Download as
Browse Code »

Commit ecc7cab2da26f62d4c53115b5e3a0acdf2d84269

Authored by PauloGladson
1 parent bb29ed79

Segurança

Showing 25 changed files with 695 additions and 568 deletions   Show diff stats
@@ -4,3 +4,6 @@ @@ -4,3 +4,6 @@
4 /security/target/ 4 /security/target/
5 /.project 5 /.project
6 /.settings/ 6 /.settings/
  7 +/basic/target/
  8 +/basic (cópia)/target/
  9 +/jwt/target/
7 \ No newline at end of file 10 \ No newline at end of file
basic/.gitignore 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,3 @@ @@ -0,0 +1,3 @@
  1 +/.settings/
  2 +/.classpath
  3 +/.project
basic/pom.xml 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,34 @@ @@ -0,0 +1,34 @@
  1 +<?xml version="1.0" encoding="UTF-8"?>
  2 +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  3 + <modelVersion>4.0.0</modelVersion>
  4 + <groupId>org.demoiselle.jee</groupId>
  5 + <artifactId>demoiselle-security-basic</artifactId>
  6 + <version>3.0.0-SNAPSHOT</version>
  7 + <packaging>jar</packaging>
  8 + <properties>
  9 + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  10 + <maven.compiler.source>1.8</maven.compiler.source>
  11 + <maven.compiler.target>1.8</maven.compiler.target>
  12 + </properties>
  13 + <dependencies>
  14 +
  15 + <dependency>
  16 + <groupId>${project.groupId}</groupId>
  17 + <artifactId>demoiselle-core</artifactId>
  18 + <version>${project.version}</version>
  19 + </dependency>
  20 +
  21 + <dependency>
  22 + <groupId>${project.groupId}</groupId>
  23 + <artifactId>demoiselle-ws</artifactId>
  24 + <version>${project.version}</version>
  25 + </dependency>
  26 +
  27 + <dependency>
  28 + <groupId>${project.groupId}</groupId>
  29 + <artifactId>demoiselle-security</artifactId>
  30 + <version>${project.version}</version>
  31 + </dependency>
  32 +
  33 + </dependencies>
  34 +</project>
basic/src/main/java/org/demoiselle/jee/security/basic/impl/SecurityContextImpl.java 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,117 @@ @@ -0,0 +1,117 @@
  1 +package org.demoiselle.jee.security.basic.impl;
  2 +
  3 +import javax.enterprise.context.Dependent;
  4 +import java.io.Serializable;
  5 +import java.security.Principal;
  6 +import java.util.Map;
  7 +import java.util.Set;
  8 +import javax.inject.Inject;
  9 +import org.demoiselle.jee.core.util.ResourceBundle;
  10 +import org.demoiselle.jee.security.SecurityContext;
  11 +import org.demoiselle.jee.security.TokensManager;
  12 +import org.demoiselle.jee.security.exception.NotLoggedInException;
  13 +
  14 +/**
  15 + * <p>
  16 + * This is the default implementation of {@link SecurityContext} interface.
  17 + * </p>
  18 + *
  19 + * @author SERPRO
  20 + */
  21 +@Dependent
  22 +public class SecurityContextImpl implements SecurityContext {
  23 +
  24 + private static final long serialVersionUID = 1L;
  25 +
  26 + private String token;
  27 +
  28 + private Principal user;
  29 +
  30 + @Inject
  31 + private TokensManager tm;
  32 +
  33 + @Inject
  34 + private ResourceBundle bundle;
  35 +
  36 + /**
  37 + * @see org.demoiselle.security.SecurityContext#hasPermission(String,
  38 + * String)
  39 + */
  40 + @Override
  41 + public boolean hasPermission(String resource, String operation) {
  42 + boolean result = true;
  43 +
  44 + return result;
  45 + }
  46 +
  47 + /**
  48 + * @see org.demoiselle.security.SecurityContext#hasRole(String)
  49 + */
  50 + @Override
  51 + public boolean hasRole(String role) {
  52 + boolean result = true;
  53 +
  54 + return result;
  55 + }
  56 +
  57 + /**
  58 + * @see org.demoiselle.security.SecurityContext#isLoggedIn()
  59 + */
  60 + @Override
  61 + public boolean isLoggedIn() {
  62 + return getUser() != null;
  63 + }
  64 +
  65 + /**
  66 + * @see org.demoiselle.security.SecurityContext#getUser()
  67 + */
  68 + @Override
  69 + public Principal getUser() {
  70 + return this.user;
  71 + }
  72 +
  73 + public void checkLoggedIn() throws NotLoggedInException {
  74 + if (!isLoggedIn()) {
  75 + throw new NotLoggedInException(bundle.getString("user-not-authenticated"));
  76 + }
  77 + }
  78 +
  79 + @Override
  80 + public void setRoles(Set<String> roles) {
  81 + throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
  82 + }
  83 +
  84 + @Override
  85 + public void setPermission(Map<String, String> permissions) {
  86 + throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
  87 + }
  88 +
  89 + @Override
  90 + public Set<String> getResources(String operation) {
  91 + throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
  92 + }
  93 +
  94 + @Override
  95 + public Set<String> getOperations(String resources) {
  96 + throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
  97 + }
  98 +
  99 + @Override
  100 + public void setUser(Principal principal) {
  101 + this.token = tm.create(principal);
  102 + this.user = principal;
  103 + }
  104 +
  105 + @Override
  106 + public String getToken() {
  107 + return token;
  108 + }
  109 +
  110 + @Override
  111 + public void setToken(String token) {
  112 + this.user = tm.getUser(token);
  113 + this.token = token;
  114 + }
  115 +
  116 +
  117 +}
basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,48 @@ @@ -0,0 +1,48 @@
  1 +/*
  2 + * To change this license header, choose License Headers in Project Properties.
  3 + * To change this template file, choose Tools | Templates
  4 + * and open the template in the editor.
  5 + */
  6 +package org.demoiselle.jee.security.basic.impl;
  7 +
  8 +import java.security.Principal;
  9 +import java.util.UUID;
  10 +import java.util.concurrent.ConcurrentHashMap;
  11 +import javax.enterprise.context.Dependent;
  12 +import org.demoiselle.jee.security.TokensManager;
  13 +
  14 +/**
  15 + *
  16 + * @author 70744416353
  17 + */
  18 +@Dependent
  19 +public class TokensManagerImpl implements TokensManager {
  20 +
  21 + private static ConcurrentHashMap<String, Principal> repo = new ConcurrentHashMap<>();
  22 +
  23 + @Override
  24 + public Principal getUser(String token) {
  25 + return repo.get(token);
  26 + }
  27 +
  28 + @Override
  29 + public String create(Principal user) {
  30 + String value = null;
  31 + if (!repo.containsValue(user)) {
  32 + value = UUID.randomUUID().toString();
  33 + repo.put(value, user);
  34 + }
  35 + return value;
  36 + }
  37 +
  38 + @Override
  39 + public void remove(String token) {
  40 + repo.remove(token);
  41 + }
  42 +
  43 + @Override
  44 + public boolean validate(String token) {
  45 + return repo.containsKey(token);
  46 + }
  47 +
  48 +}
basic/src/main/resources/demoiselle.properties 0 → 100644
  Diff comments   View file @ecc7cab
core/src/main/resources/demoiselle-core-bundle.properties 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,130 @@ @@ -0,0 +1,130 @@
  1 +# Demoiselle Framework
  2 +# Copyright (C) 2010 SERPRO
  3 +# ----------------------------------------------------------------------------
  4 +# This file is part of Demoiselle Framework.
