>.tableblock{border-width:0 1px 0 0} table.grid-rows>thead>tr>.tableblock,table.grid-rows>tbody>tr>.tableblock{border-width:0 0 1px} table.grid-rows>tfoot>tr>.tableblock{border-width:1px 0 0} table.grid-all>*>tr>.tableblock:last-child,table.grid-cols>*>tr>.tableblock:last-child{border-right-width:0} table.grid-all>tbody>tr:last-child>.tableblock,table.grid-all>thead:last-child>tr>.tableblock,table.grid-rows>tbody>tr:last-child>.tableblock,table.grid-rows>thead:last-child>tr>.tableblock{border-bottom-width:0} table.frame-all{border-width:1px} table.frame-sides{border-width:0 1px} table.frame-topbot,table.frame-ends{border-width:1px 0} table.stripes-all tr,table.stripes-odd tr:nth-of-type(odd),table.stripes-even tr:nth-of-type(even),table.stripes-hover tr:hover{background:#f8f8f7} th.halign-left,td.halign-left{text-align:left} th.halign-right,td.halign-right{text-align:right} th.halign-center,td.halign-center{text-align:center} th.valign-top,td.valign-top{vertical-align:top} th.valign-bottom,td.valign-bottom{vertical-align:bottom} th.valign-middle,td.valign-middle{vertical-align:middle} table thead th,table tfoot th{font-weight:bold} tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7} tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold} p.tableblock>code:only-child{background:none;padding:0} p.tableblock{font-size:1em} ol{margin-left:1.75em} ul li ol{margin-left:1.5em} dl dd{margin-left:1.125em} dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0} ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em} ul.checklist,ul.none,ol.none,ul.no-bullet,ol.no-bullet,ol.unnumbered,ul.unstyled,ol.unstyled{list-style-type:none} ul.no-bullet,ol.no-bullet,ol.unnumbered{margin-left:.625em} ul.unstyled,ol.unstyled{margin-left:0} ul.checklist{margin-left:.625em} ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1.25em;font-size:.8em;position:relative;bottom:.125em} ul.checklist li>p:first-child>input[type="checkbox"]:first-child{margin-right:.25em} ul.inline{display:-ms-flexbox;display:-webkit-box;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap;list-style:none;margin:0 0 .625em -1.25em} ul.inline>li{margin-left:1.25em} .unstyled dl dt{font-weight:400;font-style:normal} ol.arabic{list-style-type:decimal} ol.decimal{list-style-type:decimal-leading-zero} ol.loweralpha{list-style-type:lower-alpha} ol.upperalpha{list-style-type:upper-alpha} ol.lowerroman{list-style-type:lower-roman} ol.upperroman{list-style-type:upper-roman} ol.lowergreek{list-style-type:lower-greek} .hdlist>table,.colist>table{border:0;background:none} .hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none} td.hdlist1,td.hdlist2{vertical-align:top;padding:0 .625em} td.hdlist1{font-weight:bold;padding-bottom:1.25em} .literalblock+.colist,.listingblock+.colist{margin-top:-.5em} .colist td:not([class]):first-child{padding:.4em .75em 0;line-height:1;vertical-align:top} .colist td:not([class]):first-child img{max-width:none} .colist td:not([class]):last-child{padding:.25em 0} .thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd} .imageblock.left{margin:.25em .625em 1.25em 0} .imageblock.right{margin:.25em 0 1.25em .625em} .imageblock>.title{margin-bottom:0} .imageblock.thumb,.imageblock.th{border-width:6px} .imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em} .image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0} .image.left{margin-right:.625em} .image.right{margin-left:.625em} a.image{text-decoration:none;display:inline-block} a.image object{pointer-events:none} sup.footnote,sup.footnoteref{font-size:.875em;position:static;vertical-align:super} sup.footnote a,sup.footnoteref a{text-decoration:none} sup.footnote a:active,sup.footnoteref a:active{text-decoration:underline} #footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em} #footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em;border-width:1px 0 0} #footnotes .footnote{padding:0 .375em 0 .225em;line-height:1.3334;font-size:.875em;margin-left:1.2em;margin-bottom:.2em} #footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none;margin-left:-1.05em} #footnotes .footnote:last-of-type{margin-bottom:0} #content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0} .gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0} .gist .file-data>table