You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jg...@apache.org on 2019/05/29 09:49:44 UTC
[tomee] branch tomee-7.0.x updated (aa609b7 -> 0471c79)
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a change to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git.
from aa609b7 TOMEE-2531 update Commons-Daemon
new fd5fea3 For review; We shouldn't use javax.security.jacc.policy.provider here, because the System policy will already be set. We need to ensure that our policy provider is used, which will delegate to the system policy as appropriate
new ff19dca Only check JACC permissions here
new 7740bd8 Check for case where policy is specified but not loaded, e.g. system.properties. Include the remote-secpol profile for all arquillian tests.
new bf70dd4 Adding test
new 1c21005 Adding test
new 0471c79 Fix test
The 6 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../src/test/resources/arquillian.xml | 15 +++++++
.../src/test/resources/arquillian.xml | 17 ++++++++
.../src/test/resources/arquillian.xml | 15 +++++++
.../src/test/resources/arquillian.xml | 15 +++++++
.../src/test/resources/arquillian.xml | 24 +++++++++++
.../src/test/resources/arquillian.xml | 23 +++++++++++
arquillian/arquillian-tomee-tests/pom.xml | 17 ++++++++
.../core/security/AbstractSecurityService.java | 15 ++++++-
.../core/security/jacc/BasicJaccProvider.java | 18 ++++++++-
...ServiceTest.java => BasicJaccProviderTest.java} | 46 +++++++++++++++++-----
10 files changed, 194 insertions(+), 11 deletions(-)
copy container/openejb-core/src/test/java/org/apache/openejb/core/security/{AbstractSecurityServiceTest.java => BasicJaccProviderTest.java} (51%)
[tomee] 05/06: Adding test
Posted by jg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 1c21005c6f17d71f17cfa198ef964d4bd2844542
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Tue May 28 13:02:09 2019 +0100
Adding test
---
.../core/security/BasicJaccProviderTest.java | 44 ++++++++++++++++++----
1 file changed, 36 insertions(+), 8 deletions(-)
diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
index c9d3ce6..2d9b387 100644
--- a/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
+++ b/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
@@ -16,27 +16,55 @@
*/
package org.apache.openejb.core.security;
-import org.apache.openejb.core.security.jacc.BasicJaccProvider;
import org.apache.openejb.junit.ApplicationComposer;
import org.apache.openejb.testing.Classes;
import org.apache.openejb.testing.ContainerProperties;
+import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
-import static org.junit.Assert.assertTrue;
+import javax.ejb.EJB;
+import javax.ejb.Singleton;
+import java.security.Policy;
-@Classes
+
+@Classes(innerClassesAsBean = true)
@RunWith(ApplicationComposer.class)
@ContainerProperties(
@ContainerProperties.Property(
- name = "org.apache.openejb.core.security.JaccProvider",
- value = "org.apache.openejb.core.security.AbstractSecurityServiceTest$MyJaacProv"))
+ name = "javax.security.jacc.policy.provider",
+ value = "org.apache.openejb.core.security.BasicJaccProviderTest.MyPolicy"))
public class BasicJaccProviderTest {
+
+ @EJB
+ private SimpleSingleton myBean;
+
@Test
- public void run() {
- assertTrue(MyJaacProv.class.isInstance(JaccProvider.get()));
+ public void run() throws Exception {
+ Assert.assertEquals("tset", myBean.reverse("test"));
}
- public static class MyJaacProv extends BasicJaccProvider {
+ public static class MyPolicy extends Policy {
+ }
+
+ @Singleton
+ public static class SimpleSingleton {
+ public String reverse(final String input) {
+ if (input == null) {
+ return null;
+ }
+
+ if (input.length() == 0) {
+ return "";
+ }
+
+ char[] chars = new char[input.length()];
+ for (int i = 0; i < input.length(); i++) {
+ chars[i] = input.charAt((input.length() - 1) - i);
+ }
+
+ return new String(chars);
+ }
}
}
+
[tomee] 01/06: For review;
We shouldn't use javax.security.jacc.policy.provider here, because
the System policy will already be set. We need to ensure that our policy
provider is used, which will delegate to the system policy as appropriate
Posted by jg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit fd5fea33ee2be3dd3910dad8360218c130cf610f
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Wed May 22 11:15:59 2019 +0100
For review; We shouldn't use javax.security.jacc.policy.provider here, because the System policy will already be set. We need to ensure that our policy provider is used, which will delegate to the system policy as appropriate
---
.../java/org/apache/openejb/core/security/AbstractSecurityService.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
index 6ac1f41..82231a9 100644
--- a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
+++ b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
@@ -356,7 +356,7 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se
Thread.currentThread().setContextClassLoader(contextClassLoader);
}
- final String policyProvider = SystemInstance.get().getOptions().get("javax.security.jacc.policy.provider", JaccProvider.Policy.class.getName());
+ final String policyProvider = JaccProvider.Policy.class.getName();
try {
final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
final Class policyClass = Class.forName(policyProvider, true, classLoader);
[tomee] 04/06: Adding test
Posted by jg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit bf70dd45aa7ef611f5a54f1fbe9ccfe6fe879af0
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Tue May 28 09:30:50 2019 +0100
Adding test
---
.../core/security/BasicJaccProviderTest.java | 42 ++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
new file mode 100644
index 0000000..c9d3ce6
--- /dev/null
+++ b/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.core.security;
+
+import org.apache.openejb.core.security.jacc.BasicJaccProvider;
+import org.apache.openejb.junit.ApplicationComposer;
+import org.apache.openejb.testing.Classes;
+import org.apache.openejb.testing.ContainerProperties;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import static org.junit.Assert.assertTrue;
+
+@Classes
+@RunWith(ApplicationComposer.class)
+@ContainerProperties(
+ @ContainerProperties.Property(
+ name = "org.apache.openejb.core.security.JaccProvider",
+ value = "org.apache.openejb.core.security.AbstractSecurityServiceTest$MyJaacProv"))
+public class BasicJaccProviderTest {
+ @Test
+ public void run() {
+ assertTrue(MyJaacProv.class.isInstance(JaccProvider.get()));
+ }
+
+ public static class MyJaacProv extends BasicJaccProvider {
+ }
+}
[tomee] 03/06: Check for case where policy is specified but not
loaded,
e.g. system.properties. Include the remote-secpol profile for all arquillian
tests.