  5 +#
  6 +# Demoiselle Framework is free software; you can redistribute it and/or
  7 +# modify it under the terms of the GNU Lesser General Public License version 3
  8 +# as published by the Free Software Foundation.
  9 +#
  10 +# This program is distributed in the hope that it will be useful,
  11 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13 +# GNU General Public License for more details.
  14 +#
  15 +# You should have received a copy of the GNU Lesser General Public License version 3
  16 +# along with this program; if not, see <http://www.gnu.org/licenses/>
  17 +# or write to the Free Software Foundation, Inc., 51 Franklin Street,
  18 +# Fifth Floor, Boston, MA 02110-1301, USA.
  19 +# ----------------------------------------------------------------------------
  20 +# Este arquivo \u00E9 parte do Framework Demoiselle.
  21 +#
  22 +# O Framework Demoiselle \u00E9 um software livre; voc\u00EA pode redistribu\u00ED-lo e/ou
  23 +# modific\u00E1-lo dentro dos termos da GNU LGPL vers\u00E3o 3 como publicada pela Funda\u00E7\u00E3o
  24 +# do Software Livre (FSF).
  25 +#
  26 +# Este programa \u00E9 distribu\u00EDdo na esperan\u00E7a que possa ser \u00FAtil, mas SEM NENHUMA
  27 +# GARANTIA; sem uma garantia impl\u00EDcita de ADEQUA\u00C7\u00C3O a qualquer MERCADO ou
  28 +# APLICA\u00C7\u00C3O EM PARTICULAR. Veja a Licen\u00E7a P\u00FAblica Geral GNU/LGPL em portugu\u00EAs
  29 +# para maiores detalhes.
  30 +#
  31 +# Voc\u00EA deve ter recebido uma c\u00F3pia da GNU LGPL vers\u00E3o 3, sob o t\u00EDtulo
  32 +# "LICENCA.txt", junto com esse programa. Se n\u00E3o, acesse <http://www.gnu.org/licenses/>
  33 +# ou escreva para a Funda\u00E7\u00E3o do Software Livre (FSF) Inc.,
  34 +# 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  35 +
  36 +version=${project.version}
  37 +engine-on=Iniciando o Demoiselle Framework ${project.version} (Neo)
  38 +resource-not-found=Arquivo {0} n\u00E3o foi encontrado
  39 +key-not-found=A chave {0} n\u00E3o foi encontrada
  40 +ambiguous-strategy-resolution=Foi detectada ambiguidade da interface {0} com as seguintes implementa\u00E7\u00F5es\: {1}. Para resolver o conflito, defina explicitamente a implementa\u00E7\u00E3o no demoiselle.properties.
  41 +ambiguous-bean-resolution=Falha ao obter {0} pois foi detectada ambiguidade nas seguintes implementa\u00E7\u00F5es\: {1}
  42 +bean-not-found=Voc\u00EA est\u00E1 tentando obter um objeto n\u00E3o reconhecido pelo CDI via Beans.getReference({0})
  43 +store-not-found=O objeto do tipo [{0}] n\u00E3o pode ser armazenado no escopo indicado\: {1}
  44 +more-than-one-exceptionhandler-defined-for-same-class=Foi definido mais de um m\u00E9todo na classe {0} para tratar a exce\u00E7\u00E3o {1}
  45 +handling-exception=Tratando a exce\u00E7\u00E3o {0}
  46 +taking-off=O Demoiselle ${project.version} decolou
  47 +engine-off=Desligando os motores do Demoiselle ${project.version}
  48 +setting-up-bean-manager=BeanManager dispon\u00EDvel atrav\u00E9s do utilit\u00E1rio {0}
  49 +
  50 +user-transaction-lookup-fail=N\u00E3o foi encontrada nenhuma transa\u00E7\u00E3o com o nome {0} no contexto JNDI
  51 +transactional-execution=Execu\u00E7\u00E3o transacional de {0}
  52 +begin-transaction=Transa\u00E7\u00E3o iniciada
  53 +transaction-marked-rollback=Transa\u00E7\u00E3o marcada para rollback [{0}]
  54 +transaction-already-finalized=A transa\u00E7\u00E3o j\u00E1 havia sido finalizada
  55 +transaction-commited=Transa\u00E7\u00E3o finalizada com sucesso
  56 +transaction-rolledback=Transa\u00E7\u00E3o finalizada com rollback
  57 +
  58 +bootstrap.configuration.processing=Processando {0}
  59 +bootstrap-context-already-managed=O contexto {0} para o escopo {1} j\u00E1 foi adicionado
  60 +bootstrap-context-added=Adicionando o contexto {0} para o escopo {1}
  61 +
  62 +loading-configuration-class=Carregando a classe de configura\u00E7\u00E3o {0}
  63 +configuration-field-loaded={0}: {2}
  64 +configuration-attribute-is-mandatory=A configura\u00E7\u00E3o {0} \u00E9 obrigat\u00F3ria, mas n\u00E3o foi encontrada em {1}
  65 +configuration-name-attribute-cant-be-empty=A nota\u00E7\u00E3o @Name n\u00E3o pode estar em branco
  66 +configuration-generic-extraction-error=Ocorreu um erro durante a extra\u00E7\u00E3o do tipo {0} com o extrator {1}
  67 +configuration-dot-after-prefix=N\u00E3o \u00E9 necess\u00E1rio adicionar o ponto ap\u00F3s o prefixo para uma classe de configura\u00E7\u00E3o. \u00C9 recomendado que sejam retirados, pois poder\u00E3o causar erros em vers\u00F5es futuras do Framework.
  68 +configuration-key-not-found={0}\: [n\u00E3o encontrada]
  69 +configuration-extractor-not-found=N\u00E3o foi poss\u00EDvel encontrar a classe extratora para o atributo {0}. Implemente a interface {1} para criar sua classe extratora.
  70 +configuration-not-conversion=N\u00E3o \u00E9 poss\u00EDvel converter o valor {0} para o tipo {1}
  71 +
  72 +transaction-not-defined=Nenhuma transa\u00E7\u00E3o foi definida. Para utilizar @{0} \u00E9 preciso definir a propriedade frameworkdemoiselle.transaction.class com a estrat\u00E9gia de transa\u00E7\u00E3o desejada no arquivo demoiselle.properties
  73 +executing-all=Executando m\u00E9todos anotados com @{0}
  74 +custom-context-selected=Produzindo inst\u00E2ncia do contexto {0}
  75 +custom-context-was-activated=O contexto {0} foi ativado para o escopo {1}
  76 +custom-context-was-deactivated=O contexto {0} foi desativado para o escopo {1}
  77 +custom-context-already-activated=N\u00E3o foi poss\u00EDvel ativar o contexto {0}, o escopo {1} j\u00E1 est\u00E1 ativo no contexto {2}
  78 +custom-context-not-found=N\u00E3o foi encontrado um contexto gerenciado do tipo [{0}] para o escopo [{1}]
  79 +custom-context-manager-not-initialized=ContextManager n\u00E3o foi inicializado. Chame [initialize] ao capturar o evento [AfterBeanDiscovery] em uma extens\u00E3o CDI
  80 +
  81 +error-creating-new-instance-for=Error creating a new instance for "{0}"
  82 +executed-successfully={0} execultado com sucesso
  83 +must-declare-one-single-parameter=Voc\u00EA deve declarar um par\u00E2metro \u00FAnico em {0}
  84 +loading-default-transaction-manager=Carregando o gerenciador de transa\u00E7\u00E3o padr\u00E3o {0}
  85 +results-count-greater-page-size=Quantidade de resultados {0} \u00E9 maior que o tamanho da p\u00E1gina {1}
  86 +page-result=Resultado paginado [p\u00E1gina\={0}, total de resultados\={1}]
  87 +pagination-not-initialized=Pagina\u00E7\u00E3o n\u00E3o inicializada. Inicialize o sistema de pagina\u00E7\u00E3o definindo a p\u00E1gina atual ou o total de resultados ao menos uma vez na requisi\u00E7\u00E3o.
