You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2008/06/18 00:15:15 UTC
svn commit: r668856 - in
/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests:
sec-ear/src/test/java/org/apache/geronimo/testsuite/security/
sec-ejb/src/main/java/org/apache/geronimo/itest/
sec-war/src/main/java/org/apache/geronimo/itest/ se...
Author: djencks
Date: Tue Jun 17 15:15:14 2008
New Revision: 668856
URL: http://svn.apache.org/viewvc?rev=668856&view=rev
Log:
GERONIMO-4119 Test that role-ref work after calling an ejb. Also actually use the injection test servlet
Modified:
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java Tue Jun 17 15:15:14 2008
@@ -64,7 +64,9 @@
"Test EJB principal: bar\n" +
"Correctly received security exception on noAccess method\n" +
"TestSession isCallerInRole foo: false\n" +
- "TestSession isCallerInRole bar: true", selenium.getText("xpath=/html/body"));
+ "TestSession isCallerInRole bar: true\n" +
+ "TestServlet isUserInRole foo: true\n" +
+ "TestServlet isUserInRole bar: false", selenium.getText("xpath=/html/body"));
}
@Test
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java Tue Jun 17 15:15:14 2008
@@ -24,5 +24,5 @@
public interface TestSession extends javax.ejb.EJBObject {
String testAccess() throws RemoteException;
String testNoAccess() throws RemoteException;
- boolean isCallerInRole(String role);
+ boolean isCallerInRole(String role) throws RemoteException;
}
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java Tue Jun 17 15:15:14 2008
@@ -16,14 +16,18 @@
*/
package org.apache.geronimo.itest;
-import javax.ejb.SessionBean;
import javax.ejb.EJBException;
+import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
+import javax.ejb.Remote;
+import javax.ejb.Local;
+import javax.ejb.Stateless;
+import javax.annotation.security.DeclareRoles;
/**
* @version $Rev$ $Date$
*/
-@javax.annotation.security.DeclareRoles({"foo", "bar"})
+@DeclareRoles({"foo", "bar"})
public class TestSessionBean implements SessionBean {
SessionContext sessionContext;
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java Tue Jun 17 15:15:14 2008
@@ -23,22 +23,21 @@
import javax.ejb.CreateException;
import javax.ejb.EJB;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
import javax.servlet.ServletException;
-import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.geronimo.security.ContextManager;
+
/**
* @version $Rev$ $Date$
*/
public class TestInjectionServlet extends HttpServlet {
- @EJB(name="TestSession")
- private TestSession session;
+ @EJB
+ private TestSessionHome sessionHome;
public void init() {
@@ -47,10 +46,15 @@
protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
PrintWriter out = httpServletResponse.getWriter();
- out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+ if (httpServletRequest.getUserPrincipal() == null) {
+ out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+ } else {
+ out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+ }
out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
try {
+ TestSession session = sessionHome.create();
String principalName = session.testAccess();
out.println("Test EJB principal: " + principalName);
try {
@@ -63,7 +67,11 @@
out.println("TestSession isCallerInRole bar: " + session.isCallerInRole("bar"));
} catch (RemoteException e) {
e.printStackTrace();
+ } catch (CreateException e) {
+ e.printStackTrace();
}
+ out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
+ out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
out.flush();
}
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java Tue Jun 17 15:15:14 2008
@@ -30,6 +30,8 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.geronimo.security.ContextManager;
+
/**
* @version $Rev$ $Date$
@@ -42,7 +44,11 @@
protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
PrintWriter out = httpServletResponse.getWriter();
- out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+ if (httpServletRequest.getUserPrincipal() == null) {
+ out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+ } else {
+ out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+ }
out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
try {
@@ -70,6 +76,8 @@
} catch (CreateException e) {
e.printStackTrace();
}
+ out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
+ out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
out.flush();
}
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml Tue Jun 17 15:15:14 2008
@@ -34,9 +34,9 @@
</run-as>
</servlet>
<servlet>
- <display-name>Security itest servlet</display-name>
+ <display-name>Security itest servlet (injection)</display-name>
<servlet-name>injectionServlet</servlet-name>
- <servlet-class>org.apache.geronimo.itest.TestServlet</servlet-class>
+ <servlet-class>org.apache.geronimo.itest.TestInjectionServlet</servlet-class>
<load-on-startup>0</load-on-startup>
<run-as>
<role-name>bar</role-name>