You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jg...@apache.org on 2016/11/28 23:22:35 UTC
[14/14] tomee git commit: Added more tests to check EJB Remote http
Basic Authentication.
Added more tests to check EJB Remote http Basic Authentication.
Project: http://git-wip-us.apache.org/repos/asf/tomee/repo
Commit: http://git-wip-us.apache.org/repos/asf/tomee/commit/e0397f49
Tree: http://git-wip-us.apache.org/repos/asf/tomee/tree/e0397f49
Diff: http://git-wip-us.apache.org/repos/asf/tomee/diff/e0397f49
Branch: refs/heads/tomee-1.7.x
Commit: e0397f495e711f5f95dbb8dba5986fbeb7feea5a
Parents: 2663c6f
Author: Roberto Cortez <ra...@yahoo.com>
Authored: Thu Nov 17 01:43:35 2016 +0000
Committer: Roberto Cortez <ra...@yahoo.com>
Committed: Thu Nov 17 01:43:35 2016 +0000
----------------------------------------------------------------------
.../arquillian/tests/security/BusinessBean.java | 9 ++-
.../tests/security/BusinessRemote.java | 2 +
.../TomEEEjbServletAuthorizationHeaderTest.java | 66 ++++++++++++++++++--
.../src/test/resources/arquillian.xml | 4 +-
4 files changed, 73 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/tomee/blob/e0397f49/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessBean.java
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessBean.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessBean.java
index 5a101bf..41d4ee4 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessBean.java
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessBean.java
@@ -17,6 +17,7 @@
package org.apache.openejb.arquillian.tests.security;
import javax.annotation.Resource;
+import javax.annotation.security.RolesAllowed;
import javax.ejb.Lock;
import javax.ejb.LockType;
import javax.ejb.SessionContext;
@@ -31,15 +32,21 @@ public class BusinessBean implements BusinessRemote {
private SessionContext ctx;
@Override
+ @RolesAllowed("tomee-admin")
public String echo(final String input) {
return input;
}
@Override
+ @RolesAllowed("forbidden")
+ public void forbidden() {
+ }
+
+ @Override
public String getPrincipal() {
Principal callerPrincipal = ctx.getCallerPrincipal();
if (callerPrincipal == null) {
- return "null";
+ return "guest";
}
return callerPrincipal.getName();
http://git-wip-us.apache.org/repos/asf/tomee/blob/e0397f49/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessRemote.java
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessRemote.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessRemote.java
index e81f634..ab57961 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessRemote.java
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/BusinessRemote.java
@@ -23,5 +23,7 @@ public interface BusinessRemote {
String echo(String input);
+ void forbidden();
+
String getPrincipal();
}
http://git-wip-us.apache.org/repos/asf/tomee/blob/e0397f49/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/TomEEEjbServletAuthorizationHeaderTest.java
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/TomEEEjbServletAuthorizationHeaderTest.java b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/TomEEEjbServletAuthorizationHeaderTest.java
index 9e6a141..78371a9 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/TomEEEjbServletAuthorizationHeaderTest.java
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/java/org/apache/openejb/arquillian/tests/security/TomEEEjbServletAuthorizationHeaderTest.java
@@ -26,22 +26,24 @@ import org.jboss.arquillian.junit.Arquillian;
import org.jboss.arquillian.test.api.ArquillianResource;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.jboss.shrinkwrap.descriptor.api.webapp30.WebAppDescriptor;
-import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
+import javax.ejb.EJBAccessException;
import javax.naming.AuthenticationException;
import javax.naming.Context;
import javax.naming.InitialContext;
import java.net.URL;
import java.util.Properties;
+import static org.junit.Assert.assertEquals;
+
@RunWith(Arquillian.class)
@RunAsClient
public class TomEEEjbServletAuthorizationHeaderTest extends TestSetup {
-
- public static final String TEST_NAME = TomEEEjbServletAuthorizationHeaderTest.class.getSimpleName();