  88 +pagination-invalid-value=Valor inv\u00E1lido para paginador: [{0}].
  89 +page=P\u00E1gina [n\u00FAmero\={0}, tamanho\={1}]
  90 +processing=Processando\: {0}
  91 +processing-fail=Falha no processamento devido a uma exce\u00E7\u00E3o lan\u00E7ada pela aplica\u00E7\u00E3o
  92 +for= \ para\:
  93 +file-not-found=O arquivo {0} n\u00E3o foi encontrado
  94 +
  95 +adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
  96 +access-checking=Verificando permiss\u00E3o do usu\u00E1rio {0} para executar a a\u00E7\u00E3o {1} no recurso {2}
  97 +access-allowed=O usu\u00E1rio {0} acessou o recurso {2} com a a\u00E7\u00E3o {1}
  98 +access-denied=O usu\u00E1rio {0} n\u00E3o possui permiss\u00E3o para executar a a\u00E7\u00E3o {1} no recurso {2}
  99 +access-denied-ui=Voc\u00EA n\u00E3o est\u00E1 autorizado a executar a a\u00E7\u00E3o {1} no recurso {0}
  100 +authorizer-not-defined=Nenhuma regra de resolu\u00E7\u00E3o de permiss\u00F5es foi definida. Para utilizar @{0} \u00E9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00E7\u00E3o de permiss\u00F5es desejada no arquivo demoiselle.properties.
  101 +user-not-authenticated=Usu\u00E1rio n\u00E3o autenticado
  102 +invalid-credentials=Usu\u00E1rio ou senha inv\u00E1lidos
  103 +has-role-verification=Verificando se o usu\u00E1rio {0} possui a(s) role(s)\: {1}
  104 +does-not-have-role=Usu\u00E1rio {0} n\u00E3o possui a(s) role(s)\: {1}
  105 +does-not-have-role-ui=Para acessar este recurso \u00E9 necess\u00E1rio ser {0}
  106 +user-has-role=Usu\u00E1rio {0} possui a(s) role(s)\: {1}
  107 +
  108 +authenticator-not-defined=Nenhum mecanismo de autentica\u00E7\u00E3o foi definido. Para utilizar {0} \u00E9 preciso definir a propriedade frameworkdemoiselle.security.authenticator.class como mecanismo de autentica\u00E7\u00E3o desejado no arquivo demoiselle.properties.
  109 +
  110 +management-notification-attribute-changed=O atributo [{0}] da classe gerenciada [{1}] foi alterado
  111 +management-null-class-defined=O controlador de gerenciamento informado n\u00E3o pode ser [null]
  112 +management-abstract-class-defined=O controlador de gerenciamento [{0}] precisa ser uma classe concreta
  113 +management-no-annotation-found=Classe {0} precisa ser anotada com @ManagementController
  114 +management-invalid-property-no-getter-setter=Falha ao inicializar classe gerenciada {0}, n\u00E3o foi encontrado um m\u00E9todo get ou m\u00E9todo set para a propriedade {1}
  115 +management-invalid-property-as-operation=Falha ao inicializar classe gerenciada {0}, n\u00E3o \u00E9 poss\u00EDvel declarar uma propriedade cujo m\u00E9todo get ou set \u00E9 uma opera\u00E7\u00E3o
  116 +management-introspection-error=Erro ao ler atributos da classe gerenciada {0}
  117 +management-type-not-found=A classe gerenciada informada n\u00E3o existe\: {0}
  118 +management-invoke-error=Erro ao tentar invocar a opera\u00E7\u00E3o "{0}" da classe gerenciada, a opera\u00E7\u00E3o n\u00E3o foi encontrada
  119 +management-write-value-error=N\u00E3o foi poss\u00EDvel definir um valor para a propriedade {0}
  120 +management-read-value-error=N\u00E3o foi poss\u00EDvel ler o valor da propriedade {0}
  121 +management-debug-acessing-property=Acessando propriedade {0} da classe gerenciada {1}
  122 +management-debug-setting-property=Definindo novo valor para propriedade {0} da classe gerenciada {1}
  123 +management-debug-invoking-operation=Invocando opera\u00E7\u00E3o {0} da classe gerenciada {1}
  124 +management-debug-starting-custom-context=Levantando contexto {0} para executar comando na classe gerenciada {1}
  125 +management-debug-stoping-custom-context=Desligando contexto {0} para classe gerenciada {1}
  126 +management-debug-registering-managed-type=Registrando classe gerenciada [{0}]
  127 +management-debug-processing-management-extension=Processando extens\u00E3o de gerenciamento [{0}]
  128 +management-debug-removing-management-extension=Desativando extens\u00E3o de gerenciamento [{0}]
  129 +management-validation-constraint-violation=Ocorreu um erro de valida\u00E7\u00E3o na classe [{0}] ao definir um valor para a propriedade [{1}]\: [{2}]
  130 +management-validation-validator-not-found=Nenhum provedor de valida\u00E7\u00E3o de beans encontrado, as anota\u00E7\u00F5es de valida\u00E7\u00E3o n\u00E3o ser\u00E3o processadas
core/src/main/resources/demoiselle.properties 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,5 @@ @@ -0,0 +1,5 @@
  1 +# Enables JPA transaction strategy, automatically detected if demoiselle-jpa component is detected. Use only if you need to overwrite the default behaviour
  2 +#frameworkdemoiselle.transaction.class=br.gov.frameworkdemoiselle.transaction.JPATransaction
  3 +
  4 +# Enables JTA transaction strategy, automatically detected if demoiselle-jta component is detected. Use only if you need to overwrite the default behaviour
  5 +#frameworkdemoiselle.transaction.class=br.gov.frameworkdemoiselle.transaction.JTATransaction
jwt/.gitignore 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,3 @@ @@ -0,0 +1,3 @@
  1 +/.settings/
  2 +/.classpath
  3 +/.project
jwt/pom.xml 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,33 @@ @@ -0,0 +1,33 @@
  1 +<?xml version="1.0" encoding="UTF-8"?>
  2 +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  3 + <modelVersion>4.0.0</modelVersion>
  4 + <groupId>org.demoiselle.jee</groupId>
  5 + <artifactId>demoiselle-security-jwt</artifactId>
  6 + <version>3.0.0-SNAPSHOT</version>
  7 + <packaging>jar</packaging>
  8 + <properties>
  9 + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  10 + <maven.compiler.source>1.8</maven.compiler.source>
  11 + <maven.compiler.target>1.8</maven.compiler.target>
  12 + </properties>
  13 + <dependencies>
  14 + <dependency>
  15 + <groupId>${project.groupId}</groupId>
  16 + <artifactId>demoiselle-core</artifactId>
  17 + <version>${project.version}</version>
  18 + </dependency>
  19 +
  20 + <dependency>
  21 + <groupId>${project.groupId}</groupId>
  22 + <artifactId>demoiselle-ws</artifactId>
  23 + <version>${project.version}</version>
  24 + </dependency>
  25 +
  26 + <dependency>
  27 + <groupId>${project.groupId}</groupId>
  28 + <artifactId>demoiselle-security</artifactId>
  29 + <version>${project.version}</version>
  30 + </dependency>
  31 +
  32 + </dependencies>
  33 +</project>
@@ -23,7 +23,8 @@ @@ -23,7 +23,8 @@
23 <module>persistence</module> 23 <module>persistence</module>
24 <module>ws</module> 24 <module>ws</module>
25 <!--<module>swagger</module>--> 25 <!--<module>swagger</module>-->
26 - <!--<module>security</module>--> 26 + <module>security</module>
  27 + <module>basic</module>
27 </modules> 28 </modules>
28 29
29 <dependencyManagement> 30 <dependencyManagement>
security/src/main/java/org/demoiselle/jee/security/AfterLoginSuccessful.java
View file @bb29ed7
@@ -1,50 +0,0 @@ @@ -1,50 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package org.demoiselle.jee.security;  
38 -  
39 -import java.io.Serializable;  
40 -  
41 -/**  
42 - * <p>  
43 - * This interface represents an event that is fired when user successfully logs in.  