td.line-data{width:99%} div.unbreakable{page-break-inside:avoid} .big{font-size:larger} .small{font-size:smaller} .underline{text-decoration:underline} .overline{text-decoration:overline} .line-through{text-decoration:line-through} .aqua{color:#00bfbf} .aqua-background{background:#00fafa} .black{color:#000} .black-background{background:#000} .blue{color:#0000bf} .blue-background{background:#0000fa} .fuchsia{color:#bf00bf} .fuchsia-background{background:#fa00fa} .gray{color:#606060} .gray-background{background:#7d7d7d} .green{color:#006000} .green-background{background:#007d00} .lime{color:#00bf00} .lime-background{background:#00fa00} .maroon{color:#600000} .maroon-background{background:#7d0000} .navy{color:#000060} .navy-background{background:#00007d} .olive{color:#606000} .olive-background{background:#7d7d00} .purple{color:#600060} .purple-background{background:#7d007d} .red{color:#bf0000} .red-background{background:#fa0000} .silver{color:#909090} .silver-background{background:#bcbcbc} .teal{color:#006060} .teal-background{background:#007d7d} .white{color:#bfbfbf} .white-background{background:#fafafa} .yellow{color:#bfbf00} .yellow-background{background:#fafa00} span.icon>.fa{cursor:default} a span.icon>.fa{cursor:inherit} .admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default} .admonitionblock td.icon .icon-note::before{content:"\f05a";color:#19407c} .admonitionblock td.icon .icon-tip::before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111} .admonitionblock td.icon .icon-warning::before{content:"\f071";color:#bf6900} .admonitionblock td.icon .icon-caution::before{content:"\f06d";color:#bf3400} .admonitionblock td.icon .icon-important::before{content:"\f06a";color:#bf0000} .conum[data-value]{display:inline-block;color:#fff!important;background:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold} .conum[data-value] *{color:#fff!important} .conum[data-value]+b{display:none} .conum[data-value]::after{content:attr(data-value)} pre .conum[data-value]{position:relative;top:-.125em} b.conum *{color:inherit!important} .conum:not([data-value]):empty{display:none} dt,th.tableblock,td.content,div.footnote{text-rendering:optimizeLegibility} h1,h2,p,td.content,span.alt{letter-spacing:-.01em} p strong,td.content strong,div.footnote strong{letter-spacing:-.005em} p,blockquote,dt,td.content,span.alt{font-size:1.0625rem} p{margin-bottom:1.25rem} .sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em} .exampleblock>.content{background:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc} .print-only{display:none!important} @page{margin:1.25cm .75cm} @media print{*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important} html{font-size:80%} a{color:inherit!important;text-decoration:underline!important} a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important} a[href^="http:"]:not(.bare)::after,a[href^="https:"]:not(.bare)::after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em} abbr[title]::after{content:" (" attr(title) ")"} pre,blockquote,tr,img,object,svg{page-break-inside:avoid} thead{display:table-header-group} svg{max-width:100%} p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3} h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid} #toc,.sidebarblock,.exampleblock>.content{background:none!important} #toc{border-bottom:1px solid #dddddf!important;padding-bottom:0!important} body.book #header{text-align:center} body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em} body.book #header .details{border:0!important;display:block;padding:0!important} body.book #header .details span:first-child{margin-left:0!important} body.book #header .details br{display:block} body.book #header .details br+span::before{content:none!important} body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important} body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always} .listingblock code[data-lang]::before{display:block} #footer{padding:0 .9375em} .hide-on-print{display:none!important} .print-only{display:block!important} .hide-for-print{display:none!important} .show-for-print{display:inherit!important}} @media print,amzn-kf8{#header>h1:first-child{margin-top:1.25rem} .sect1{padding:0!important} .sect1+.sect1{border:0} #footer{background:none} #footer-text{color:rgba(0,0,0,.6);font-size:.9em}} @media