X

Technology insights, news and tips.

  • Sun
    March 23, 2007

Browsing 196 AuthConfigProviders with AJAX

JSR 196,
Java Authentication SPI for Containers, defines SPI for
providers plugging into containers for message authentication.
It is currently under Proposed Final Draft (PFD) and GlassFish v2
(b40 rc or above) has an implementation of PFD of this JSR.
On the other hand, AJAX
is another new and exciting technology in the Web 2.0 area.
In this blog, I will share my experience with you about
constructing a web tool to browse 196 AuthConfigProviders
registered in GlassFish by using AJAX tree.

I find that it is very helpful to use
jMaki plugin
in NetBeans 5.5.1. A jMaki widget can be created in a jsp application
by simply drag-and-drop. A very good tutorial can be found in
jMaki NetBeans 5.5 screencast.

In the following, I will outline steps to create my
web application.

  1. Create a "Web Applicatons" project with namelistacp using NetBeans as
    described in above screencast.
  2. Open index.jsp if it is not already open.
    Then drag and drop a "jMaki Yahoo Tree" from the left Palette
    to the jsp. And the following code will be generated in
    the jsp:


      <a:ajax name="yahoo.tree"/>

    This will create a AJAX Tree with the default data.

  3. We would like to construct the tree using data in JSON
    format from GlassFish server. In our case, the data
    is coming from acpdata.jsp. We need to modify
    the above as follows:


      <a:ajax name="yahoo.tree" service="/acpdata.jsp"/>

  4. In acpdata.jsp,
    we need to get a complete list of AuthConfigProvider. This
    can achieved by getting a complete list of registration ID first.


      AuthConfigFactory factory = AuthConfigFactory.getFactory();
      if (factory != null) {
        String[] regisIDs = factory.getRegistrationIDs(null);

    And for each registration ID, we can get RegistrationContext and AuthConfigProvider
    as follows:


      RegistrationContext regContext = factory.getRegistrationContext(regisID);
      if (regContext != null) {
        String layer = regContext.getMessageLayer();
        String appContext = regContext.getAppContext();
        AuthConfigProvider provider = factory.getConfigProvider(layer, appContext, null);

  5. Then we need to output the data in corresponding JSON format.
    An example of the format from corresponding source of
    the Yahoo Tree Widget can be found injMaki Widget Gallery.
    For instance, in our case, acpdata.jsp outputs the data as


      { root: {
        title: '196 factory: com.sun.enterprise.security.jmac.config.GFAuthConfigFactory',
        expanded: 'true',
        children: [
        {
          title: 'registrationID = __2SOAP',
          expanded: 'false',
          children: [
            { title: 'messageLayer = SOAP'},
            { title: 'appContext = null'},
            { title: 'description = WSIT AuthConfigProvider'},
            { title: 'persistent = false'},
            { title: 'provider = com.sun.xml.wss.provider.wsit.WSITAuthConfigProvider@14a8f44'}
          ]
        }
        ,
      ...

  6. Protect the web application
    Since the list of AuthConfigProviders
    will reveal what has been deployed in the given GlassFish
    installation, we would like to protect this web application so
    that only users of asadmin group ofadmin-realm can access it.
    We can achieve this by:

    Adding security setting in web.xml through
    NetBeans by navigating the Web application on panel of NetBeans:Web Pages > WEB-INF, open web.xml,
    and click Security,
    and modifying it as follows:
      Login Configuration: Basic
      Realm Name: admin-realm

      Add Security Roles: admin

      Add Security Constraint
        Resource Name: secure resource
        URL Pattern(s): /\*

      Click on "Enable Security Constraint"
        Role Names: admin

    Then, adding the security-role-mapping tosun-web.xml through "Edit As XML" mode:


      <security-role-mapping>
        <role-name>admin</role-name>
        <principal-name>admin</principal-name>
        <group-name>asadmin</group-name>
      </security-role-mapping>

  7. If we package the war file and deploy, then we can access

      http://your_host:your_port/listacp

    Enter your admin username and password. Everything works!
    The only drawback is the war file size is too big right now.
    In order to make it smaller, we have to remove unused AJAX libraries
    manually at this moment. (Try your best effort!) I hope the tool
    will only put in the required scripts in the future.


One can download my sample AJAX 196 AuthConfigProvider browser
here.
Note that we need to use a browser supporting AJAX (Firefox,
Internet Explorer et al, not Mozilla 1.x) in order to run this
example.

Join the discussion

Comments ( 10 )
  • Dennis Friday, March 23, 2007
    Thanks for the good example.
  • Steve M. Friday, September 21, 2007

    Today i will apply this code,I hope It will work in my project the way i am thinking this codec helpfull ,but i am looking for more of ur post regarding this kind of information.


  • &#22825;&#21338; Wednesday, January 30, 2008

    thanks for your sharing.


  • define Tuesday, June 3, 2008

    thanks


  • oyun Saturday, July 26, 2008

    Thanks so much.


  • oyunlar Wednesday, November 5, 2008

    Thank you


  • North Cyprus Holiday Saturday, January 10, 2009

    I like very much the writings and pictures and explanations in your adress so I look forward to see your next writings. I congratulate you.


  • oyunlar Tuesday, January 13, 2009

    thanks for this post admin


  • Breast Enlargement Friday, February 20, 2009

    Many women wish to enhance the size of their breast naturally. Some of them resort to breast enlargement pills. Women ho are hesitant to undergo breast implant surgery find it very appealing. Many women view breast enlargement pills as an easy and inexpensive way of increasing their breast size.


  • siki&#351; Tuesday, April 28, 2009

    Great site. I have found some info I need. Keep up!


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.