44 - * </p>  
45 - *  
46 - * @author SERPRO  
47 - */  
48 -public interface AfterLoginSuccessful extends Serializable {  
49 -  
50 -}  
security/src/main/java/org/demoiselle/jee/security/AfterLogoutSuccessful.java
View file @bb29ed7
@@ -1,50 +0,0 @@ @@ -1,50 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package org.demoiselle.jee.security;  
38 -  
39 -import java.io.Serializable;  
40 -  
41 -/**  
42 - * <p>  
43 - * This interface represents an event fired just after the user unauthenticates.  
44 - * </p>  
45 - *  
46 - * @author SERPRO  
47 - */  
48 -public interface AfterLogoutSuccessful extends Serializable {  
49 -  
50 -}  
security/src/main/java/org/demoiselle/jee/security/Authenticator.java
View file @bb29ed7
@@ -1,89 +0,0 @@ @@ -1,89 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package org.demoiselle.jee.security;  
38 -  
39 -import java.io.Serializable;  
40 -import java.security.Principal;  
41 -  
42 -/**  
43 - * <p>  
44 - * Defines the methods that should be implemented by anyone who wants an authentication mechanism.  
45 - * </p>  
46 - *  
47 - * @author SERPRO  
48 - */  
49 -public interface Authenticator extends Serializable {  
50 -  
51 - /**  
52 - * <p>  
53 - * Executes the necessary steps to authenticate an user. After this call, {@link #getUser()} must return  
54 - * the currently authenticated user, or <code>null</code> if the authentication process fails.  
55 - * </p>  
56 - *  
57 - * @throws InvalidCredentialsException  
58 - * You should throw this exception when the informed credentials are invalid.  
59 - *  
60 - * @throws Exception  
61 - * If the underlying authentication mechanism throwns any other exception,  
62 - * just throw it and leave the security context implementation to handle it.  
63 - */  
64 - void authenticate() throws Exception;  
65 -  
66 - /**  
67 - * <p>  
68 - * Executes the necessary steps to unauthenticate an user. After this call, {@link #getUser()} must return <code>null</code>.  
69 - * </p>  
70 - *  
71 - * @throws Exception  
72 - * If the underlying authentication mechanism throwns any other exception,  
73 - * just throw it and leave the security context implementation to handle it.  
74 - */  
75 - void unauthenticate() throws Exception;  
76 -  
77 - /**  
78 - * <p>  
79 - * Returns the currently authenticated user.  
80 - * </p>  
81 - *  
82 - * @return the user currently authenticated, or <code>null</code> if there is no  
83 - * authenticated user.  
84 - *  
85 - * @see #authenticate()  
86 - * @see #unauthenticate()  
87 - */  
88 - Principal getUser();  
89 -}  
security/src/main/java/org/demoiselle/jee/security/Authorizer.java
View file @bb29ed7
@@ -1,75 +0,0 @@ @@ -1,75 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package org.demoiselle.jee.security;  
38 -  
39 -import java.io.Serializable;  
40 -  
41 -/**  
42 - * <p>  
43 - * Defines the methods that should be implemented by anyone who wants an authorization mechanism.  
44 - * </p>  
45 - *  
46 - * @author SERPRO  
47 - */  
48 -public interface Authorizer extends Serializable {  
49 -  
50 - /**  
51 - * <p>  
52 - * Checks if the logged user has a specific role.  
53 - * </p>  
54 - *  
55 - * @param role role to be checked.  
56 - * @return {@code true} if the user has the role.  
57 - * @throws Exception if the underlying permission checking mechanism throwns any other exception,  
58 - * just throw it and leave the security context implementation to handle it.  
59 - */  
60 - boolean hasRole(String role) throws Exception;  
61 -  
62 - /**  
63 - * <p>  
64 - * Checks if the logged user has permission to execute a specific operation on a specific resource.  
65 - * </p>  
66 - *  
67 - * @param resource resource to be checked.  
68 - * @param operation operation to be checked.  
69 - * @return {@code true} if the user has the permission.  
70 - * @throws Exception if the underlying permission checking mechanism throwns any other exception,  
71 - * just throw it and leave the security context implementation to handle it.  
72 - */  
73 - boolean hasPermission(String resource, String operation) throws Exception;  
74 -  
75 -}  
security/src/main/java/org/demoiselle/jee/security/JaxRsFilter.java 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,61 @@ @@ -0,0 +1,61 @@
  1 +/*
  2 + * To change this license header, choose License Headers in Project Properties.
  3 + * To change this template file, choose Tools | Templates
  4 + * and open the template in the editor.
  5 + */
  6 +package org.demoiselle.jee.security;
  7 +
  8 +import java.util.logging.Logger;
  9 +import javax.annotation.PostConstruct;
  10 +import javax.inject.Inject;
  11 +import javax.ws.rs.client.ClientRequestContext;
  12 +import javax.ws.rs.client.ClientRequestFilter;
  13 +import javax.ws.rs.client.ClientResponseContext;
  14 +import javax.ws.rs.client.ClientResponseFilter;
  15 +import javax.ws.rs.container.ContainerRequestContext;
  16 +import javax.ws.rs.container.ContainerRequestFilter;
  17 +import javax.ws.rs.container.ContainerResponseContext;
  18 +import javax.ws.rs.container.ContainerResponseFilter;
  19 +import javax.ws.rs.container.PreMatching;
  20 +import javax.ws.rs.ext.Provider;
  21 +
  22 +/**
  23 + *
  24 + * @author 70744416353
  25 + */
  26 +@Provider
  27 +@PreMatching
  28 +public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, ContainerRequestFilter, ContainerResponseFilter {
  29 +
  30 + @Inject
  31 + private Logger LOG;
  32 +
  33 + @Inject
  34 + private SecurityContext securityContext;
  35 +
  36 + @Override
  37 + public void filter(ClientRequestContext requestContext) {
  38 + String token = requestContext.getHeaders().get("Authorization").toString();
  39 + if (!token.isEmpty()) {
  40 + securityContext.setToken(token);
  41 + }
  42 + }
  43 +
  44 + @Override
  45 + public void filter(ClientRequestContext requestContext, ClientResponseContext responseContext) {
  46 + }
  47 +
  48 + @Override
  49 + public void filter(ContainerRequestContext requestContext) {
  50 + }
  51 +
  52 + @Override
  53 + public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) {
  54 + responseContext.getHeaders().putSingle("Authorization", "Basic");
  55 + }
  56 +
  57 + @PostConstruct
  58 + public void init() {
  59 + LOG.info("Demoiselle Module - Security");
  60 + }
  61 +}
security/src/main/java/org/demoiselle/jee/security/SecurityContext.java
  Diff comments   View file @ecc7cab
@@ -38,6 +38,10 @@ package org.demoiselle.jee.security; @@ -38,6 +38,10 @@ package org.demoiselle.jee.security;
38 38
39 import java.io.Serializable; 39 import java.io.Serializable;
40 import java.security.Principal; 40 import java.security.Principal;
  41 +import java.util.Map;
  42 +import java.util.Set;
  43 +import org.demoiselle.jee.security.exception.AuthorizationException;
  44 +import org.demoiselle.jee.security.exception.NotLoggedInException;
41 45
42 /** 46 /**
43 * <p> 47 * <p>
@@ -48,72 +52,65 @@ import java.security.Principal; @@ -48,72 +52,65 @@ import java.security.Principal;
48 */ 52 */
49 public interface SecurityContext extends Serializable { 53 public interface SecurityContext extends Serializable {
50 54
51 - /**  
52 - * Executes the login of a user to the application.  