amzn-kf8{#header,#content,#footnotes,#footer{padding:0}} </style> </head> <body class="article"> <div id="header"> <h1>servlet-security: Using Jakarta EE Declarative Security to Control Servlet Access</h1> <div class="details"> <span id="author" class="author">Sherif F. Makary, Pedro Igor, Stefan Guilhen</span><br> </div> </div> <div id="content"> <div id="preamble"> <div class="sectionbody"> <div class="quoteblock abstract"> <blockquote> The <code>servlet-security</code> quickstart demonstrates the use of Jakarta EE declarative security to control access to Servlets and Security in JBoss EAP. </blockquote> </div> </div> </div> <div class="sect1"> <h2 id="_what_is_it">What is it?</h2> <div class="sectionbody"> <div class="paragraph"> <p>The <code>servlet-security</code> quickstart demonstrates the use of Jakarta EE declarative security to control access to Servlets and Security in Red Hat JBoss Enterprise Application Platform.</p> </div> <div class="paragraph"> <p>When you deploy this example, two users are automatically created for you: user <code>quickstartUser</code> with password <code>quickstartPwd1!</code> and user <code>guest</code> with password <code>guestPwd1!</code>. This data is located in the <code>src/main/resources/import.sql</code> file.</p> </div> <div class="paragraph"> <p>This quickstart takes the following steps to implement Servlet security:</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Web Application:</p> <div class="ulist"> <ul> <li> <p>Adds a security constraint to the Servlet using the <code>@ServletSecurity</code> and <code>@HttpConstraint</code> annotations.</p> </li> <li> <p>Adds a security domain reference to <code>WEB-INF/jboss-web.xml</code>.</p> </li> <li> <p>Adds a <code>login-config</code> that sets the <code>auth-method</code> to <code>BASIC</code> in the <code>WEB-INF/web.xml</code>.</p> </li> </ul> </div> </li> <li> <p>Application Server (<code>standalone.xml</code>):</p> <div class="ulist"> <ul> <li> <p>Defines a security domain in the <code>elytron</code> subsystem that uses the JDBC security realm to obtain the security data used to authenticate and authorize users.</p> </li> <li> <p>Defines an <code>http-authentication-factory</code> in the <code>elytron</code> subsystem that uses the security domain created in step 1 for BASIC authentication.</p> </li> <li> <p>Adds an <code>application-security-domain</code> mapping in the <code>undertow</code> subsystem to map the Servlet security domain to the HTTP authentication factory defined in step 2.</p> </li> </ul> </div> </li> <li> <p>Database Configuration:</p> <div class="ulist"> <ul> <li> <p>Adds an application user with access rights to the application.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>User Name: quickstartUser Password: quickstartPwd1! Role: quickstarts</code></pre> </div> </div> </li> <li> <p>Adds another user with no access rights to the application.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>User Name: guest Password: guestPwd1! Role: notauthorized</code></pre> </div> </div> </li> </ul> </div> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="considerations_for_use_in_a_production_environment">Considerations for Use in a Production Environment</h2> <div class="sectionbody"> <div class="dlist"> <dl> <dt class="hdlist1">H2 Database</dt> <dd> <p>This quickstart uses the H2 database included with Red Hat JBoss Enterprise Application Platform 7.4. It is a lightweight, relational example datasource that is used for examples only. It is not robust or scalable, is not supported, and should NOT be used in a production environment.</p> </dd> </dl> </div> </div> </div> <div class="sect1"> <h2 id="system_requirements">System Requirements</h2> <div class="sectionbody"> <div class="paragraph"> <p>The application this project produces is designed to be run on Red Hat JBoss Enterprise Application Platform 7.4 or later.</p> </div> <div class="paragraph"> <p>All you need to build this project is Java 8.0 (Java SDK 1.8) or later and Maven 3.3.1 or later. See <a href="https://github.com/jboss-developer/jboss-developer-shared-resources/blob/master/guides/CONFIGURE_MAVEN_JBOSS_EAP.adoc#configure_maven_to_build_and_deploy_the_quickstarts">Configure Maven to Build and Deploy the Quickstarts</a> to make sure you are configured correctly for testing the quickstarts.