You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2015/01/09 11:23:25 UTC
tomee git commit: TOMEE-1490 enhancing cdi-realm with a test
Repository: tomee
Updated Branches:
refs/heads/develop 78a246483 -> fea2a0243
TOMEE-1490 enhancing cdi-realm with a test
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/fea2a024
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/fea2a024
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/fea2a024
Branch: refs/heads/develop
Commit: fea2a02434ed1ccd361556cbd43eb3d7b495a788
Parents: 78a2464
Author: Romain Manni-Bucau <rm...@apache.org>
Authored: Fri Jan 9 11:23:12 2015 +0100
Committer: Romain Manni-Bucau <rm...@apache.org>
Committed: Fri Jan 9 11:23:12 2015 +0100
----------------------------------------------------------------------
examples/cdi-realm/pom.xml | 36 ++++++-
.../src/main/java/org/superbiz/AuthBean.java | 20 ++--
.../main/java/org/superbiz/SecuredServlet.java | 32 ++++++
.../src/main/webapp/META-INF/context.xml | 8 +-
.../test/java/org/superbiz/AuthBeanTest.java | 102 +++++++++++++++++++
.../cdi-realm/src/test/resources/arquillian.xml | 31 ++++++
6 files changed, 208 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tomee/blob/fea2a024/examples/cdi-realm/pom.xml
----------------------------------------------------------------------
diff --git a/examples/cdi-realm/pom.xml b/examples/cdi-realm/pom.xml
index 769c0a4..9b83764 100644
--- a/examples/cdi-realm/pom.xml
+++ b/examples/cdi-realm/pom.xml
@@ -22,10 +22,11 @@
<groupId>org.superbiz</groupId>
<artifactId>cdi-realm</artifactId>
<packaging>war</packaging>
- <version>1.1.0-SNAPSHOT</version>
+ <version>1.1.1-SNAPSHOT</version>
<name>OpenEJB :: Examples :: CDI Realm</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <tomee.version>2.0.0-SNAPSHOT</tomee.version>
</properties>
<build>
<defaultGoal>install</defaultGoal>
@@ -35,8 +36,8 @@
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
- <source>1.7</source>
- <target>1.7</target>
+ <source>1.6</source>
+ <target>1.6</target>
</configuration>
</plugin>
<plugin>
@@ -50,7 +51,7 @@
<plugin>
<groupId>org.apache.openejb.maven</groupId>
<artifactId>tomee-maven-plugin</artifactId>
- <version>2.0.0-SNAPSHOT</version>
+ <version>${tomee.version}</version>
</plugin>
</plugins>
</build>
@@ -58,7 +59,7 @@
<repository>
<id>apache-m2-snapshot</id>
<name>Apache Snapshot Repository</name>
- <url>https://repository.apache.org/content/groups/snapshots</url>
+ <url>http://repository.apache.org/snapshots</url>
</repository>
</repositories>
<dependencies>
@@ -68,6 +69,31 @@
<version>7.0-SNAPSHOT</version>
<scope>provided</scope>
</dependency>
+
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.12</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.arquillian.junit</groupId>
+ <artifactId>arquillian-junit-container</artifactId>
+ <version>1.1.5.Final</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.openejb</groupId>
+ <artifactId>arquillian-tomee-remote</artifactId>
+ <version>${tomee.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.httpcomponents</groupId>
+ <artifactId>httpclient</artifactId>
+ <version>4.3.6</version>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<!-- This section allows you to configure where to publish libraries for
http://git-wip-us.apache.org/repos/asf/tomee/blob/fea2a024/examples/cdi-realm/src/main/java/org/superbiz/AuthBean.java
----------------------------------------------------------------------
diff --git a/examples/cdi-realm/src/main/java/org/superbiz/AuthBean.java b/examples/cdi-realm/src/main/java/org/superbiz/AuthBean.java
index 78086ee..bee66b9 100644
--- a/examples/cdi-realm/src/main/java/org/superbiz/AuthBean.java
+++ b/examples/cdi-realm/src/main/java/org/superbiz/AuthBean.java
@@ -19,10 +19,9 @@ package org.superbiz;
import javax.enterprise.context.RequestScoped;
import java.security.Principal;
-@RequestScoped
+@RequestScoped // just to show we can be bound to the request but @ApplicationScoped is what makes sense
public class AuthBean {
-
- public Principal authenticate(final String username, final String password) {
+ public Principal authenticate(final String username, String password) {
if (("userA".equals(username) || "userB".equals(username)) && "test".equals(password)) {
return new Principal() {
@Override
@@ -40,15 +39,10 @@ public class AuthBean {
}
public boolean hasRole(final Principal principal, final String role) {
- if (principal == null) {
- return false;
- }
- if (principal.getName().equals("userA") && (role.equals("admin") || role.equals("user"))) {
- return true;
- }
- if (principal.getName().equals("userB") && (role.equals("user"))) {
- return true;
- }
- return false;
+ return principal != null && (
+ principal.getName().equals("userA") && (role.equals("admin")
+ || role.equals("user"))
+ || principal.getName().equals("userB") && (role.equals("user"))
+ );
}
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/fea2a024/examples/cdi-realm/src/main/java/org/superbiz/SecuredServlet.java
----------------------------------------------------------------------
diff --git a/examples/cdi-realm/src/main/java/org/superbiz/SecuredServlet.java b/examples/cdi-realm/src/main/java/org/superbiz/SecuredServlet.java
new file mode 100644
index 0000000..884db32
--- /dev/null
+++ b/examples/cdi-realm/src/main/java/org/superbiz/SecuredServlet.java
@@ -0,0 +1,32 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.superbiz;
+
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@WebServlet("/servlet")