+ private static final String REMOTE_NAME = "global/TomEEEjbServletAuthorizationHeaderTest/BusinessBean!" +
+ "org.apache.openejb.arquillian.tests.security.BusinessRemote";
@ArquillianResource
private URL url;
@@ -57,8 +59,9 @@ public class TomEEEjbServletAuthorizationHeaderTest extends TestSetup {
p.setProperty("tomee.ejb.authentication.basic.password", "password");
final InitialContext context = new InitialContext(p);
- final BusinessRemote bean = (BusinessRemote) context.lookup("global/TomEEEjbServletAuthorizationHeaderTest/BusinessBean!org.apache.openejb.arquillian.tests.security.BusinessRemote");
- Assert.assertEquals("test", bean.echo("test"));
+ final BusinessRemote bean = (BusinessRemote) context.lookup(REMOTE_NAME);
+ assertEquals("test", bean.echo("test"));
+ assertEquals("tomee", bean.getPrincipal());
}
@Test(expected = AuthenticationException.class)
@@ -72,7 +75,58 @@ public class TomEEEjbServletAuthorizationHeaderTest extends TestSetup {
p.setProperty("tomee.ejb.authentication.basic.password", "wrong");
final InitialContext context = new InitialContext(p);
- context.lookup("global/TomEEEjbServletAuthorizationHeaderTest/BusinessBean!org.apache.openejb.arquillian.tests.security.BusinessRemote");
+ context.lookup(REMOTE_NAME);
+ }
+
+ @Test
+ public void testAuthenticateWithPrincipal() throws Exception {
+ final String ejbUrl = this.url.toExternalForm() + "ejb";
+
+ final Properties p = new Properties();
+ p.setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName());
+ p.setProperty(Context.PROVIDER_URL, ejbUrl);
+ p.setProperty("tomee.ejb.authentication.basic.login", "tomee");
+ p.setProperty("tomee.ejb.authentication.basic.password", "password");
+ p.setProperty(Context.SECURITY_PRINCIPAL, "admin");
+ p.setProperty(Context.SECURITY_CREDENTIALS, "admin");
+ final InitialContext context = new InitialContext(p);
+
+ final BusinessRemote bean = (BusinessRemote) context.lookup(REMOTE_NAME);
+ assertEquals("test", bean.echo("test"));
+ assertEquals("admin", bean.getPrincipal());
+ }
+
+ @Test(expected = AuthenticationException.class)
+ public void testFailedPrincipalAuthentication() throws Exception {
+ final String ejbUrl = this.url.toExternalForm() + "ejb";
+
+ final Properties p = new Properties();
+ p.setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName());
+ p.setProperty(Context.PROVIDER_URL, ejbUrl);
+ p.setProperty("tomee.ejb.authentication.basic.login", "tomee");
+ p.setProperty("tomee.ejb.authentication.basic.password", "password");
+ p.setProperty(Context.SECURITY_PRINCIPAL, "admin");
+ p.setProperty(Context.SECURITY_CREDENTIALS, "wrong");
+ final InitialContext context = new InitialContext(p);
+
+ context.lookup(REMOTE_NAME);
+ }
+
+ @Test(expected = EJBAccessException.class)
+ public void testAuthenticateWithPrincipalForbiddenCall() throws Exception {
+ final String ejbUrl = this.url.toExternalForm() + "ejb";
+
+ final Properties p = new Properties();
+ p.setProperty(Context.INITIAL_CONTEXT_FACTORY, RemoteInitialContextFactory.class.getName());
+ p.setProperty(Context.PROVIDER_URL, ejbUrl);
+ p.setProperty("tomee.ejb.authentication.basic.login", "tomee");
+ p.setProperty("tomee.ejb.authentication.basic.password", "password");
+ p.setProperty(Context.SECURITY_PRINCIPAL, "admin");
+ p.setProperty(Context.SECURITY_CREDENTIALS, "admin");
+ final InitialContext context = new InitialContext(p);
+
+ final BusinessRemote bean = (BusinessRemote) context.lookup(REMOTE_NAME);
+ bean.forbidden();
}
@Deployment(testable = false)
http://git-wip-us.apache.org/repos/asf/tomee/blob/e0397f49/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
----------------------------------------------------------------------
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
index 70bb894..c5f5733 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
@@ -35,9 +35,11 @@
</property>
<property name="users">
tomee=password
+ admin=admin
</property>
<property name="roles">
tomee=tomee-admin
+ admin=tomee-admin
</property>
</configuration>
</container>
@@ -76,4 +78,4 @@
</property>
</configuration>
</container>
-</arquillian>
\ No newline at end of file
+</arquillian>