</p> </div> </div> </div> <div class="sect1"> <h2 id="use_of_jboss_home_name">Use of the EAP_HOME and QUICKSTART_HOME Variables</h2> <div class="sectionbody"> <div class="paragraph"> <p>In the following instructions, replace <code><em>EAP_HOME</em></code> with the actual path to your JBoss EAP installation. The installation path is described in detail here: <a href="https://github.com/jboss-developer/jboss-developer-shared-resources/blob/master/guides/USE_OF_EAP_HOME.adoc#use_of_product_home_and_jboss_home_variables">Use of <em>EAP_HOME</em> and <em>JBOSS_HOME</em> Variables</a>.</p> </div> <div class="paragraph"> <p>When you see the replaceable variable <em>QUICKSTART_HOME</em>, replace it with the path to the root directory of all of the quickstarts.</p> </div> </div> </div> <div class="sect1"> <h2 id="back_up_standalone_server_configuration">Back Up the JBoss EAP Standalone Server Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>Before you begin, back up your server configuration file.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>If it is running, stop the JBoss EAP server.</p> </li> <li> <p>Back up the <code><em>EAP_HOME</em>/standalone/configuration/standalone.xml</code> file.</p> </li> </ol> </div> <div class="paragraph"> <p>After you have completed testing this quickstart, you can replace this file to restore the server to its original configuration.</p> </div> </div> </div> <div class="sect1"> <h2 id="start_the_eap_standalone_server">Start the JBoss EAP Standalone Server</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Open a terminal and navigate to the root of the JBoss EAP directory.</p> </li> <li> <p>Start the JBoss EAP server with the default profile by typing the following command.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ <em>EAP_HOME</em>/bin/standalone.sh </code></pre> </div> </div> <div class="admonitionblock note"> <table> <tr> <td class="icon"> <div class="title">Note</div> </td> <td class="content"> For Windows, use the <code><em>EAP_HOME</em>\bin\standalone.bat</code> script. </td> </tr> </table> </div> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="configure_the_server">Configure the Server</h2> <div class="sectionbody"> <div class="paragraph"> <p>You can configure the server by running JBoss CLI commands. For your convenience, this quickstart batches the commands into a <code>configure-server.cli</code> script provided in the root directory of this quickstart.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Before you begin, make sure you do the following:</p> <div class="ulist"> <ul> <li> <p><a href="#back_up_standalone_server_configuration">Back up the JBoss EAP standalone server configuration</a> as described above.</p> </li> <li> <p><a href="#start_the_eap_standalone_server">Start the JBoss EAP server with the standalone default profile</a> as described above.</p> </li> </ul> </div> </li> <li> <p>Review the <code>configure-server.cli</code> file in the root of this quickstart directory. This script adds security domain and HTTP authentication factory to the <code>elytron</code> subsystem in the server configuration and also configures the <code>undertow</code> subsystem to use the configured HTTP authentication factory for the Web application.</p> </li> <li> <p>Open a new terminal, navigate to the root directory of this quickstart, and run the following command, replacing <code><em>EAP_HOME</em></code> with the path to your server:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ <em>EAP_HOME</em>/bin/jboss-cli.sh --connect --file=configure-server.cli</code></pre> </div> </div> <div class="admonitionblock note"> <table> <tr> <td class="icon"> <div class="title">Note</div> </td> <td class="content"> For Windows, use the <code><em>EAP_HOME</em>\bin\jboss-cli.bat</code> script. </td> </tr> </table> </div> <div class="paragraph"> <p>You should see the following result when you run the script:</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>The batch executed successfully</code></pre> </div> </div> </li> <li> <p>Stop the JBoss EAP server.