53 - *  
54 - * @throws AuthenticationException  
55 - * When the logon process fails, this exception is thrown.  
56 - * @throws InvalidCredentialsException  
57 - * When the user's credentials coudn't be validated. InvalidCredentialsException is a special case of  
58 - * AuthenticationException.  
59 - */  
60 - void login(); 55 + /**
  56 + * Checks if a specific user is logged in.
  57 + *
  58 + * @return {@code true} if the user is logged in
  59 + */
  60 + boolean isLoggedIn();
61 61
62 - /**  
63 - * Executes the logout of a user.  
64 - *  
65 - * @throws AuthenticationException  
66 - * When the logout process fails, this exception is thrown.  
67 - */  
68 - void logout(); 62 + /**
  63 + * @throws NotLoggedInException if there is no user logged in a specific
  64 + * session
  65 + */
  66 + void checkLoggedIn();
69 67
70 - /**  
71 - * Checks if a specific user is logged in.  
72 - *  
73 - * @return {@code true} if the user is logged in  
74 - */  
75 - boolean isLoggedIn(); 68 + /**
  69 + * Checks if the logged user has permission to execute an specific operation
  70 + * on a specific resource.
  71 + *
  72 + * @param resource resource to be checked
  73 + * @param operation operation to be checked
  74 + * @return {@code true} if the user has the permission
  75 + * @throws AuthorizationException When the permission checking fails, this
  76 + * exception is thrown.
  77 + * @throws NotLoggedInException if there is no user logged in a specific
  78 + * session.
  79 + */
  80 + boolean hasPermission(String resource, String operation);
76 81
77 - /**  
78 - * @throws NotLoggedInException  
79 - * if there is no user logged in a specific session  
80 - */  
81 - void checkLoggedIn(); 82 + /**
  83 + * Checks if the logged user has an specific role
  84 + *
  85 + * @param role role to be checked
  86 + * @return {@code true} if the user has the role
  87 + * @throws AuthorizationException When the permission checking fails, this
  88 + * exception is thrown.
  89 + * @throws NotLoggedInException if there is no user logged in a specific
  90 + * session.
  91 + */
  92 + boolean hasRole(String role);
82 93
83 - /**  
84 - * Checks if the logged user has permission to execute an specific operation on a specific resource.  
85 - *  
86 - * @param resource  
87 - * resource to be checked  
88 - * @param operation  
89 - * operation to be checked  
90 - * @return {@code true} if the user has the permission  
91 - * @throws AuthorizationException  
92 - * When the permission checking fails, this exception is thrown.  
93 - * @throws NotLoggedInException  
94 - * if there is no user logged in a specific session.  
95 - */  
96 - boolean hasPermission(String resource, String operation); 94 + /**
  95 + * Return the user logged in the session.
  96 + *
  97 + * @return the user logged in a specific authenticated session. If there is
  98 + * no active session {@code null} is returned.
  99 + */
  100 + Principal getUser();
97 101
98 - /**  
99 - * Checks if the logged user has an specific role  
100 - *  
101 - * @param role  
102 - * role to be checked  
103 - * @return {@code true} if the user has the role  
104 - * @throws AuthorizationException  
105 - * When the permission checking fails, this exception is thrown.  
106 - * @throws NotLoggedInException  
107 - * if there is no user logged in a specific session.  
108 - */  
109 - boolean hasRole(String role); 102 + void setUser(Principal principal);
110 103
111 - /**  
112 - * Return the user logged in the session.  
113 - *  
114 - * @return the user logged in a specific authenticated session. If there is no active session {@code null} is  
115 - * returned.  
116 - */  
117 - Principal getUser(); 104 + String getToken();
  105 +
  106 + void setToken(String token);
  107 +
  108 + void setRoles(Set<String> roles);
  109 +
  110 + void setPermission(Map<String, String> permissions);
  111 +
  112 + Set<String> getResources(String operation);
  113 +
  114 + Set<String> getOperations(String resources);
118 115
119 } 116 }
security/src/main/java/org/demoiselle/jee/security/TokensManager.java 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,63 @@ @@ -0,0 +1,63 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package org.demoiselle.jee.security;
  38 +
  39 +import java.io.Serializable;
  40 +import java.security.Principal;
  41 +import java.util.Map;
  42 +import java.util.Set;
  43 +import org.demoiselle.jee.security.exception.AuthorizationException;
  44 +import org.demoiselle.jee.security.exception.NotLoggedInException;
  45 +
  46 +/**
  47 + * <p>
  48 + * Structure used to handle both authentication and authorizations mechanisms.
  49 + * </p>
  50 + *
  51 + * @author SERPRO
  52 + */
  53 +public interface TokensManager extends Serializable {
  54 +
  55 + Principal getUser(String token);
  56 +
  57 + String create(Principal user);
  58 +
  59 + void remove(String token);
  60 +
  61 + boolean validate(String token);
  62 +
  63 +}
security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
View file @bb29ed7
@@ -1,231 +0,0 @@ @@ -1,231 +0,0 @@
1 -package org.demoiselle.jee.security.impl;  
2 -  
3 -import javax.enterprise.context.Dependent;  
4 -import javax.enterprise.inject.spi.CDI;  
5 -import javax.inject.Named;  
6 -import java.io.Serializable;  
7 -import java.security.Principal;  
8 -import org.demoiselle.jee.core.annotation.literal.NameQualifier;  
9 -import org.demoiselle.jee.core.annotation.literal.StrategyQualifier;  
10 -import org.demoiselle.jee.core.exception.DemoiselleException;  
11 -import org.demoiselle.jee.core.util.ResourceBundle;  
12 -import org.demoiselle.jee.security.AfterLoginSuccessful;  
13 -import org.demoiselle.jee.security.AfterLogoutSuccessful;  
14 -import org.demoiselle.jee.security.Authenticator;  
15 -import org.demoiselle.jee.security.Authorizer;  
16 -import org.demoiselle.jee.security.SecurityContext;  
17 -import org.demoiselle.jee.security.exception.AuthenticationException;  
18 -import org.demoiselle.jee.security.exception.AuthorizationException;  
19 -import org.demoiselle.jee.security.exception.NotLoggedInException;  
20 -  
21 -/**  
22 - * <p>  
23 - * This is the default implementation of {@link SecurityContext} interface.  
