Added sample for Servlet DIGEST authentication

Author: arjantijms

pom.xml

@@ -26,6 +26,8 @@
         <skipJAXWS>${skipTests}</skipJAXWS>
         <skipEAR>${skipTests}</skipEAR>
 
+        <skipServletClientCertificate>${skipTests</skipServletClientCertificate>
+        
         <!-- 
             Application Server versions 
             (these are downloaded and installed in these versions by Maven for the CI profiles)
@@ -357,10 +359,6 @@
         <profile>
             <id>payara-ci-managed</id>
 
-            <activation>
-                <activeByDefault>true</activeByDefault>
-            </activation>
-            
             <dependencies>
                  <!-- Java EE based client dependencies to contact a server via WebSocket or REST -->
                 <dependency>
@@ -426,10 +424,15 @@
             <id>payara-micro-managed</id>
 
             <properties>
+                <!-- JMS and JAXWS not supported by Micro -->
                 <skipJMS>true</skipJMS>
                 <skipJAXWS>true</skipJAXWS>
+                
                 <!-- Being a WebProfile++, Micro does not support ear archives -->
                 <skipEAR>true</skipEAR>
+                
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties>
 
             <dependencies>
@@ -490,6 +493,12 @@
 
         <profile>
             <id>payara-embedded</id>
+            
+             <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+            
             <dependencies>
                 <!-- Java EE based client dependencies to contact a server via WebSocket or REST -->
                 <dependency>
@@ -566,6 +575,12 @@
 
         <profile>
             <id>glassfish-embedded</id>
+            
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+            
             <dependencies>
                 <dependency>
                     <groupId>org.glassfish.main.extras</groupId>
@@ -694,9 +709,12 @@
 
         <profile>
             <id>wildfly-embedded</id>
+            
             <properties>
                 <serverProfile>standalone-full.xml</serverProfile>
                 <serverRoot>${project.build.directory}/wildfly-${wildfly.version}</serverRoot>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties>
             <dependencies>
                 <!-- Needed for websocket tests that use ContainerProvider.getWebSocketContainer() 
@@ -810,10 +828,14 @@
 
         <profile>
             <id>wildfly-ci-managed</id>
+            
             <properties>
                 <serverProfile>standalone-full.xml</serverProfile>
                 <serverRoot>${project.build.directory}/wildfly-${wildfly.version}</serverRoot>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties>
+            
             <dependencies>
                 <!-- Needed for websocket tests that use ContainerProvider.getWebSocketContainer() 
                      to connect from a the client to the websocket server.
@@ -921,6 +943,11 @@
         <profile>
             <id>wildfly-remote</id>
 
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+            
             <dependencies>
                 <!-- Needed for websocket tests that use ContainerProvider.getWebSocketContainer() 
                      to connect from a the client to the websocket server.
@@ -986,6 +1013,11 @@
 
         <profile>
             <id>wildfly-swarm</id>
+            
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
 
             <dependencies>
                 <!-- Needed for websocket tests that use ContainerProvider.getWebSocketContainer()
@@ -1066,6 +1098,13 @@
 
         <profile>
             <id>tomee-embedded</id>
+            
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+            
+            
             <dependencies>
                 <dependency>
                     <groupId>org.apache.tomee</groupId>
@@ -1125,6 +1164,11 @@
         <profile>
             <id>tomee-ci-managed</id>
 
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+            
             <repositories>
                 <repository>
                     <id>apache.snapshots</id> 
@@ -1234,6 +1278,11 @@
         <profile>
             <id>liberty-managed</id> <!-- Can also be used as remote -->
 
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
+            
             <dependencies>
                 <dependency>
                    <groupId>org.jboss.arquillian.container</groupId>
@@ -1290,6 +1339,11 @@
 
         <profile>
             <id>liberty-ci-managed</id>
+            
+            <properties>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
+            </properties>
 
             <dependencies>
                 <dependency>
@@ -1387,6 +1441,9 @@
                 <!-- Default target after having installed developer zip distribution for 
                     WebLogic -->
                 <weblogicRemoteArquillian_target>myserver</weblogicRemoteArquillian_target>
+                
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties>
 
             <dependencies>
@@ -1429,6 +1486,8 @@
                 <skipCDI>true</skipCDI>
                 <skipJSF>true</skipJSF>
                 <skipJACC>true</skipJACC>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties> 
 
             <dependencies>
@@ -1463,6 +1522,8 @@
                 <skipCDI>true</skipCDI>
                 <skipJSF>true</skipJSF>
                 <skipJACC>true</skipJACC>
+                <!-- Client-cert needs complicated cert setup, which hasn't been done -->
+                <skipServletClientCertificate>true</skipServletClientCertificate>
             </properties>
 