</p> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="_review_the_modified_server_configuration">Review the Modified Server Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>After stopping the server, open the <code><em>EAP_HOME</em>/standalone/configuration/standalone.xml</code> file and review the changes.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>The following datasource was added to the <code>datasources</code> subsystem.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><datasource jndi-name="java:jboss/datasources/ServletSecurityDS" pool-name="ServletSecurityDS"> <connection-url>jdbc:h2:mem:servlet-security;DB_CLOSE_ON_EXIT=FALSE</connection-url> <driver>h2</driver> <security> <user-name>sa</user-name> <password>sa</password> </security> </datasource></code></pre> </div> </div> </li> <li> <p>The following <code>security-realm</code> was added to the <code>elytron</code> subsystem.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><jdbc-realm name="servlet-security-jdbc-realm"> <principal-query sql="SELECT PASSWORD FROM USERS WHERE USERNAME = ?" data-source="ServletSecurityDS"> <clear-password-mapper password-index="1"/> </principal-query> <principal-query sql="SELECT R.NAME, 'Roles' FROM USERS_ROLES UR INNER JOIN ROLES R ON R.ID = UR.ROLE_ID INNER JOIN USERS U ON U.ID = UR.USER_ID WHERE U.USERNAME = ?" data-source="ServletSecurityDS"> <attribute-mapping> <attribute to="roles" index="1"/> </attribute-mapping> </principal-query> </jdbc-realm></code></pre> </div> </div> <div class="paragraph"> <p>The <code>security-realm</code> is responsible for verifying the credentials for a given principal and for obtaining security attributes (like roles) that are associated with the authenticated identity.</p> </div> </li> <li> <p>The following <code>role-decoder</code> was added to the <code>elytron</code> subsystem.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><simple-role-decoder name="from-roles-attribute" attribute="roles"/></code></pre> </div> </div> <div class="paragraph"> <p>The <code>jdbc-realm</code> in this quickstart stores the roles associated with a principal in an attribute named roles. Other realms might use different attributes for roles (such as <code>group</code>). The purpose of a <code>role-decoder</code> is to instruct the security domain how roles are to be retrieved from an authorized identity.</p> </div> </li> <li> <p>The following <code>security-domain</code> was added to the <code>elytron</code> subsystem.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><security-domain name="servlet-security-quickstart-sd" default-realm="servlet-security-jdbc-realm" permission-mapper="default-permission-mapper"> <realm name="servlet-security-jdbc-realm" role-decoder="from-roles-attribute"/> </security-domain></code></pre> </div> </div> </li> <li> <p>The following <code>http-authentication-factory</code> was added to the <code>elytron</code> subsystem.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><http-authentication-factory name="servlet-security-quickstart-http-auth" http-server-mechanism-factory="global" security-domain="servlet-security-quickstart-sd"> <mechanism-configuration> <mechanism mechanism-name="BASIC"> <mechanism-realm realm-name="RealmUsersRoles"/> </mechanism> </mechanism-configuration> </http-authentication-factory></code></pre> </div> </div> <div class="paragraph"> <p>It basically defines an HTTP authentication factory for the BASIC mechanism that relies on the <code>servlet-security-quickstart-sd</code> security domain to authenticate and authorize access to web applications.</p> </div> </li> <li> <p>The following <code>application-security-domain</code> was added to the <code>undertow</code> subsystem.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code class="language-xml" data-lang="xml"><application-security-domains> <application-security-domain name="servlet-security-quickstart" http-authentication-factory="servlet-security-quickstart-http-auth"/> </application-security-domains></code></pre> </div> </div> </li> </ol> </div> <div class="paragraph"> <p>This configuration tells <code>Undertow</code> that applications with the <code>servlet-security-quickstart</code> security domain, as defined in the <code>jboss-web.xml</code> or by using the <code>@SecurityDomain</code> annotation in the Servlet class, should use the <code>http-authentication-factory</code> named <code>servlet-security-quickstart-http-auth</code>. If no <code>application-security-domain</code> is defined for a particular security domain, <code>Undertow</code> assumes the legacy JAAS based security domains should be used for authentication/authorization and, in this case, the security domain defined in the Web application must match a security domain in the legacy <code>security</code> subsystem. The presence of an <code>application-security-domain</code> configuration is what enables Elytron authentication for a Web application.