24 - * </p>  
25 - *  
26 - * @author SERPRO  
27 - */  
28 -@Dependent  
29 -@Named("securityContext")  
30 -public class SecurityContextImpl implements SecurityContext {  
31 -  
32 - private static final long serialVersionUID = 1L;  
33 -  
34 - private transient ResourceBundle bundle;  
35 -  
36 - private Authenticator authenticator;  
37 -  
38 - private Authorizer authorizer;  
39 -  
40 - private Authenticator getAuthenticator() {  
41 - if (this.authenticator == null) {  
42 - Class<? extends Authenticator> type = getConfig().getAuthenticatorClass();  
43 -  
44 - if (type != null) {  
45 - this.authenticator = CDI.current().select(type).get(); //Beans.getReference(type);  
46 - } else {  
47 - this.authenticator = CDI.current().select(Authenticator.class, new StrategyQualifier()).get(); // Beans.getReference(Authenticator.class, new StrategyQualifier());  
48 - }  
49 - }  
50 -  
51 - return this.authenticator;  
52 - }  
53 -  
54 - private Authorizer getAuthorizer() {  
55 - if (this.authorizer == null) {  
56 - Class<? extends Authorizer> type = getConfig().getAuthorizerClass();  
57 -  
58 - if (type != null) {  
59 - this.authorizer = CDI.current().select(type).get(); //Beans.getReference(type);  
60 - } else {  
61 - this.authorizer = CDI.current().select(Authorizer.class, new StrategyQualifier()).get(); //Beans.getReference(Authorizer.class, new StrategyQualifier());  
62 - }  
63 - }  
64 -  
65 - return this.authorizer;  
66 - }  
67 -  
68 - /**  
69 - * @see org.demoiselle.security.SecurityContext#hasPermission(String,  
70 - * String)  
71 - */  
72 - @Override  
73 - public boolean hasPermission(String resource, String operation) {  
74 - boolean result = true;  
75 -  
76 - if (getConfig().isEnabled()) {  
77 - checkLoggedIn();  
78 -  
79 - try {  
80 - result = getAuthorizer().hasPermission(resource, operation);  
81 -  
82 - } catch (DemoiselleException cause) {  
83 - throw cause;  
84 -  
85 - } catch (Exception cause) {  
86 - throw new AuthorizationException(cause);  
87 - }  
88 - }  
89 -  
90 - return result;  
91 - }  
92 -  
93 - /**  
94 - * @see org.demoiselle.security.SecurityContext#hasRole(String)  
95 - */  
96 - @Override  
97 - public boolean hasRole(String role) {  
98 - boolean result = true;  
99 -  
100 - if (getConfig().isEnabled()) {  
101 - checkLoggedIn();  
102 -  
103 - try {  
104 - result = getAuthorizer().hasRole(role);  
105 -  
106 - } catch (DemoiselleException cause) {  
107 - throw cause;  
108 -  
109 - } catch (Exception cause) {  
110 - throw new AuthorizationException(cause);  
111 - }  
112 - }  
113 -  
114 - return result;  
115 - }  
116 -  
117 - /**  
118 - * @see org.demoiselle.security.SecurityContext#isLoggedIn()  
119 - */  
120 - @Override  
121 - public boolean isLoggedIn() {  
122 - boolean result = true;  
123 -  
124 - if (getConfig().isEnabled()) {  
125 - result = getUser() != null;  
126 - }  
127 -  
128 - return result;  
129 - }  
130 -  
131 - /**  
132 - * @see org.demoiselle.security.SecurityContext#login()  
133 - */  
134 - @Override  
135 - public void login() {  
136 - if (getConfig().isEnabled()) {  
137 -  
138 - try {  
139 - getAuthenticator().authenticate();  
140 -  
141 - } catch (DemoiselleException cause) {  
142 - throw cause;  
143 -  
144 - } catch (Exception cause) {  
145 - throw new AuthenticationException(cause);  
146 - }  
147 -  
148 - CDI.current().getBeanManager().fireEvent(new AfterLoginSuccessful() {  
149 -  
150 - private static final long serialVersionUID = 1L;  
151 - });  
152 -// Beans.getBeanManager().fireEvent(new AfterLoginSuccessful() {  
153 -//  
154 -// private static final long serialVersionUID = 1L;  
155 -// });  
156 - }  
157 - }  
158 -  
159 - /**  
160 - * @see org.demoiselle.security.SecurityContext#logout()  
161 - */  
162 - @Override  
163 - public void logout() throws NotLoggedInException {  
164 - if (getConfig().isEnabled()) {  
165 - checkLoggedIn();  
166 -  
167 - try {  
168 - getAuthenticator().unauthenticate();  
169 -  
170 - } catch (DemoiselleException cause) {  
171 - throw cause;  
172 -  
173 - } catch (Exception cause) {  
174 - throw new AuthenticationException(cause);  
175 - }  
176 -  
177 - CDI.current().getBeanManager().fireEvent(new AfterLogoutSuccessful() {  
178 -  
179 - private static final long serialVersionUID = 1L;  
180 - });  
181 -// Beans.getBeanManager().fireEvent(new AfterLogoutSuccessful() {  
182 -//  
183 -// private static final long serialVersionUID = 1L;  
184 -// });  
185 - }  
186 - }  
187 -  
188 - /**  
189 - * @see org.demoiselle.security.SecurityContext#getUser()  
190 - */  
191 - @Override  
192 - public Principal getUser() {  
193 - Principal user = getAuthenticator().getUser();  
194 -  
195 - if (!getConfig().isEnabled() && user == null) {  
196 - user = new EmptyUser();  
197 - }  
198 -  
199 - return user;  
200 - }  
201 -  
202 - private SecurityConfig getConfig() {  
203 - return CDI.current().select(SecurityConfig.class).get();  
204 -// return Beans.getReference(SecurityConfig.class);  
205 - }  
206 -  
207 - public void checkLoggedIn() throws NotLoggedInException {  
208 - if (!isLoggedIn()) {  
209 - throw new NotLoggedInException(getBundle().getString("user-not-authenticated"));  
210 - }  
211 - }  
212 -  
213 - private ResourceBundle getBundle() {  
214 - if (bundle == null) {  
215 - bundle = CDI.current().select(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle")).get();  
216 -// bundle = Beans.getReference(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle"));  
217 - }  
218 -  
219 - return bundle;  
220 - }  
221 -  
222 - private static class EmptyUser implements Principal, Serializable {  
223 -  
224 - private static final long serialVersionUID = 1L;  
225 -  
226 - @Override  
227 - public String getName() {  
228 - return "demoiselle";  
229 - }  
230 - }  
231 -}  
security/src/main/java/org/demoiselle/jee/security/interceptor/LoggedInInterceptor.java
  Diff comments   View file @ecc7cab
@@ -34,7 +34,6 @@ @@ -34,7 +34,6 @@
34 * ou escreva para a Fundação do Software Livre (FSF) Inc., 34 * ou escreva para a Fundação do Software Livre (FSF) Inc.,
35 * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA. 35 * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
36 */ 36 */
37 -  
38 package org.demoiselle.jee.security.interceptor; 37 package org.demoiselle.jee.security.interceptor;
39 38
40 import javax.annotation.Priority; 39 import javax.annotation.Priority;
@@ -48,16 +47,15 @@ import org.demoiselle.jee.security.SecurityContext; @@ -48,16 +47,15 @@ import org.demoiselle.jee.security.SecurityContext;
48 47
49 /** 48 /**
50 * <p> 49 * <p>
51 - *Intercepts calls with {@link LoggedIn} annotations. 50 + * Intercepts calls with {@link LoggedIn} annotations.
