You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2008/06/18 00:15:15 UTC
svn commit: r668856 - in /geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests: sec-ear/src/test/java/org/apache/geronimo/testsuite/security/ sec-ejb/src/main/java/org/apache/geronimo/itest/ sec-war/src/main/java/org/apache/geronimo/itest/ se...

Author: djencks
Date: Tue Jun 17 15:15:14 2008
New Revision: 668856

URL: http://svn.apache.org/viewvc?rev=668856&view=rev
Log:
GERONIMO-4119 Test that role-ref work after calling an ejb.  Also actually use the injection test servlet

Modified:
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java Tue Jun 17 15:15:14 2008
@@ -64,7 +64,9 @@
             "Test EJB principal: bar\n" +
             "Correctly received security exception on noAccess method\n" +
             "TestSession isCallerInRole foo: false\n" +
-            "TestSession isCallerInRole bar: true", selenium.getText("xpath=/html/body"));
+            "TestSession isCallerInRole bar: true\n" +
+            "TestServlet isUserInRole foo: true\n" +
+            "TestServlet isUserInRole bar: false", selenium.getText("xpath=/html/body"));
     }
 
     @Test

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java Tue Jun 17 15:15:14 2008
@@ -24,5 +24,5 @@
 public interface TestSession  extends javax.ejb.EJBObject {
     String testAccess() throws RemoteException;
     String testNoAccess() throws RemoteException;
-    boolean isCallerInRole(String role);
+    boolean isCallerInRole(String role) throws RemoteException;
 }

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java Tue Jun 17 15:15:14 2008
@@ -16,14 +16,18 @@
  */
 package org.apache.geronimo.itest;
 
-import javax.ejb.SessionBean;
 import javax.ejb.EJBException;
+import javax.ejb.SessionBean;
 import javax.ejb.SessionContext;
+import javax.ejb.Remote;
+import javax.ejb.Local;
+import javax.ejb.Stateless;
+import javax.annotation.security.DeclareRoles;
 
 /**
  * @version $Rev$ $Date$
  */
-@javax.annotation.security.DeclareRoles({"foo", "bar"})
+@DeclareRoles({"foo", "bar"})
 public class TestSessionBean implements SessionBean {
 
     SessionContext sessionContext;

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java Tue Jun 17 15:15:14 2008
@@ -23,22 +23,21 @@
 
 import javax.ejb.CreateException;
 import javax.ejb.EJB;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
 import javax.servlet.ServletException;
-import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.geronimo.security.ContextManager;
+
 
 /**
  * @version $Rev$ $Date$
  */
 public class TestInjectionServlet extends HttpServlet {
 
-    @EJB(name="TestSession")
-    private TestSession session;
+    @EJB
+    private TestSessionHome sessionHome;
 
 
     public void init() {
@@ -47,10 +46,15 @@
 
     protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
         PrintWriter out = httpServletResponse.getWriter();
-        out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+        if (httpServletRequest.getUserPrincipal() == null) {
+            out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+        } else {
+            out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+        }
         out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
         out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
         try {
+            TestSession session = sessionHome.create();
             String principalName = session.testAccess();
             out.println("Test EJB principal: " + principalName);
             try {
@@ -63,7 +67,11 @@
             out.println("TestSession isCallerInRole bar: " + session.isCallerInRole("bar"));
         } catch (RemoteException e) {
             e.printStackTrace();
+        } catch (CreateException e) {
+            e.printStackTrace();
         }
+        out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
+        out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
         out.flush();
     }
 

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java Tue Jun 17 15:15:14 2008
@@ -30,6 +30,8 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.geronimo.security.ContextManager;
+
 
 /**
  * @version $Rev$ $Date$
@@ -42,7 +44,11 @@
 
     protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
         PrintWriter out = httpServletResponse.getWriter();
-        out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+        if (httpServletRequest.getUserPrincipal() == null) {
+            out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+        } else {
+            out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
+        }
         out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
         out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
         try {
@@ -70,6 +76,8 @@
         } catch (CreateException e) {
             e.printStackTrace();
         }
+        out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
+        out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
         out.flush();
     }
 

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml?rev=668856&r1=668855&r2=668856&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml Tue Jun 17 15:15:14 2008
@@ -34,9 +34,9 @@
         </run-as>
     </servlet>
     <servlet>
-        <display-name>Security itest servlet</display-name>
+        <display-name>Security itest servlet (injection)</display-name>
         <servlet-name>injectionServlet</servlet-name>
-        <servlet-class>org.apache.geronimo.itest.TestServlet</servlet-class>
+        <servlet-class>org.apache.geronimo.itest.TestInjectionServlet</servlet-class>
         <load-on-startup>0</load-on-startup>
         <run-as>
             <role-name>bar</role-name>