You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@deltaspike.apache.org by li...@apache.org on 2012/03/29 19:36:32 UTC
git commit: DELTASPIKE-126: Submitted on behalf of a third-part: Red
Hat, Inc. under the terms of the ALv2
Updated Branches:
refs/heads/master 2d231e8fc -> 175abe1fb
DELTASPIKE-126: Submitted on behalf of a third-part: Red Hat, Inc. under the terms of the ALv2
Project: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/commit/175abe1f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/tree/175abe1f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/diff/175abe1f
Branch: refs/heads/master
Commit: 175abe1fb1512ec2b9e2e4350e4dc7dfc011755f
Parents: 2d231e8
Author: Lincoln Baxter, III <li...@gmail.com>
Authored: Thu Mar 29 13:34:55 2012 -0400
Committer: Lincoln Baxter, III <li...@gmail.com>
Committed: Thu Mar 29 13:34:55 2012 -0400
----------------------------------------------------------------------
.../annotation/SecurityParameterBinding.java | 39 +++++
.../security/impl/authorization/Authorizer.java | 49 +++----
.../SecurityParameterValueRedefiner.java | 106 ++++++++++++++
.../securityparameterbinding/CustomAuthorizer.java | 37 +++++
.../CustomSecurityBinding.java | 40 ++++++
.../securityparameterbinding/MockObject.java | 47 ++++++
.../securityparameterbinding/MockParamBinding.java | 46 ++++++
.../securityparameterbinding/SecuredBean1.java | 36 +++++
.../securityparameterbinding/SecuredBean2.java | 36 +++++
.../SecurityParameterBindingTest.java | 109 +++++++++++++++
10 files changed, 517 insertions(+), 28 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/authorization/annotation/SecurityParameterBinding.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/authorization/annotation/SecurityParameterBinding.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/authorization/annotation/SecurityParameterBinding.java
new file mode 100644
index 0000000..92c62e8
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/authorization/annotation/SecurityParameterBinding.java
@@ -0,0 +1,39 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.deltaspike.security.api.authorization.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Applied to an {@link Annotation} to declare it as a security parameter binding; to use business method invocation
+ * values as {@link Secures} method arguments.
+ *
+ * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a>
+ */
+@Documented
+@Target({ ElementType.PARAMETER, ElementType.ANNOTATION_TYPE })
+@Retention(RetentionPolicy.RUNTIME)
+public @interface SecurityParameterBinding
+{
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/Authorizer.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/Authorizer.java b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/Authorizer.java
index d7684ee..230a4b2 100644
--- a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/Authorizer.java
+++ b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/Authorizer.java
@@ -18,12 +18,13 @@
*/
package org.apache.deltaspike.security.impl.authorization;
-import org.apache.deltaspike.core.api.metadata.builder.InjectableMethod;
-import org.apache.deltaspike.core.api.metadata.builder.ParameterValueRedefiner;
-import org.apache.deltaspike.security.api.authorization.AccessDeniedException;
-import org.apache.deltaspike.security.api.authorization.SecurityDefinitionException;
-import org.apache.deltaspike.security.api.authorization.SecurityViolation;
-import org.apache.deltaspike.security.api.authorization.annotation.SecurityBindingType;
+import java.lang.annotation.Annotation;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
import javax.enterprise.context.spi.CreationalContext;
import javax.enterprise.inject.Stereotype;
@@ -33,14 +34,19 @@ import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.enterprise.util.Nonbinding;
import javax.interceptor.InvocationContext;
-import java.lang.annotation.Annotation;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
+import org.apache.deltaspike.core.api.metadata.builder.InjectableMethod;
+import org.apache.deltaspike.security.api.authorization.AccessDeniedException;
+import org.apache.deltaspike.security.api.authorization.SecurityDefinitionException;
+import org.apache.deltaspike.security.api.authorization.SecurityViolation;
+import org.apache.deltaspike.security.api.authorization.annotation.SecurityBindingType;
+
+/**
+ * Responsible for authorizing method invocations.
