This project is a Maven Archetype for Java EE MVC web application that implements Java EE Security features. The site demonstrates form based security implemented against a database. The site allows users to self-register. User information is stored in the database and new users are assigned the USER role. The project uses FORM based security for protection of specified views(URLs). Additionally, an ADMIN role is defined and a default administrator is inserted into the database at build-time. Admin's can inspect and manage all users. This project is intended to be instructive for developers interested in Java EE site security implementation.
Java EE Servlet 3.0 HttpSevletRequest.login() and logout() define security, which is handled by the application server, in this case Wildfly 10. User and Role entities are created and query strings are put into the Wildfly configuration files. A logged in user may access the UserDetail and ChangePassword URLs. Form based security is configured in web.xml and the browser is redirected to login forms when access to restricted resources is attempted. Role base security is also implemented for EJB's, but since there is no EJB client it is redundant and provided for completeness. The currently logged in user is stored in the http session so JSF pages can access user information and roles.
Support for Wildfly Swarm(Thorntail) has been added so that a single jar file can be created and run or deployed. See below for further information.
None of the code uses anything vender specific, but the container configuration files are Wildfly specific. It is left up to the user to port to any other Java EE compliant server if desired. Wildfly 11 version was used.
This project uses Junit/Arquillian/Drone/Graphene automated testing.
This project was inspired by kolorobot's Spring-Mvc-Quickstart-Archetype project.. This readme.md started with the readme.md from the same.
You can see the project in action on OpenShift.
If this has happened, you will need to refresh the site for a couple of minutes while OpenShift
starts the project up again.
- Java EE MVC web application for Wildly 11 environment
- JSF 2.2 and Bootstrap
- JPA 2.1
- H2DB (H2 Development Database)
- JUnit/Arquillian/Drone/Graphene for testing
- Java EE MVC Supported by JBoss/Wildfly Database Module
- Redhat Swarm (Thorntail) support
To install the archetype in your local repository execute following commands:
git clone https://github.com/knicholas/javaee-security-archetype.git
cd javaee-security-archetype
mvn clean install
mvn archetype:generate \
-DarchetypeGroupId=jsec \
-DarchetypeArtifactId=javaee-security-archetype \
-DarchetypeVersion=1.0.0 \
-DgroupId=my.groupid \
-DartifactId=my-artifactId \
-Dversion=version
or
mvn archetype:generate \
-DarchetypeCatalog=local
###Install the security-domain
The security configuration of Wildfly needs to be updated because this archetype uses container managed security. There are two ways to do this.
-
Probably the best way, run the
configure-security-domain.cli
JBoss/Wildfly command line interface script. This will add a security domain namedjavaee-security-quickstart
. If you want to change it, be sure to change thesrc/main/webapp/WEB-INF/jboss-web.xml
file as well. -
Manually add the file
javaee-security-domain.xml
, found in the root of your new project, to the Wildfly server's configuration file, which is typically standalone.xml. Find the<security-domains>
section of the configuration file and insert the contents of the jboss-security-domain.xml into the section as a new<security-domain>
.
Insure Wildfy's security-domain
is configured. See specific instructions above.
Start the local wildfly server, e.g., $JBOSS_HOME/bin/standalone.sh
If you want to watch it run the tests install Firefox.
For headless testing, use:
mvn test -Parq-wildfly-remote
For testing using firefox, use:
mvn test -Parq-wildfly-remote,firefox
Insure Wildfy's security-domain
is configured. See specific instructions above.
Start the local wildfly server, e.g., $JBOSS_HOME/bin/standalone.sh
mvn clean install wildfly:deploy
Insure Wildfy's security-domain
is configured. See specific instructions above.
Start the local wildfly server, e.g., $JBOSS_HOME/bin/standalone.sh
http://localhost:8080/jsec (or your package name)
mvn wildfly:undeploy
Create your own [email protected]
user and password.
The admin user and password is loaded from src/main/resources/META-INF/load-script.sql
, and the password
is SHA-256/Base64 encoded, as specified in the jboss-security-domain.xml file. To change it, you can do either of
the following.
- Get a new password by editing the
src/main/java/service/UserSessionBean.java
file. At the end you will find a main method that encodes a string for you. Put your password of choice in the string and run it as a Java application. Copy the output string to the load-script password field. Set the email field to a field of your choice. It's probably not a good idea check the changes showing your new password into source control. - Or, use the default user id and password of
[email protected]/admin
and change the password after you login. If you want to change the email, create a new account and use the current admin account to promote the new account to admin. Then you will be able to use the new admin account to delete to old one if you want to.
This archetype has been added to Maven.org
and so it is available in
the list of maven archetypes for eclipse.
- Be sure no projects are selected in Eclipse.
- Select File->New->Maven Project
- type
javaee-security-quickstart
into the filter to find this archetype. - Follow the prompts.
To create a single jar do
mvn package -Pswarm
The single jar will be created in the target directory named javaee-security-quickstart-swarm.jar
(or whatever you named your project). Run it with the command
java -jar target/javaee-security-quickstart-swarm.jar
The jar can be deployed in a container that supports running java, on Openshift for example. The demonstration deployment is running on openshift with 384 Mb of memory. Notes for Openshift include:
- Set environment GC_MAX_METASPACE_SIZE=192 environment variable. See Red Hat Java S2I for OpenShift for full details.
- Highly recommended to use OpenJDK 8 Image for Java Applications for JDK runtime as it is container aware.