+public class SecuredServlet extends HttpServlet {
+ @Override
+ protected void service(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
+ resp.getWriter().write("Servlet!");
+ }
+}
http://git-wip-us.apache.org/repos/asf/tomee/blob/fea2a024/examples/cdi-realm/src/main/webapp/META-INF/context.xml
----------------------------------------------------------------------
diff --git a/examples/cdi-realm/src/main/webapp/META-INF/context.xml b/examples/cdi-realm/src/main/webapp/META-INF/context.xml
index d7959ae..367d033 100644
--- a/examples/cdi-realm/src/main/webapp/META-INF/context.xml
+++ b/examples/cdi-realm/src/main/webapp/META-INF/context.xml
@@ -15,6 +15,8 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<Context>
- <Realm cdi="true" className="org.apache.tomee.catalina.realm.LazyRealm" realmClass="org.superbiz.AuthBean"/>
-</Context>
\ No newline at end of file
+<Context preemptiveAuthentication="true">
+ <Valve className="org.apache.catalina.authenticator.BasicAuthenticator" />
+ <Realm className="org.apache.tomee.catalina.realm.LazyRealm"
+ cdi="true" realmClass="org.superbiz.AuthBean"/>
+</Context>
http://git-wip-us.apache.org/repos/asf/tomee/blob/fea2a024/examples/cdi-realm/src/test/java/org/superbiz/AuthBeanTest.java
----------------------------------------------------------------------
diff --git a/examples/cdi-realm/src/test/java/org/superbiz/AuthBeanTest.java b/examples/cdi-realm/src/test/java/org/superbiz/AuthBeanTest.java
new file mode 100644
index 0000000..d89d691
--- /dev/null
+++ b/examples/cdi-realm/src/test/java/org/superbiz/AuthBeanTest.java
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.superbiz;
+
+import org.apache.http.HttpHost;
+import org.apache.http.auth.AuthScope;
+import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.http.client.AuthCache;
+import org.apache.http.client.methods.CloseableHttpResponse;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.protocol.HttpClientContext;
+import org.apache.http.impl.auth.BasicScheme;
+import org.apache.http.impl.client.BasicAuthCache;
+import org.apache.http.impl.client.BasicCredentialsProvider;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
+import org.apache.http.util.EntityUtils;
+import org.apache.openejb.arquillian.common.IO;
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.arquillian.test.api.ArquillianResource;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.asset.EmptyAsset;
+import org.jboss.shrinkwrap.api.asset.FileAsset;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import java.io.File;
+import java.io.IOException;
+import java.net.URL;
+
+import static org.hamcrest.CoreMatchers.startsWith;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThat;
+
+@RunWith(Arquillian.class)
+public class AuthBeanTest {
+ @Deployment(testable = false)
+ public static WebArchive createDeployment() {
+ return ShrinkWrap.create(WebArchive.class, "low-typed-realm.war")
+ .addClasses(SecuredServlet.class, AuthBean.class)
+ .addAsManifestResource(new FileAsset(new File("src/main/webapp/META-INF/context.xml")), "context.xml")
+ .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
+ }
+
+ @ArquillianResource
+ private URL webapp;
+
+ @Test
+ public void success() throws IOException {
+ assertEquals("200 Servlet!", get("userA", "test"));
+ }
+
+ @Test
+ public void failure() throws IOException {
+ assertThat(get("userA", "oops, wrong password"), startsWith("401"));
+ }
+
+ private String get(final String user, final String password) {
+ final BasicCredentialsProvider basicCredentialsProvider = new BasicCredentialsProvider();
+ basicCredentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(user, password));
+ final CloseableHttpClient client = HttpClients.custom()
+ .setDefaultCredentialsProvider(basicCredentialsProvider).build();
+
+ final HttpHost httpHost = new HttpHost(webapp.getHost(), webapp.getPort(), webapp.getProtocol());
+ final AuthCache authCache = new BasicAuthCache();
+ final BasicScheme basicAuth = new BasicScheme();
+ authCache.put(httpHost, basicAuth);
+ final HttpClientContext context = HttpClientContext.create();
+ context.setAuthCache(authCache);
+
+ final HttpGet get = new HttpGet(webapp.toExternalForm() + "servlet");
+ CloseableHttpResponse response = null;
+ try {
+ response = client.execute(httpHost, get, context);
+ return response.getStatusLine().getStatusCode() + " " + EntityUtils.toString(response.getEntity());
+ } catch (final IOException e) {
+ throw new IllegalStateException(e);
+ } finally {
+ try {
+ IO.close(response);
+ } catch (final IOException e) {
+ // no-op
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/tomee/blob/fea2a024/examples/cdi-realm/src/test/resources/arquillian.xml
----------------------------------------------------------------------
diff --git a/examples/cdi-realm/src/test/resources/arquillian.xml b/examples/cdi-realm/src/test/resources/arquillian.xml
new file mode 100644
index 0000000..1db3d40
--- /dev/null
+++ b/examples/cdi-realm/src/test/resources/arquillian.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<arquillian xmlns="http://jboss.org/schema/arquillian"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://jboss.org/schema/arquillian http://jboss.org/schema/arquillian/arquillian_1_0.xsd">
+ <container qualifier="tomee" default="true">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="dir">target/tomee</property>
+ <property name="appWorkingDir">target/arquillian-dump-dir</property>
+ </configuration>
+ </container>
+</arquillian>