52 * </p> 51 * </p>
53 * 52 *
54 * @author SERPRO 53 * @author SERPRO
55 */ 54 */
56 -  
57 @LoggedIn 55 @LoggedIn
58 @Interceptor 56 @Interceptor
59 @Priority(Interceptor.Priority.APPLICATION) 57 @Priority(Interceptor.Priority.APPLICATION)
60 -public class LoggedInInterceptor implements Serializable{ 58 +public class LoggedInInterceptor implements Serializable {
61 59
62 private static final long serialVersionUID = 1L; 60 private static final long serialVersionUID = 1L;
63 61
security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredPermissionInterceptor.java
  Diff comments   View file @ecc7cab
@@ -140,6 +140,5 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -140,6 +140,5 @@ public class RequiredPermissionInterceptor implements Serializable {
140 140
141 private SecurityContext getSecurityContext() { 141 private SecurityContext getSecurityContext() {
142 return CDI.current().select(SecurityContext.class).get(); 142 return CDI.current().select(SecurityContext.class).get();
143 -// return Beans.getReference(SecurityContext.class);  
144 } 143 }
145 } 144 }
security/src/main/java/org/demoiselle/jee/security/interceptor/RequiredRoleInterceptor.java
  Diff comments   View file @ecc7cab
@@ -106,7 +106,6 @@ public class RequiredRoleInterceptor implements Serializable { @@ -106,7 +106,6 @@ public class RequiredRoleInterceptor implements Serializable {
106 106
107 private SecurityContext getSecurityContext() { 107 private SecurityContext getSecurityContext() {
108 return CDI.current().select(SecurityContext.class).get(); 108 return CDI.current().select(SecurityContext.class).get();
109 -// return Beans.getReference(SecurityContext.class);  
110 } 109 }
111 110
112 } 111 }
security/src/main/resources/demoiselle-security-bundle.properties 0 → 100644
  Diff comments   View file @ecc7cab
@@ -0,0 +1,130 @@ @@ -0,0 +1,130 @@
  1 +# Demoiselle Framework
  2 +# Copyright (C) 2010 SERPRO
  3 +# ----------------------------------------------------------------------------
  4 +# This file is part of Demoiselle Framework.
  5 +#
  6 +# Demoiselle Framework is free software; you can redistribute it and/or
  7 +# modify it under the terms of the GNU Lesser General Public License version 3
  8 +# as published by the Free Software Foundation.
  9 +#
  10 +# This program is distributed in the hope that it will be useful,
  11 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13 +# GNU General Public License for more details.
  14 +#
  15 +# You should have received a copy of the GNU Lesser General Public License version 3
  16 +# along with this program; if not, see <http://www.gnu.org/licenses/>
  17 +# or write to the Free Software Foundation, Inc., 51 Franklin Street,
  18 +# Fifth Floor, Boston, MA 02110-1301, USA.
  19 +# ----------------------------------------------------------------------------
  20 +# Este arquivo \u00E9 parte do Framework Demoiselle.
  21 +#
  22 +# O Framework Demoiselle \u00E9 um software livre; voc\u00EA pode redistribu\u00ED-lo e/ou
  23 +# modific\u00E1-lo dentro dos termos da GNU LGPL vers\u00E3o 3 como publicada pela Funda\u00E7\u00E3o
  24 +# do Software Livre (FSF).
  25 +#
  26 +# Este programa \u00E9 distribu\u00EDdo na esperan\u00E7a que possa ser \u00FAtil, mas SEM NENHUMA
  27 +# GARANTIA; sem uma garantia impl\u00EDcita de ADEQUA\u00C7\u00C3O a qualquer MERCADO ou
  28 +# APLICA\u00C7\u00C3O EM PARTICULAR. Veja a Licen\u00E7a P\u00FAblica Geral GNU/LGPL em portugu\u00EAs
  29 +# para maiores detalhes.
  30 +#
  31 +# Voc\u00EA deve ter recebido uma c\u00F3pia da GNU LGPL vers\u00E3o 3, sob o t\u00EDtulo
  32 +# "LICENCA.txt", junto com esse programa. Se n\u00E3o, acesse <http://www.gnu.org/licenses/>
  33 +# ou escreva para a Funda\u00E7\u00E3o do Software Livre (FSF) Inc.,
  34 +# 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  35 +
  36 +version=${project.version}
  37 +engine-on=Iniciando o Demoiselle Framework ${project.version} (Neo)
  38 +resource-not-found=Arquivo {0} n\u00E3o foi encontrado
  39 +key-not-found=A chave {0} n\u00E3o foi encontrada
  40 +ambiguous-strategy-resolution=Foi detectada ambiguidade da interface {0} com as seguintes implementa\u00E7\u00F5es\: {1}. Para resolver o conflito, defina explicitamente a implementa\u00E7\u00E3o no demoiselle.properties.
  41 +ambiguous-bean-resolution=Falha ao obter {0} pois foi detectada ambiguidade nas seguintes implementa\u00E7\u00F5es\: {1}
  42 +bean-not-found=Voc\u00EA est\u00E1 tentando obter um objeto n\u00E3o reconhecido pelo CDI via Beans.getReference({0})
  43 +store-not-found=O objeto do tipo [{0}] n\u00E3o pode ser armazenado no escopo indicado\: {1}
  44 +more-than-one-exceptionhandler-defined-for-same-class=Foi definido mais de um m\u00E9todo na classe {0} para tratar a exce\u00E7\u00E3o {1}
  45 +handling-exception=Tratando a exce\u00E7\u00E3o {0}
  46 +taking-off=O Demoiselle ${project.version} decolou
  47 +engine-off=Desligando os motores do Demoiselle ${project.version}
  48 +setting-up-bean-manager=BeanManager dispon\u00EDvel atrav\u00E9s do utilit\u00E1rio {0}
  49 +
  50 +user-transaction-lookup-fail=N\u00E3o foi encontrada nenhuma transa\u00E7\u00E3o com o nome {0} no contexto JNDI
  51 +transactional-execution=Execu\u00E7\u00E3o transacional de {0}
  52 +begin-transaction=Transa\u00E7\u00E3o iniciada
  53 +transaction-marked-rollback=Transa\u00E7\u00E3o marcada para rollback [{0}]
  54 +transaction-already-finalized=A transa\u00E7\u00E3o j\u00E1 havia sido finalizada
  55 +transaction-commited=Transa\u00E7\u00E3o finalizada com sucesso
  56 +transaction-rolledback=Transa\u00E7\u00E3o finalizada com rollback
  57 +
  58 +bootstrap.configuration.processing=Processando {0}
  59 +bootstrap-context-already-managed=O contexto {0} para o escopo {1} j\u00E1 foi adicionado
  60 +bootstrap-context-added=Adicionando o contexto {0} para o escopo {1}
  61 +
  62 +loading-configuration-class=Carregando a classe de configura\u00E7\u00E3o {0}
  63 +configuration-field-loaded={0}: {2}
  64 +configuration-attribute-is-mandatory=A configura\u00E7\u00E3o {0} \u00E9 obrigat\u00F3ria, mas n\u00E3o foi encontrada em {1}
  65 +configuration-name-attribute-cant-be-empty=A nota\u00E7\u00E3o @Name n\u00E3o pode estar em branco
  66 +configuration-generic-extraction-error=Ocorreu um erro durante a extra\u00E7\u00E3o do tipo {0} com o extrator {1}
  67 +configuration-dot-after-prefix=N\u00E3o \u00E9 necess\u00E1rio adicionar o ponto ap\u00F3s o prefixo para uma classe de configura\u00E7\u00E3o. \u00C9 recomendado que sejam retirados, pois poder\u00E3o causar erros em vers\u00F5es futuras do Framework.
  68 +configuration-key-not-found={0}\: [n\u00E3o encontrada]
  69 +configuration-extractor-not-found=N\u00E3o foi poss\u00EDvel encontrar a classe extratora para o atributo {0}. Implemente a interface {1} para criar sua classe extratora.
