Skip to content

Commit 77053b6

Browse files
dschadowdschadow
committed
Initial XSS sample project for JBoss AS 7
Signed-off-by: Dominik Schadow <dominikschadow@googlemail.com>
1 parent a43aa46 commit 77053b6

File tree

17 files changed

+560
-0
lines changed

17 files changed

+560
-0
lines changed

Ch07_XSS/Users/dos/Eclipse/SecureJavaWebApps/Ch07_XSS/target/m2e-wtp/web-resources/META-INF/MANIFEST.MF

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
Manifest-Version: 1.0
2+
Built-By: dos
3+
Build-Jdk: 1.7.0_10
4+
Created-By: Maven Integration for Eclipse
5+

Ch07_XSS/Users/dos/Eclipse/SecureJavaWebApps/Ch07_XSS/target/m2e-wtp/web-resources/META-INF/maven/de.dominikschadow.webappsecurity/Ch07_XSS/pom.properties

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
#Generated by Maven Integration for Eclipse
2+
#Wed Jan 02 20:58:16 CET 2013
3+
version=1.0.0-SNAPSHOT
4+
groupId=de.dominikschadow.webappsecurity
5+
m2e.projectName=Ch07_XSS
6+
m2e.projectLocation=/Users/dos/Repositories/JavaWebAppSecurity/Ch07_XSS
7+
artifactId=Ch07_XSS

Ch07_XSS/Users/dos/Eclipse/SecureJavaWebApps/Ch07_XSS/target/m2e-wtp/web-resources/META-INF/maven/de.dominikschadow.webappsecurity/Ch07_XSS/pom.xml

Lines changed: 127 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,127 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
4+
<modelVersion>4.0.0</modelVersion>
5+
<groupId>de.dominikschadow.webappsecurity</groupId>
6+
<artifactId>Ch07_XSS</artifactId>
7+
<packaging>war</packaging>
8+
<version>1.0.0-SNAPSHOT</version>
9+
<name>Ch07_XSS</name>
10+
11+
<properties>
12+
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
13+
<jboss.home>${env.JBOSS_HOME}</jboss.home>
14+
<jboss.domain>default</jboss.domain>
15+
<jboss.bom.version>1.0.2.Final</jboss.bom.version>
16+
</properties>
17+
18+
<dependencyManagement>
19+
<dependencies>
20+
<dependency>
21+
<groupId>org.jboss.bom</groupId>
22+
<artifactId>jboss-javaee-6.0-with-tools</artifactId>
23+
<version>${jboss.bom.version}</version>
24+
<type>pom</type>
25+
<scope>import</scope>
26+
</dependency>
27+
28+
<dependency>
29+
<groupId>org.jboss.bom</groupId>
30+
<artifactId>jboss-javaee-6.0-with-hibernate</artifactId>
31+
<version>${jboss.bom.version}</version>
32+
<type>pom</type>
33+
<scope>import</scope>
34+
</dependency>
35+
36+
<dependency>
37+
<groupId>org.hibernate</groupId>
38+
<artifactId>hibernate-core</artifactId>
39+
<version>4.1.9.Final</version>
40+
<scope>provided</scope>
41+
</dependency>
42+
43+
</dependencies>
44+
</dependencyManagement>
45+
46+
<dependencies>
47+
<dependency>
48+
<groupId>org.jboss.spec.javax.ejb</groupId>
49+
<artifactId>jboss-ejb-api_3.1_spec</artifactId>
50+
<scope>provided</scope>
51+
</dependency>
52+
<dependency>
53+
<groupId>javax.enterprise</groupId>
54+
<artifactId>cdi-api</artifactId>
55+
<scope>provided</scope>
56+
</dependency>
57+
<dependency>
58+
<groupId>org.hibernate.javax.persistence</groupId>
59+
<artifactId>hibernate-jpa-2.0-api</artifactId>
60+
<scope>provided</scope>
61+
</dependency>
62+
<dependency>
63+
<groupId>org.hibernate</groupId>
64+
<artifactId>hibernate-jpamodelgen</artifactId>
65+
<scope>provided</scope>
66+
</dependency>
67+
<dependency>
68+
<groupId>org.jboss.spec.javax.faces</groupId>
69+
<artifactId>jboss-jsf-api_2.1_spec</artifactId>
70+
<scope>provided</scope>
71+
</dependency>
72+
</dependencies>
73+
74+
<repositories>
75+
<!-- JBoss Repository used for hibernate-validator 4.0.0.GA and Java-ee
76+
spec -->
77+
<repository>
78+
<id>repository.jboss.org</id>
79+
<name>JBoss Repository</name>
80+
<url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
81+
</repository>
82+
</repositories>
83+
84+
<build>
85+
<finalName>Ch07_XSS</finalName>
86+
<plugins>
87+
<!-- Facilitates downloading source and javadoc in Eclipse -->
88+
<plugin>
89+
<groupId>org.apache.maven.plugins</groupId>
90+
<artifactId>maven-eclipse-plugin</artifactId>
91+
<version>2.8</version>
92+
<configuration>
93+
<wtpversion>2.0</wtpversion>
94+
<downloadSources>true</downloadSources>
95+
<downloadJavadocs>true</downloadJavadocs>
96+
</configuration>
97+
</plugin>
98+
99+
100+
<!-- Ensures we are compiling at 1.6 level -->
101+
<plugin>
102+
<groupId>org.apache.maven.plugins</groupId>
103+
<artifactId>maven-compiler-plugin</artifactId>
104+
<version>2.3.2</version>
105+
<configuration>
106+
<source>1.6</source>
107+
<target>1.6</target>
108+
</configuration>
109+
</plugin>
110+
111+
<!-- JBoss AS plugin for command line deployment -->
112+
<plugin>
113+
<groupId>org.codehaus.mojo</groupId>
114+
<artifactId>jboss-maven-plugin</artifactId>
115+
<version>1.4.1</version>
116+
<configuration>
117+
<jbossHome>${jboss.home}</jbossHome>
118+
<serverName>${jboss.domain}</serverName>
119+
<fileNames>
120+
<fileName>${project.build.directory}/${project.build.finalName}.war</fileName>
121+
</fileNames>
122+
</configuration>
123+
</plugin>
124+
125+
</plugins>
126+
</build>
127+
</project>

