This example demonstrates how to develop secure RESTful "Hello world" web service with a Servlet 2.5 container.
The example consists of just one Java class:
org.glassfish.jersey.examples.https.glassfish.resources.HelloWorldResource
A resource class that produces a textual response to an HTTP GET request.
The mapping of the URI path space is presented in the following table:
| URI path | Resource class | HTTP methods |
|---|---|---|
| /helloworld | HelloWorldResource | GET |
Run the example as follows:
Create war package
mvn clean package
Setup GlassFish 4.0 (installed at AS_HOME=<install_dir>/glassfish4):
Add new security realm called "myRealm"
- Start GlassFish using asadmin
$AS_HOME/bin/asadmin start-domain - Access Admin console, assuming the use of default admin port, at http://localhost:4848
- Navigate in Admin console to:
Configurations -> server-config -> Security -> Realms, click on "New..." - Create user and set password for user
myUser(click on "myRealm" -> "Manage Users" -> "New...");- Ensure "
User ID:" set to "myUser" and "Group List:" set to "Users" - Enter password
myPassin "New Password:" and "Confirm New Password:" text fields
- Ensure "
- Add one other user name
joeUser(click on "myRealm" -> "Manage Users" -> "New...");- Ensure "
User ID:" set to "joeUser" and "Group List:" set to "Users" - Enter password
joePassin "New Password:" and "Confirm New Password:" text fields
- Ensure "
Check web.xml and sun-web.xml to understand how role mappings are
configured. This
blog
is also helpful in helping to clarify role mappings.
Deploy https-server-glassfish.war as a Web Application
- Admin console: select
Applications, click on "Deploy...". Select file./target/https-server-glassfish.war - or you can use command line:
$AS_HOME/bin/asadmin deploy ./target/https-server-glassfish.war
From a web browser, visit:
- https://localhost:8181/https-server-glassfish-webapp/helloworld
- Enter either Username
myUserand PasswordmyPassor, UsernamejoeUserand PasswordjoePass - If entered Username
myUserand PasswordmyPass, verify that expected output:Sending "Hello World" to user "myUser"was displayed - If entered Username
joeUserand PasswordjoePass, verify that expected output:Sending "Hello World" to user "joeUser"was displayed
Run the example as follows:
-
Create war package
mvn clean package -
setup GlassFish 4.0 (installed at
AS_HOME=<install_dir>/glassfish4):- Follow the steps described in the "setup GlassFish 3.1"
section from the previous chapter "Running the Example" but
instead of adding the user "
joeUser" to the "Group List:" of "Users" set "Group List:" for this user to "OtherUsers"
- Follow the steps described in the "setup GlassFish 3.1"
section from the previous chapter "Running the Example" but
instead of adding the user "
-
From a web browser, visit:
- https://localhost:8181/https-server-glassfish-webapp/helloworld
- Enter Username
joeUserand PasswordjoePass, verify that expected output looks like:HTTP Status 403 - Access to the requested resource has been denied