             <repositories>

servlet/pom.xml

@@ -30,7 +30,11 @@
 
         <!-- Security samples assuming the container identity store -->
         <module>security-basicauth</module>
+        <module>security-digest</module>
         <module>security-form-based</module>
+        <module>security-clientcert</module>
+        
+        
         <module>security-programmatic</module>
         <module>security-deny-uncovered</module>
 		<module>security-annotated</module>

servlet/security-clientcert/pom.xml

@@ -28,27 +28,16 @@
         </dependency>
     </dependencies>
 
-    <profiles>
-        <profile>
-            <id>payara-micro-managed</id>
-            <build>
-                <testResources>
-                    <testResource>
-                        <directory>src/test/resources</directory>
-                        <filtering>true</filtering>
-                    </testResource>
-                </testResources>
-                <plugins>
-                    <plugin>
-                        <artifactId>maven-surefire-plugin</artifactId>
-                        <configuration>
-                            <systemProperties>
-                                <payara.extraMicroOptions>--postdeploycommandfile ${project.build.directory}/test-classes/addUsersPayara.txt</payara.extraMicroOptions>
-                            </systemProperties>
-                        </configuration>
-                    </plugin>
-                </plugins>
-            </build>
-        </profile>
-    </profiles>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <skipTests>${skipServletClientCertificate}</skipTests>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+    
 </project>

servlet/security-digest/pom.xml

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.javaee7</groupId>
+        <artifactId>servlet</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    
+    <artifactId>servlet-security-digest</artifactId>
+    <packaging>war</packaging>
+    
+    <name>Java EE 7 Sample: servlet - security-digest</name>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <skipTests>${skipServletClientCertificate}</skipTests>
+                    <systemProperties>
+                        <org.apache.commons.logging.Log>org.apache.commons.logging.impl.SimpleLog</org.apache.commons.logging.Log>
+                        <org.apache.commons.logging.simplelog.showdatetime>true</org.apache.commons.logging.simplelog.showdatetime>
+                        <org.apache.commons.logging.simplelog.log.org.apache.http>DEBUG</org.apache.commons.logging.simplelog.log.org.apache.http>
+                        <org.apache.commons.logging.simplelog.log.org.apache.http.wire>ERROR</org.apache.commons.logging.simplelog.log.org.apache.http.wire>
+                    </systemProperties>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <dependencies>
+        <dependency>
+            <groupId>commons-codec</groupId>
+            <artifactId>commons-codec</artifactId>
+            <version>1.11</version>
+        </dependency>
+    </dependencies>
+    
+    <profiles>
+        <profile>
+            <id>payara-micro-managed</id>
+            <build>
+                <testResources>
+                    <testResource>
+                        <directory>src/test/resources</directory>
+                        <filtering>true</filtering>
+                    </testResource>
+                </testResources>
+                <plugins>
+                    <plugin>
+                        <artifactId>maven-surefire-plugin</artifactId>
+                        <configuration>
+                            <systemProperties>
+                                <payara.extraMicroOptions>--postdeploycommandfile ${project.build.directory}/test-classes/addUsersPayara.txt</payara.extraMicroOptions>
+                            </systemProperties>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+</project>

servlet/security-digest/src/main/java/org/javaee7/servlet/security/digest/DatabaseSetup.java

@@ -0,0 +1,77 @@
+/** Copyright Payara Services Limited **/
+package org.javaee7.servlet.security.digest;
+
+import static org.apache.commons.codec.digest.DigestUtils.md5Hex;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.SQLException;
+
+import javax.annotation.Resource;
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+import javax.servlet.annotation.WebListener;
+import javax.sql.DataSource;
+
+
+/**
+ * 
+ * @author Arjan Tijms
+ *
+ */
+@WebListener
+public class DatabaseSetup implements ServletContextListener {
+    
+    @Resource
+    private DataSource dataSource;
+
+    @Override
+    public void contextInitialized(ServletContextEvent sce) {
+        System.out.println("Creating DB tables");
+        
+        // Note "eesamplesdigestrealm" is the name of the realm as defined in web.xml:
+        //
+        //<login-config>
+        //    <auth-method>DIGEST</auth-method>
+        //    <realm-name>eesamplesdigestrealm</realm-name>
+        //</login-config>
+        
+        String ha1 = md5Hex("u1" + ":" + "eesamplesdigestrealm" + ":" + "p1");
+        
+        System.out.println("ha1=" + ha1);
+        
+        execute(dataSource, "DROP TABLE IF EXISTS usertable");
+        execute(dataSource, "DROP TABLE IF EXISTS grouptable");
+        
+        System.out.println("Adding user u1 with group g1 to database");
+        
+        execute(dataSource, "CREATE TABLE IF NOT EXISTS usertable(username VARCHAR(32) PRIMARY KEY, password VARCHAR(127))");
+        execute(dataSource, "CREATE TABLE IF NOT EXISTS grouptable(username VARCHAR(64), groupname VARCHAR(64))");
+        
+        execute(dataSource, "INSERT INTO usertable VALUES('u1', '" + ha1 + "')");
+        
+        execute(dataSource, "INSERT INTO grouptable VALUES('u1', 'g1')");
+    }
+    
+    @Override
+    public void contextDestroyed(ServletContextEvent sce) {
+        try {
+            execute(dataSource, "DROP TABLE IF EXISTS usertable");
+            execute(dataSource, "DROP TABLE IF EXISTS grouptable");
+        } catch (Exception e) {
+        }
+        
+    }
+    
+    private void execute(DataSource dataSource, String query) {
+        try (
+            Connection connection = dataSource.getConnection(); 
+            PreparedStatement statement = connection.prepareStatement(query);
+        ) {
+            statement.executeUpdate();
+        } catch (SQLException e) {
+           throw new IllegalStateException(e);
+        }
+    }
+    
+}