</p> </div> </div> </div> <div class="sect1"> <h2 id="build_and_deploy_the_quickstart">Build and Deploy the Quickstart</h2> <div class="sectionbody"> <div class="olist arabic"> <ol class="arabic"> <li> <p>Make sure you <a href="#start_the_eap_standalone_server">start the JBoss EAP server</a> as described above.</p> </li> <li> <p>Open a terminal and navigate to the root directory of this quickstart.</p> </li> <li> <p>Type the following command to build the artifacts.</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ mvn clean package wildfly:deploy</code></pre> </div> </div> </li> </ol> </div> <div class="paragraph"> <p>This deploys the <code>servlet-security/target/servlet-security.war</code> to the running instance of the server.</p> </div> <div class="paragraph"> <p>You should see a message in the server log indicating that the archive deployed successfully.</p> </div> </div> </div> <div class="sect1"> <h2 id="_access_the_application">Access the Application</h2> <div class="sectionbody"> <div class="paragraph"> <p>The application will be running at the following URL <a href="http://localhost:8080/servlet-security/" class="bare">http://localhost:8080/servlet-security/</a>.</p> </div> <div class="paragraph"> <p>When you access the application, you should get a browser login challenge.</p> </div> <div class="paragraph"> <p>Log in using the username <code>quickstartUser</code> and password <code>quickstartPwd1!</code>. The browser will display the following security info:</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>Successfully called Secured Servlet Principal : quickstartUser Remote User : quickstartUser Authentication Type : BASIC</code></pre> </div> </div> <div class="paragraph"> <p>Now close the browser. Open a new browser and log in with username <code>guest</code> and password <code>guestPwd1!</code>. The browser will display the following error:</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>Forbidden</code></pre> </div> </div> </div> </div> <div class="sect1"> <h2 id="_server_log_expected_warnings_and_errors">Server Log: Expected Warnings and Errors</h2> <div class="sectionbody"> <div class="paragraph"> <p>You will see the following warning in the server log. You can ignore it.</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>HHH000431: Unable to determine H2 database version, certain features may not work</code></pre> </div> </div> </div> </div> <div class="sect1"> <h2 id="undeploy_the_quickstart">Undeploy the Quickstart</h2> <div class="sectionbody"> <div class="paragraph"> <p>When you are finished testing the quickstart, follow these steps to undeploy the archive.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>Make sure you <a href="#start_the_eap_standalone_server">start the JBoss EAP server</a> as described above.</p> </li> <li> <p>Open a terminal and navigate to the root directory of this quickstart.</p> </li> <li> <p>Type this command to undeploy the archive:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ mvn wildfly:undeploy</code></pre> </div> </div> </li> </ol> </div> </div> </div> <div class="sect1"> <h2 id="restore_the_standalone_server_configuration">Restore the JBoss EAP Standalone Server Configuration</h2> <div class="sectionbody"> <div class="paragraph"> <p>You can restore the original server configuration using either of the following methods.</p> </div> <div class="ulist"> <ul> <li> <p>You can <a href="#restore_standalone_server_configuration_using_cli">run the <code>restore-configuration.cli</code> script</a> provided in the root directory of this quickstart.</p> </li> <li> <p>You can <a href="#restore_standalone_server_configuration_manually">manually restore the configuration</a> using the backup copy of the configuration file.