1 package com.atlassian.plugins.rest.helloworld; 2 3 import com.atlassian.plugins.rest.common.security.CorsAllowed; 4 import com.atlassian.plugins.rest.common.security.AnonymousAllowed; 5 import com.atlassian.plugins.rest.common.security.AuthenticationContext; 6 7 import java.security.Principal; 8 import javax.ws.rs.GET; 9 import javax.ws.rs.Path; 10 import javax.ws.rs.Produces; 11 import javax.ws.rs.core.Context; 12 13 @Path ("/helloworld") 14 15 public class HelloWorld 16 { 17 @GET 18 @Produces ("text/plain") 19 @Path ("/authenticated") 20 public String getAuthenticatedMessage() 21 { 22 return "Goodbye Authenticated World"; 23 } 24 25 @GET 26 @Produces ("text/plain") 27 @Path ("/anonymous") 28 @AnonymousAllowed 29 @CorsAllowed 30 public String getAnonymousMessage() 31 { 32 return "Goodbye Anonymous World"; 33 } 34 35 @GET 36 @Produces ("text/plain") 37 @Path ("/admin") 38 @AnonymousAllowed 39 public String getMessageForAdmin(@Context AuthenticationContext authenticationContext) 40 { 41 checkIsUser(authenticationContext, "admin"); 42 return "Goodbye " + authenticationContext.getPrincipal(); 43 } 44 45 private void checkIsUser(AuthenticationContext context, String userName) 46 { 47 final Principal principal = context.getPrincipal(); 48 if (principal == null || !principal.getName().equals(userName)) 49 { 50 throw new SecurityException("You're not '" + userName + "' I know who you really are'" + principal + "', you can't access this information"); 51 } 52 } 53 }