- First, we do some configuration in the web.xml file:
<security-constraint> <web-resource-collection> <web-resource-name>CH05-Authentication</web-resource-name> <url-pattern>/authServlet</url-pattern> </web-resource-collection> <auth-constraint> <role-name>role1</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>role1</role-name> </security-role>
- Then we create a servlet to deal with our user access:
@DeclareRoles({"role1", "role2", "role3"})@WebServlet(name = "/UserAuthenticationServlet", urlPatterns = {"/UserAuthenticationServlet"})public class UserAuthenticationServlet extends HttpServlet { private static final long serialVersionUID = 1L; @Inject private javax.security.enterprise.SecurityContext ...