1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package com.acme;
20
21 import java.io.IOException;
22 import java.io.PrintWriter;
23
24 import javax.servlet.ServletException;
25 import javax.servlet.annotation.HttpConstraint;
26 import javax.servlet.annotation.ServletSecurity;
27 import javax.servlet.annotation.WebServlet;
28 import javax.servlet.http.HttpServlet;
29 import javax.servlet.http.HttpServletRequest;
30 import javax.servlet.http.HttpServletResponse;
31
32 @WebServlet(urlPatterns="/sec/*")
33 @ServletSecurity(@HttpConstraint(rolesAllowed="admin"))
34 public class SecuredServlet extends HttpServlet
35 {
36
37
38 protected void doPost(HttpServletRequest req, HttpServletResponse resp)
39 throws ServletException, IOException
40 {
41 PrintWriter writer = resp.getWriter();
42 writer.println( "<html>");
43 writer.println("<HEAD><link rel=\"stylesheet\" type=\"text/css\" href=\"../stylesheet.css\"/></HEAD>");
44 writer.println("<h1>@ServletSecurity</h1>");
45 writer.println("<body>");
46 writer.println("<pre>");
47 writer.println("@ServletSecurity");
48 writer.println("public class SecuredServlet");
49 writer.println("</pre>");
50 writer.println("<p><b>Result: <span class=\"pass\">PASS</span></b></p>");
51 String context = getServletConfig().getServletContext().getContextPath();
52 if (!context.endsWith("/"))
53 context += "/";
54 writer.println("<p><A HREF=\""+context+"logout.jsp\">Logout</A></p>");
55 writer.println( "</body>");
56 writer.println( "</html>");
57 writer.flush();
58 writer.close();
59 }
60 }