  70 +configuration-not-conversion=N\u00E3o \u00E9 poss\u00EDvel converter o valor {0} para o tipo {1}
  71 +
  72 +transaction-not-defined=Nenhuma transa\u00E7\u00E3o foi definida. Para utilizar @{0} \u00E9 preciso definir a propriedade frameworkdemoiselle.transaction.class com a estrat\u00E9gia de transa\u00E7\u00E3o desejada no arquivo demoiselle.properties
  73 +executing-all=Executando m\u00E9todos anotados com @{0}
  74 +custom-context-selected=Produzindo inst\u00E2ncia do contexto {0}
  75 +custom-context-was-activated=O contexto {0} foi ativado para o escopo {1}
  76 +custom-context-was-deactivated=O contexto {0} foi desativado para o escopo {1}
  77 +custom-context-already-activated=N\u00E3o foi poss\u00EDvel ativar o contexto {0}, o escopo {1} j\u00E1 est\u00E1 ativo no contexto {2}
  78 +custom-context-not-found=N\u00E3o foi encontrado um contexto gerenciado do tipo [{0}] para o escopo [{1}]
  79 +custom-context-manager-not-initialized=ContextManager n\u00E3o foi inicializado. Chame [initialize] ao capturar o evento [AfterBeanDiscovery] em uma extens\u00E3o CDI
  80 +
  81 +error-creating-new-instance-for=Error creating a new instance for "{0}"
  82 +executed-successfully={0} execultado com sucesso
  83 +must-declare-one-single-parameter=Voc\u00EA deve declarar um par\u00E2metro \u00FAnico em {0}
  84 +loading-default-transaction-manager=Carregando o gerenciador de transa\u00E7\u00E3o padr\u00E3o {0}
  85 +results-count-greater-page-size=Quantidade de resultados {0} \u00E9 maior que o tamanho da p\u00E1gina {1}
  86 +page-result=Resultado paginado [p\u00E1gina\={0}, total de resultados\={1}]
  87 +pagination-not-initialized=Pagina\u00E7\u00E3o n\u00E3o inicializada. Inicialize o sistema de pagina\u00E7\u00E3o definindo a p\u00E1gina atual ou o total de resultados ao menos uma vez na requisi\u00E7\u00E3o.
  88 +pagination-invalid-value=Valor inv\u00E1lido para paginador: [{0}].
  89 +page=P\u00E1gina [n\u00FAmero\={0}, tamanho\={1}]
  90 +processing=Processando\: {0}
  91 +processing-fail=Falha no processamento devido a uma exce\u00E7\u00E3o lan\u00E7ada pela aplica\u00E7\u00E3o
  92 +for= \ para\:
  93 +file-not-found=O arquivo {0} n\u00E3o foi encontrado
  94 +
  95 +adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
  96 +access-checking=Verificando permiss\u00E3o do usu\u00E1rio {0} para executar a a\u00E7\u00E3o {1} no recurso {2}
  97 +access-allowed=O usu\u00E1rio {0} acessou o recurso {2} com a a\u00E7\u00E3o {1}
  98 +access-denied=O usu\u00E1rio {0} n\u00E3o possui permiss\u00E3o para executar a a\u00E7\u00E3o {1} no recurso {2}
  99 +access-denied-ui=Voc\u00EA n\u00E3o est\u00E1 autorizado a executar a a\u00E7\u00E3o {1} no recurso {0}
  100 +authorizer-not-defined=Nenhuma regra de resolu\u00E7\u00E3o de permiss\u00F5es foi definida. Para utilizar @{0} \u00E9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00E7\u00E3o de permiss\u00F5es desejada no arquivo demoiselle.properties.
  101 +user-not-authenticated=Usu\u00E1rio n\u00E3o autenticado
  102 +invalid-credentials=Usu\u00E1rio ou senha inv\u00E1lidos
  103 +has-role-verification=Verificando se o usu\u00E1rio {0} possui a(s) role(s)\: {1}
  104 +does-not-have-role=Usu\u00E1rio {0} n\u00E3o possui a(s) role(s)\: {1}
  105 +does-not-have-role-ui=Para acessar este recurso \u00E9 necess\u00E1rio ser {0}
  106 +user-has-role=Usu\u00E1rio {0} possui a(s) role(s)\: {1}
  107 +
  108 +authenticator-not-defined=Nenhum mecanismo de autentica\u00E7\u00E3o foi definido. Para utilizar {0} \u00E9 preciso definir a propriedade frameworkdemoiselle.security.authenticator.class como mecanismo de autentica\u00E7\u00E3o desejado no arquivo demoiselle.properties.
  109 +
  110 +management-notification-attribute-changed=O atributo [{0}] da classe gerenciada [{1}] foi alterado
  111 +management-null-class-defined=O controlador de gerenciamento informado n\u00E3o pode ser [null]
  112 +management-abstract-class-defined=O controlador de gerenciamento [{0}] precisa ser uma classe concreta
  113 +management-no-annotation-found=Classe {0} precisa ser anotada com @ManagementController
  114 +management-invalid-property-no-getter-setter=Falha ao inicializar classe gerenciada {0}, n\u00E3o foi encontrado um m\u00E9todo get ou m\u00E9todo set para a propriedade {1}
  115 +management-invalid-property-as-operation=Falha ao inicializar classe gerenciada {0}, n\u00E3o \u00E9 poss\u00EDvel declarar uma propriedade cujo m\u00E9todo get ou set \u00E9 uma opera\u00E7\u00E3o
  116 +management-introspection-error=Erro ao ler atributos da classe gerenciada {0}
  117 +management-type-not-found=A classe gerenciada informada n\u00E3o existe\: {0}
  118 +management-invoke-error=Erro ao tentar invocar a opera\u00E7\u00E3o "{0}" da classe gerenciada, a opera\u00E7\u00E3o n\u00E3o foi encontrada
  119 +management-write-value-error=N\u00E3o foi poss\u00EDvel definir um valor para a propriedade {0}
  120 +management-read-value-error=N\u00E3o foi poss\u00EDvel ler o valor da propriedade {0}
  121 +management-debug-acessing-property=Acessando propriedade {0} da classe gerenciada {1}
  122 +management-debug-setting-property=Definindo novo valor para propriedade {0} da classe gerenciada {1}
  123 +management-debug-invoking-operation=Invocando opera\u00E7\u00E3o {0} da classe gerenciada {1}
  124 +management-debug-starting-custom-context=Levantando contexto {0} para executar comando na classe gerenciada {1}
  125 +management-debug-stoping-custom-context=Desligando contexto {0} para classe gerenciada {1}
  126 +management-debug-registering-managed-type=Registrando classe gerenciada [{0}]
  127 +management-debug-processing-management-extension=Processando extens\u00E3o de gerenciamento [{0}]
  128 +management-debug-removing-management-extension=Desativando extens\u00E3o de gerenciamento [{0}]
  129 +management-validation-constraint-violation=Ocorreu um erro de valida\u00E7\u00E3o na classe [{0}] ao definir um valor para a propriedade [{1}]\: [{2}]
  130 +management-validation-validator-not-found=Nenhum provedor de valida\u00E7\u00E3o de beans encontrado, as anota\u00E7\u00F5es de valida\u00E7\u00E3o n\u00E3o ser\u00E3o processadas
security/src/main/resources/demoiselle.properties 0 → 100644
  Diff comments   View file @ecc7cab
ws/src/main/java/org/demoiselle/jee/ws/JaxRsFilter.java
  Diff comments   View file @ecc7cab
@@ -44,11 +44,9 @@ public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, C @@ -44,11 +44,9 @@ public class JaxRsFilter implements ClientRequestFilter, ClientResponseFilter, C
44 44
45 @Override 45 @Override
46 public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) { 46 public void filter(ContainerRequestContext requestContext, ContainerResponseContext response) {
47 -  
48 - response.getHeaders().putSingle("Access-Control-Allow-Origin", "*");  
49 - response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE");  
50 - response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type");  
51 - 47 + response.getHeaders().putSingle("Access-Control-Allow-Origin", "*");
  48 + response.getHeaders().putSingle("Access-Control-Allow-Methods", "OPTIONS, GET, POST, PUT, DELETE");
  49 + response.getHeaders().putSingle("Access-Control-Allow-Headers", "Content-Type");
52 } 50 }
53 51
54 @PostConstruct 52 @PostConstruct