+ *
+ * @author Shane Bryzak
+ * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a>
+ */
@Typed()
class Authorizer
{
@@ -93,21 +99,8 @@ class Authorizer
Object reference = beanManager.getReference(boundAuthorizerBean,
boundAuthorizerMethod.getJavaMember().getDeclaringClass(), creationalContext);
- Object result = boundAuthorizerMethodProxy.invoke(reference, creationalContext, new ParameterValueRedefiner() {
-
- @Override
- public Object redefineParameterValue(ParameterValue value)
- {
- if (value.getInjectionPoint().getAnnotated().getBaseType().equals(InvocationContext.class))
- {
- return ic;
- }
- else
- {
- return value.getDefaultValue(creationalContext);
- }
- }
- });
+ Object result = boundAuthorizerMethodProxy.invoke(reference, creationalContext,
+ new SecurityParameterValueRedefiner(creationalContext, ic));
if (result.equals(Boolean.FALSE))
{
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/SecurityParameterValueRedefiner.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/SecurityParameterValueRedefiner.java b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/SecurityParameterValueRedefiner.java
new file mode 100644
index 0000000..50c1b9a
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/authorization/SecurityParameterValueRedefiner.java
@@ -0,0 +1,106 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.security.impl.authorization;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Method;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.enterprise.context.spi.CreationalContext;
+import javax.enterprise.inject.spi.Annotated;
+import javax.enterprise.inject.spi.InjectionPoint;
+import javax.interceptor.InvocationContext;
+
+import org.apache.deltaspike.core.api.metadata.builder.ParameterValueRedefiner;
+import org.apache.deltaspike.security.api.authorization.annotation.SecurityParameterBinding;
+
+/**
+ * Responsible for supplying requested method invocation values to the security binding method.
+ *
+ * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a>
+ */
+public class SecurityParameterValueRedefiner implements ParameterValueRedefiner
+{
+ private CreationalContext<?> creationalContext;
+ private InvocationContext invocation;
+
+ public SecurityParameterValueRedefiner(CreationalContext<?> creationalContext, InvocationContext invocation)
+ {
+ this.invocation = invocation;
+ this.creationalContext = creationalContext;
+ }
+
+ @Override
+ public Object redefineParameterValue(ParameterValue value)
+ {
+
+ InjectionPoint injectionPoint = value.getInjectionPoint();
+ if (injectionPoint != null)
+ {
+ if (value.getInjectionPoint().getAnnotated().getBaseType().equals(InvocationContext.class))
+ {
+ return invocation;
+ }
+ else
+ {
+ Annotated securingParameterAnnotatedType = injectionPoint.getAnnotated();
+ Set<Annotation> securingParameterAnnotations = securingParameterAnnotatedType.getAnnotations();
+
+ Set<Annotation> requiredBindingAnnotations = new HashSet<Annotation>();
+ for (Annotation annotation : securingParameterAnnotations)
+ {
+ if (annotation.annotationType().isAnnotationPresent(SecurityParameterBinding.class))
+ {
+ requiredBindingAnnotations.add(annotation);
+ }
+ }
+
+ if (!requiredBindingAnnotations.isEmpty())
+ {
+ Method method = invocation.getMethod();
+ Annotation[][] businessMethodParameterAnnotations = method.getParameterAnnotations();
+ for (int i = 0; i < businessMethodParameterAnnotations.length; i++)
+ {
+ List<Annotation> businessParameterAnnotations = Arrays
+ .asList(businessMethodParameterAnnotations[i]);
+ for (Annotation annotation : requiredBindingAnnotations)
+ {
+ if (businessParameterAnnotations.contains(annotation))
+ {
+ return invocation.getParameters()[i];
+ }
+ }
+ }
+
+ throw new IllegalStateException("Missing required security parameter binding "
+ + requiredBindingAnnotations + " on method invocation ["
+ + method.getDeclaringClass().getName() + "." + method.getName()
+ + Arrays.asList(method.getParameterTypes()).toString().replaceFirst("\\[", "(")
+ .replaceFirst("\\]$", ")") + "]");
+
+ }
+ }
+ }
+
