Shing Wai Chan's Weblog

« Troubleshooting... | Main | Multiple Private... »

Browsing 196 AuthConfigProviders with AJAX

Friday Mar 23, 2007

JSR 196, Java Authentication SPI for Containers, defines SPI for providers plugging into containers for message authentication. It is currently under Proposed Final Draft (PFD) and GlassFish v2 (b40 rc or above) has an implementation of PFD of this JSR. On the other hand, AJAX is another new and exciting technology in the Web 2.0 area. In this blog, I will share my experience with you about constructing a web tool to browse 196 AuthConfigProviders registered in GlassFish by using AJAX tree.

I find that it is very helpful to use jMaki plugin in NetBeans 5.5.1. A jMaki widget can be created in a jsp application by simply drag-and-drop. A very good tutorial can be found in jMaki NetBeans 5.5 screencast.

In the following, I will outline steps to create my web application.

Create a "Web Applicatons" project with name listacp using NetBeans as described in above screencast.
Open index.jsp if it is not already open. Then drag and drop a "jMaki Yahoo Tree" from the left Palette to the jsp. And the following code will be generated in the jsp:
<a:ajax name="yahoo.tree"/>
This will create a AJAX Tree with the default data.
We would like to construct the tree using data in JSON format from GlassFish server. In our case, the data is coming from acpdata.jsp. We need to modify the above as follows:
<a:ajax name="yahoo.tree" service="/acpdata.jsp"/>
In acpdata.jsp, we need to get a complete list of AuthConfigProvider. This can achieved by getting a complete list of registration ID first.
AuthConfigFactory factory = AuthConfigFactory.getFactory(); if (factory != null) { String[] regisIDs = factory.getRegistrationIDs(null);
And for each registration ID, we can get RegistrationContext and AuthConfigProvider as follows:
RegistrationContext regContext = factory.getRegistrationContext(regisID); if (regContext != null) { String layer = regContext.getMessageLayer(); String appContext = regContext.getAppContext(); AuthConfigProvider provider = factory.getConfigProvider(layer, appContext, null);
Then we need to output the data in corresponding JSON format. An example of the format from corresponding source of the Yahoo Tree Widget can be found in jMaki Widget Gallery. For instance, in our case, acpdata.jsp outputs the data as
{ root: { title: '196 factory: com.sun.enterprise.security.jmac.config.GFAuthConfigFactory', expanded: 'true', children: [ { title: 'registrationID = __2SOAP', expanded: 'false', children: [ { title: 'messageLayer = SOAP'}, { title: 'appContext = null'}, { title: 'description = WSIT AuthConfigProvider'}, { title: 'persistent = false'}, { title: 'provider = com.sun.xml.wss.provider.wsit.WSITAuthConfigProvider@14a8f44'} ] } , ...
Protect the web application
Since the list of AuthConfigProviders will reveal what has been deployed in the given GlassFish installation, we would like to protect this web application so that only users of asadmin group of admin-realm can access it. We can achieve this by:
Adding security setting in web.xml through NetBeans by navigating the Web application on panel of NetBeans: Web Pages > WEB-INF, open web.xml, and click Security, and modifying it as follows:
Login Configuration: Basic
Realm Name: admin-realm

Add Security Roles: admin

Add Security Constraint
    Resource Name: secure resource
    URL Pattern(s): /*

Click on "Enable Security Constraint"
    Role Names: admin
Then, adding the security-role-mapping to sun-web.xml through "Edit As XML" mode:
<security-role-mapping>     <role-name>admin</role-name>     <principal-name>admin</principal-name>     <group-name>asadmin</group-name> </security-role-mapping>
If we package the war file and deploy, then we can access
http://your_host:your_port/listacp
Enter your admin username and password. Everything works! The only drawback is the war file size is too big right now. In order to make it smaller, we have to remove unused AJAX libraries manually at this moment. (Try your best effort!) I hope the tool will only put in the required scripts in the future.

One can download my sample AJAX 196 AuthConfigProvider browser here. Note that we need to use a browser supporting AJAX (Firefox, Internet Explorer et al, not Mozilla 1.x) in order to run this example.

[10] Comments

Like this post?

Posted at 02:56PM Mar 23, 2007 by swchan in Sun
Tags:

Comments:

Thanks for the good example.

Posted by Dennis on March 23, 2007 at 07:03 PM PDT #

Today i will apply this code,I hope It will work in my project the way i am thinking this codec helpfull ,but i am looking for more of ur post regarding this kind of information.

Posted by Steve M. on September 21, 2007 at 11:05 PM PDT #

thanks for your sharing.

Posted by 天博 on January 30, 2008 at 08:24 AM PST #

thanks

Posted by define on June 03, 2008 at 08:48 AM PDT #

Thanks so much.

Posted by oyun on July 26, 2008 at 03:33 PM PDT #

Thank you

Posted by oyunlar on November 05, 2008 at 11:10 AM PST #

I like very much the writings and pictures and explanations in your adress so I look forward to see your next writings. I congratulate you.

Posted by North Cyprus Holiday on January 10, 2009 at 01:32 AM PST #

thanks for this post admin

Posted by oyunlar on January 13, 2009 at 01:30 PM PST #

Many women wish to enhance the size of their breast naturally. Some of them resort to breast enlargement pills. Women ho are hesitant to undergo breast implant surgery find it very appealing. Many women view breast enlargement pills as an easy and inexpensive way of increasing their breast size.

Posted by Breast Enlargement on February 20, 2009 at 11:54 AM PST #

Great site. I have found some info I need. Keep up!

Posted by sikiş on April 28, 2009 at 03:18 PM PDT #