Make sure that you've imported the Product List sample application (Java) as part of this Exercise.
Within Eclipse IDE you should see the product-list-java project in the Project Explorer View.
- Build the project in Eclipse (
Context Menu -> Run As -> Maven install) -> Result: BUILD SUCCESS
The web.xml of the application must use auth-method with value XSUAA. This enables authentication of requests using incoming OAuth authentication tokens.
<web-app>
<display-name>Products App</display-name>
<login-config>
<auth-method>XSUAA</auth-method>
</login-config>
</web-app> In the Java coding, add the @ServletSecurity annotation to the Servlet com.sap.cp.cf.demoapps.ProductHttpServlet in order to apply scope checks to its endpoints:
@WebServlet({ "/products/*", "/productsByParam" })
// configure servlet to check against scope "$XSAPPNAME.read"
@ServletSecurity(@HttpConstraint(rolesAllowed = { "read" }))
public class ProductHttpServlet extends HttpServlet {
...
}- Build the project in Eclipse (
Context Menu -> Run As -> Maven install) -> Result: BUILD SUCCESS- Or, alternatively build the project on the console with the following commands:
D: cd D:\Files\Session\SEC364\teched2019-cloud-cf-product-list-teched2019\samples\java mvn clean install
- Or, alternatively build the project on the console with the following commands:
- Finally, make sure that the folder
D:\Files\Session\SEC364\teched2019-cloud-cf-product-list-teched2019\samples\java\targetcontains aproduct-list.warfile.
- Java Web Application Sample:
https://github.com/SAP/cloud-security-xsuaa-integration/tree/master/samples/sap-java-buildpack-api-usage - XSUAA Token Client and Token Flow API:
https://github.com/SAP/cloud-security-xsuaa-integration/tree/master/token-client
-
© 2019 SAP SE