Ch07_XSS/pom.xml

Lines changed: 127 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,127 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
4+
<modelVersion>4.0.0</modelVersion>
5+
<groupId>de.dominikschadow.webappsecurity</groupId>
6+
<artifactId>Ch07_XSS</artifactId>
7+
<packaging>war</packaging>
8+
<version>1.0.0-SNAPSHOT</version>
9+
<name>Ch07_XSS</name>
10+
11+
<properties>
12+
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
13+
<jboss.home>${env.JBOSS_HOME}</jboss.home>
14+
<jboss.domain>default</jboss.domain>
15+
<jboss.bom.version>1.0.2.Final</jboss.bom.version>
16+
</properties>
17+
18+
<dependencyManagement>
19+
<dependencies>
20+
<dependency>
21+
<groupId>org.jboss.bom</groupId>
22+
<artifactId>jboss-javaee-6.0-with-tools</artifactId>
23+
<version>${jboss.bom.version}</version>
24+
<type>pom</type>
25+
<scope>import</scope>
26+
</dependency>
27+
28+
<dependency>
29+
<groupId>org.jboss.bom</groupId>
30+
<artifactId>jboss-javaee-6.0-with-hibernate</artifactId>
31+
<version>${jboss.bom.version}</version>
32+
<type>pom</type>
33+
<scope>import</scope>
34+
</dependency>
35+
36+
<dependency>
37+
<groupId>org.hibernate</groupId>
38+
<artifactId>hibernate-core</artifactId>
39+
<version>4.1.9.Final</version>
40+
<scope>provided</scope>
41+
</dependency>
42+
43+
</dependencies>
44+
</dependencyManagement>
45+
46+
<dependencies>
47+
<dependency>
48+
<groupId>org.jboss.spec.javax.ejb</groupId>
49+
<artifactId>jboss-ejb-api_3.1_spec</artifactId>
50+
<scope>provided</scope>
51+
</dependency>
52+
<dependency>
53+
<groupId>javax.enterprise</groupId>
54+
<artifactId>cdi-api</artifactId>
55+
<scope>provided</scope>
56+
</dependency>
57+
<dependency>
58+
<groupId>org.hibernate.javax.persistence</groupId>
59+
<artifactId>hibernate-jpa-2.0-api</artifactId>
60+
<scope>provided</scope>
61+
</dependency>
62+
<dependency>
63+
<groupId>org.hibernate</groupId>
64+
<artifactId>hibernate-jpamodelgen</artifactId>
65+
<scope>provided</scope>
66+
</dependency>
67+
<dependency>
68+
<groupId>org.jboss.spec.javax.faces</groupId>
69+
<artifactId>jboss-jsf-api_2.1_spec</artifactId>
70+
<scope>provided</scope>
71+
</dependency>
72+
</dependencies>
73+
74+
<repositories>
75+
<!-- JBoss Repository used for hibernate-validator 4.0.0.GA and Java-ee
76+
spec -->
77+
<repository>
78+
<id>repository.jboss.org</id>
79+
<name>JBoss Repository</name>
80+
<url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
81+
</repository>
82+
</repositories>
83+
84+
<build>
85+
<finalName>Ch07_XSS</finalName>
86+
<plugins>
87+
<!-- Facilitates downloading source and javadoc in Eclipse -->
88+
<plugin>
89+
<groupId>org.apache.maven.plugins</groupId>
90+
<artifactId>maven-eclipse-plugin</artifactId>
91+
<version>2.8</version>
92+
<configuration>
93+
<wtpversion>2.0</wtpversion>
94+
<downloadSources>true</downloadSources>
95+
<downloadJavadocs>true</downloadJavadocs>
96+
</configuration>
97+
</plugin>
98+
99+
100+
<!-- Ensures we are compiling at 1.6 level -->
101+
<plugin>
102+
<groupId>org.apache.maven.plugins</groupId>
103+
<artifactId>maven-compiler-plugin</artifactId>
104+
<version>2.3.2</version>
105+
<configuration>
106+
<source>1.6</source>
107+
<target>1.6</target>
108+
</configuration>
109+
</plugin>
110+
111+
<!-- JBoss AS plugin for command line deployment -->
112+
<plugin>
113+
<groupId>org.codehaus.mojo</groupId>
114+
<artifactId>jboss-maven-plugin</artifactId>
115+
<version>1.4.1</version>
116+
<configuration>
117+
<jbossHome>${jboss.home}</jbossHome>
118+
<serverName>${jboss.domain}</serverName>
119+
<fileNames>
120+
<fileName>${project.build.directory}/${project.build.finalName}.war</fileName>
121+
</fileNames>
122+
</configuration>
123+
</plugin>
124+
125+
</plugins>
126+
</build>
127+
</project>

Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/DataRepository.java

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
package de.dominikschadow.webappsecurity;
2+
3+
import java.lang.annotation.ElementType;
4+
import java.lang.annotation.Retention;
5+
import java.lang.annotation.RetentionPolicy;
6+
import java.lang.annotation.Target;
7+
8+
import javax.inject.Qualifier;
9+
import javax.persistence.EntityManager;
10+
11+
/**
12+
* This is the CDI {@link Qualifier} that can be used to determine what objects
13+
* qualify for which injection points. For this application, it is used to
14+
* qualify the {@link EntityManager} injection point.
15+
*
16+
*/
17+
@Qualifier
18+
@Target({ElementType.FIELD, ElementType.METHOD, ElementType.PARAMETER})
19+
@Retention(RetentionPolicy.RUNTIME)
20+
public @interface DataRepository {}

Ch07_XSS/src/main/java/de/dominikschadow/webappsecurity/DataRepositoryProducer.java

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
package de.dominikschadow.webappsecurity;
2+
3+
import javax.ejb.Stateless;
4+
import javax.enterprise.context.ConversationScoped;
5+
import javax.enterprise.inject.Produces;
6+
import javax.persistence.EntityManager;
7+
import javax.persistence.PersistenceContext;
8+
9+
10+
/**
11+
* This is the stateless EJB that produced our {@link EntityManager} instance.
12+
* This EJB has an entity manager injected and we return it to CDI in our
13+
* {@link Produces} annotated method. We qualify the producer with the
14+
* {@link DataRepository} qualifier.
15+
*
16+
*/
17+
@Stateless
18+
public class DataRepositoryProducer {
19+
20+
21+
private EntityManager entityManager;
22+
23+
@Produces @DataRepository @ConversationScoped
24+
public EntityManager getEntityManager() {
25+
return entityManager;
26+
}
27+
28+
@PersistenceContext
29+
public void setEntityManager(EntityManager entityManager) {
30+
this.entityManager = entityManager;
31+
}
32+
33+
}

Ch07_XSS/src/main/resources/META-INF/persistence.xml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<persistence version="2.0"
3+
xmlns="http://java.sun.com/xml/ns/persistence" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4+
xsi:schemaLocation="
5+
http://java.sun.com/xml/ns/persistence
6+
http://java.sun.com/xml/ns/persistence/persistence_2_0.xsd">
7+
<persistence-unit name="primary">
8+
<jta-data-source>java:jboss/datasources/ExampleDS</jta-data-source>
9+
<properties>
10+
<property name="hibernate.hbm2ddl.auto" value="create-drop" />
11+
<property name="hibernate.show_sql" value="false" />
12+
</properties>
13+
</persistence-unit>
14+
</persistence>

Ch07_XSS/src/main/resources/MessageResources.properties

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
footerText=This text is defined in the MessageResource.properties file

Ch07_XSS/src/main/resources/import.sql

Whitespace-only changes.

Ch07_XSS/src/main/webapp/META-INF/MANIFEST.MF

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
Manifest-Version: 1.0
2+
Class-Path:
3+

0 commit comments

Comments
 (0)