...
The Fabric3 API includes the org.fabric3.api.annotation.security.RolesAllowed annotation, which is used to specify roles required to execute a portion of code. The RolesAllowed annotation can be placed on a method or class (in which case it will be applied to all methods contained in the class) to restrict access to security subjects with certain roles as follows:
| Code Block | ||||
|---|---|---|---|---|
| ||||
import org.fabric3.api.annotation.security.RolesAllowed;
public class SecureRolesServiceImpl implements SecureService {
@RolesAllowed({"role1", "role2"})
public void call() \{
// ...
}
}
|
...
In integration test environments, it is often required to simulate authentication credentials. For example, a test client may need to supply credentials to authenticate with the secure service it tests. Fabric3 JUnit test components can be configured with authentication credentials, and those credentials propagated over a remote transport such as Web Services. The following shows how to simulate username/password credentials:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<component name="SecurityTest">
<f3:junit class="...">
<configuration>
<username>scott</username>
<password>wombat</password>
</configuration>
</f3:junit>
<reference name="service" target="SCASecureService"/>
</component>
|
...