1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
27 * Similar to Java EE's Spec from Annotations 1.1, 2.8
\r
29 * That Spec, however, was geared towards being able to route calls to Methods on Objects, and thus needed a more refined
\r
30 * sense of permissions hierarchy. The same mechanism, however, can easily be achieved on single Servlet/Handlers in
\r
31 * POJOs like Jetty by simply adding the Roles Allowed in a similar Annotation
\r
34 package com.att.cadi.filter;
\r
35 import static java.lang.annotation.ElementType.TYPE;
\r
36 import static java.lang.annotation.RetentionPolicy.RUNTIME;
\r
38 import java.lang.annotation.Retention;
\r
39 import java.lang.annotation.Target;
\r
42 * JASPI Style Annotation of RolesAllowed when the coding style is desired but actually including all
\r
43 * JEE jars is not. If using actual JASPI, use official @interface classes, not this one...
\r
48 public @interface RolesAllowed {
\r
50 * Security role of the implementation, which doesn't have to be an EJB or CORBA like object. Can be just a
\r