+ return value.getDefaultValue(creationalContext);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomAuthorizer.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomAuthorizer.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomAuthorizer.java
new file mode 100644
index 0000000..861b5ee
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomAuthorizer.java
@@ -0,0 +1,37 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+import org.apache.deltaspike.security.api.authorization.annotation.Secures;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.interceptor.InvocationContext;
+
+@ApplicationScoped
+@SuppressWarnings("UnusedDeclaration")
+public class CustomAuthorizer
+{
+ @Secures
+ @CustomSecurityBinding
+ @SuppressWarnings("UnusedDeclaration")
+ public boolean doSecuredCheck(@MockParamBinding MockObject obj, InvocationContext invocationContext) throws Exception
+ {
+ return obj.isValue();
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomSecurityBinding.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomSecurityBinding.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomSecurityBinding.java
new file mode 100644
index 0000000..dc8900a
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/CustomSecurityBinding.java
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+import org.apache.deltaspike.security.api.authorization.annotation.SecurityBindingType;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Retention(value = RUNTIME)
+@Target({TYPE, METHOD})
+
+@Documented
+
+//cdi annotations
+@SecurityBindingType
+public @interface CustomSecurityBinding
+{
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockObject.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockObject.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockObject.java
new file mode 100644
index 0000000..92f4ebe
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockObject.java
@@ -0,0 +1,47 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+/**
+ * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a>
+ */
+public class MockObject
+{
+
+ private boolean value;
+
+ public MockObject(boolean value)
+ {
+ this.value = value;
+ }
+
+ public boolean isValue()
+ {
+ return value;
+ }
+
+ public void setValue(boolean value)
+ {
+ this.value = value;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockParamBinding.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockParamBinding.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockParamBinding.java
new file mode 100644
index 0000000..80821b6
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/MockParamBinding.java
@@ -0,0 +1,46 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2012, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+import static java.lang.annotation.ElementType.PARAMETER;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import org.apache.deltaspike.security.api.authorization.annotation.SecurityParameterBinding;
+
+@Retention(value = RUNTIME)
+@Target({PARAMETER})
+
+@Documented
+/**
+ * @author <a href="mailto:lincolnbaxter@gmail.com">Lincoln Baxter, III</a>
+ */
+
+// CDI Annotation under test
+@SecurityParameterBinding
+public @interface MockParamBinding
+{
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean1.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean1.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean1.java
new file mode 100644
index 0000000..4188904
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean1.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+import javax.enterprise.context.ApplicationScoped;
+
+@CustomSecurityBinding
+@ApplicationScoped
+public class SecuredBean1
+{
+ public boolean getBlockedResult(@MockParamBinding MockObject mockObject)
+ {
+ return mockObject.isValue();
+ }
+
+ public boolean getResult(MockObject mockObject)
+ {
+ return mockObject.isValue();
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean2.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean2.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean2.java
new file mode 100644
index 0000000..9e67960
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecuredBean2.java