</p> </li> </ul> </div> <div class="sect2"> <h3 id="restore_standalone_server_configuration_using_cli">Restore the JBoss EAP Standalone Server Configuration by Running the JBoss CLI Script</h3> <div class="olist arabic"> <ol class="arabic"> <li> <p><a href="#start_the_eap_standalone_server">Start the JBoss EAP server</a> as described above.</p> </li> <li> <p>Open a new terminal, navigate to the root directory of this quickstart, and run the following command, replacing <code><em>EAP_HOME</em></code> with the path to your server:</p> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>$ <em>EAP_HOME</em>/bin/jboss-cli.sh --connect --file=restore-configuration.cli</code></pre> </div> </div> <div class="admonitionblock note"> <table> <tr> <td class="icon"> <div class="title">Note</div> </td> <td class="content"> For Windows, use the <code><em>EAP_HOME</em>\bin\jboss-cli.bat</code> script. </td> </tr> </table> </div> </li> </ol> </div> <div class="paragraph"> <p>This script removes the <code>application-security-domain</code> configuration from the <code>undertow</code> subsystem, the <code>http-authentication-factory</code>, <code>security-domain</code>, <code>security-realm</code> and <code>role-decoder</code> configuration from the <code>elytron</code> subsystem and it also removes the datasource used for this quickstart. You should see the following result when you run the script:</p> </div> <div class="paragraph"> <p>+</p> </div> <div class="listingblock"> <div class="content"> <pre class="highlight nowrap"><code>The batch executed successfully process-state: reload-required</code></pre> </div> </div> </div> <div class="sect2"> <h3 id="restore_standalone_server_configuration_manually">Restore the JBoss EAP Standalone Server Configuration Manually</h3> <div class="paragraph"> <p>When you have completed testing the quickstart, you can restore the original server configuration by manually restoring the backup copy the configuration file.</p> </div> <div class="olist arabic"> <ol class="arabic"> <li> <p>If it is running, stop the JBoss EAP server.</p> </li> <li> <p>Replace the <code><em>EAP_HOME</em>/standalone/configuration/standalone.xml</code> file with the backup copy of the file.</p> </li> </ol> </div> </div> </div> </div> <div class="sect1"> <h2 id="run_the_quickstart_in_redhat_codeready_studio_or_eclipse">Run the Quickstart in Red Hat CodeReady Studio or Eclipse</h2> <div class="sectionbody"> <div class="paragraph"> <p>You can also start the server and deploy the quickstarts or run the Arquillian tests in Red Hat CodeReady Studio or from Eclipse using JBoss tools. For general information about how to import a quickstart, add a JBoss EAP server, and build and deploy a quickstart, see <a href="https://github.com/jboss-developer/jboss-developer-shared-resources/blob/master/guides/USE_JBDS.adoc#use_red_hat_jboss_developer_studio_or_eclipse_to_run_the_quickstarts">Use Red Hat CodeReady Studio or Eclipse to Run the Quickstarts</a>.</p> </div> <div class="ulist"> <ul> <li> <p>Make sure you configure the server by running the JBoss CLI commands as described above under xref:configure_the_server{Configure the Server]. Stop the server at the end of that step.</p> </li> <li> <p>Make sure you <a href="#restore_the_server_configuration">restore the JBoss EAP server configuration</a> when you have completed testing this quickstart.</p> </li> </ul> </div> </div> </div> <div class="sect1"> <h2 id="debug_the_application">Debug the Application</h2> <div class="sectionbody"> <div class="paragraph"> <p>If you want to debug the source code of any library in the project, run the following command to pull the source into your local repository. The IDE should then detect it.</p> </div> <div class="listingblock"> <div class="content"> <pre>$ mvn dependency:sources</pre> </div> </div> </div> </div> <div class="sect1"> <h2 id="openshift_incompatibility">JBoss EAP for OpenShift Incompatibility</h2> <div class="sectionbody"> <div class="paragraph"> <p>This quickstart is not compatible with JBoss EAP for OpenShift or JBoss EAP for OpenShift Online templates.</p> </div> </div> </div> </div> <div id="footer"> <div id="footer-text"> Last updated 2021-06-23 15:53:26 UTC </div> </div> </body> </html>