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+import javax.enterprise.context.ApplicationScoped;
+
+@ApplicationScoped
+public class SecuredBean2
+{
+ @CustomSecurityBinding
+ public boolean getBlockedResult(@MockParamBinding MockObject mockObject)
+ {
+ return mockObject.isValue();
+ }
+
+ public boolean getResult(MockObject mockObject)
+ {
+ return mockObject.isValue();
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/175abe1f/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecurityParameterBindingTest.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecurityParameterBindingTest.java b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecurityParameterBindingTest.java
new file mode 100644
index 0000000..e0276a7
--- /dev/null
+++ b/deltaspike/modules/security/impl/src/test/java/org/apache/deltaspike/test/security/impl/authorization/securityparameterbinding/SecurityParameterBindingTest.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.test.security.impl.authorization.securityparameterbinding;
+
+import org.apache.deltaspike.core.api.provider.BeanManagerProvider;
+import org.apache.deltaspike.core.api.provider.BeanProvider;
+import org.apache.deltaspike.core.impl.exclude.ExcludeExtension;
+import org.apache.deltaspike.security.api.authorization.AccessDeniedException;
+import org.apache.deltaspike.test.util.ArchiveUtils;
+import org.jboss.arquillian.container.test.api.Deployment;
+import org.jboss.arquillian.junit.Arquillian;
+import org.jboss.shrinkwrap.api.ShrinkWrap;
+import org.jboss.shrinkwrap.api.asset.EmptyAsset;
+import org.jboss.shrinkwrap.api.spec.JavaArchive;
+import org.jboss.shrinkwrap.api.spec.WebArchive;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import javax.enterprise.inject.spi.Extension;
+
+/**
+ * Test for {@link org.apache.deltaspike.security.api.authorization.annotation.Secured}
+ */
+@RunWith(Arquillian.class)
+public class SecurityParameterBindingTest
+{
+ @Deployment
+ public static WebArchive deploy()
+ {
+ new BeanManagerProvider()
+ {
+ @Override
+ public void setTestMode()
+ {
+ super.setTestMode();
+ }
+ }.setTestMode();
+
+ JavaArchive testJar = ShrinkWrap
+ .create(JavaArchive.class, SecurityParameterBindingTest.class.getSimpleName() + ".jar")
+ .addPackage(SecurityParameterBindingTest.class.getPackage().getName())
+ .addAsManifestResource(EmptyAsset.INSTANCE, "beans.xml");
+
+ return ShrinkWrap.create(WebArchive.class)
+ .addAsLibraries(ArchiveUtils.getDeltaSpikeCoreAndSecurityArchive())
+ .addAsLibraries(testJar)
+ .addAsServiceProvider(Extension.class, ExcludeExtension.class)
+ .addAsWebInfResource(ArchiveUtils.getBeansXml(), "beans.xml");
+ }
+
+ @Test(expected = IllegalStateException.class)
+ public void simpleInterceptorThrowsExceptionWhenImproperlyAnnotated()
+ {
+ SecuredBean1 testBean = BeanProvider.getContextualReference(SecuredBean1.class, false);
+ testBean.getResult(new MockObject(true));
+ }
+
+ @Test(expected = AccessDeniedException.class)
+ public void simpleInterceptorDeniesTest()
+ {
+ SecuredBean1 testBean = BeanProvider.getContextualReference(SecuredBean1.class, false);
+ testBean.getBlockedResult(new MockObject(false));
+ }
+
+ @Test
+ public void simpleInterceptorAllowsTest()
+ {
+ SecuredBean1 testBean = BeanProvider.getContextualReference(SecuredBean1.class, false);
+ Assert.assertTrue(testBean.getBlockedResult(new MockObject(true)));
+ }
+
+ @Test
+ public void simpleInterceptorIgnoresUnsecuredMethods()
+ {
+ SecuredBean2 testBean = BeanProvider.getContextualReference(SecuredBean2.class, false);
+ Assert.assertTrue(testBean.getResult(new MockObject(true)));
+ }
+
+ @Test(expected = AccessDeniedException.class)
+ public void simpleInterceptorTestOnMethodsDenies()
+ {
+ SecuredBean2 testBean = BeanProvider.getContextualReference(SecuredBean2.class, false);
+ testBean.getBlockedResult(new MockObject(false));
+ }
+
+ @Test
+ public void simpleInterceptorTestOnMethodsAllows()
+ {
+ SecuredBean2 testBean = BeanProvider.getContextualReference(SecuredBean2.class, false);
+ Assert.assertTrue(testBean.getBlockedResult(new MockObject(true)));
+ }
+}