Posted by jg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 7740bd8405d2da6546dc0578d9d51577c0a1a857
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Thu May 23 21:43:02 2019 +0100
Check for case where policy is specified but not loaded, e.g. system.properties. Include the remote-secpol profile for all arquillian tests.
---
.../src/test/resources/arquillian.xml | 15 ++++++++++++++
.../src/test/resources/arquillian.xml | 17 +++++++++++++++
.../src/test/resources/arquillian.xml | 15 ++++++++++++++
.../src/test/resources/arquillian.xml | 15 ++++++++++++++
.../src/test/resources/arquillian.xml | 24 ++++++++++++++++++++++
.../core/security/AbstractSecurityService.java | 15 +++++++++++++-
6 files changed, 100 insertions(+), 1 deletion(-)
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml
index 7116ee4..7e08f12 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml
@@ -46,6 +46,21 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml
index 71cdd3b..29949c6 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml
@@ -49,6 +49,23 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-remote-working-dir</property>
+ <property name="portRange">20001-30000</property>
+ <property name="cleanOnStartUp">true</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml
index f73dc6b..71e9ba0 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml
@@ -46,6 +46,21 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml
index 9da1361..bac5665 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml
@@ -46,6 +46,21 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml
index e46822e..4743854 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml
@@ -51,6 +51,30 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.jms
+
+ AMQResourceAdapter = new://Resource?type=ActiveMQResourceAdapter
+ AMQResourceAdapter.BrokerXmlConfig = broker:(tcp://localhost:61616)?useJmx=false&persistent=false
+ AMQResourceAdapter.ServerUrl = vm://jvm_broker
+ AMQMessageContainer = new://Container?type=MESSAGE
+ AMQMessageContainer.ResourceAdapter = AMQResourceAdapter
+ AMQConnectionFactory = new://Resource?type=javax.jms.ConnectionFactory
+ AMQConnectionFactory.ResourceAdapter = AMQResourceAdapter
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
index 82231a9..d671a6e 100644
--- a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
+++ b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
@@ -356,7 +356,19 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se
Thread.currentThread().setContextClassLoader(contextClassLoader);
}
- final String policyProvider = JaccProvider.Policy.class.getName();
+ // check the system provided provider first - if for some reason it isn't loaded, load it
+ final String systemPolicyProvider = SystemInstance.get().getOptions().getProperties().getProperty("javax.security.jacc.policy.provider");
+ if (systemPolicyProvider != null && Policy.getPolicy() == null) {
+ installPolicy(systemPolicyProvider);
+ }
+
+ if (! JaccProvider.Policy.class.getName().equals(Policy.getPolicy().getClass().getName())) {
+ // this should delegate to the policy installed above
+ installPolicy(JaccProvider.Policy.class.getName());
+ }
+ }
+
+ private static void installPolicy(String policyProvider) {
try {
final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
final Class policyClass = Class.forName(policyProvider, true, classLoader);
@@ -368,6 +380,7 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se
}
}
+
protected Subject createSubject(final String name, final String groupName) {
if (name == null) {
return null;
[tomee] 02/06: Only check JACC permissions here
Posted by jg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit ff19dca24485a1cba37745392328bd0f16491460
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Tue Aug 21 22:39:10 2018 +0100
Only check JACC permissions here
---
.../src/test/resources/arquillian.xml | 23 ++++++++++++++++++++++
arquillian/arquillian-tomee-tests/pom.xml | 17 ++++++++++++++++
.../core/security/jacc/BasicJaccProvider.java | 18 ++++++++++++++++-
3 files changed, 57 insertions(+), 1 deletion(-)
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
index fb0f5fd..8640e8e 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-webprofile-tests/src/test/resources/arquillian.xml
@@ -113,6 +113,29 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-remote-working-dir</property>
+ <property name="portRange">33001-36000</property>
+ <property name="cleanOnStartUp">true</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests
+ openejb.ear.use-as-webcontext-base=true
+ embedded = false
+
+ # try to save some permgen mem
+ openejb.cdi.activated-on-ejb = false
+ openejb.descriptors.output = true
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/pom.xml b/arquillian/arquillian-tomee-tests/pom.xml
index 94e03e9..b823246 100644
--- a/arquillian/arquillian-tomee-tests/pom.xml
+++ b/arquillian/arquillian-tomee-tests/pom.xml
@@ -268,6 +268,23 @@
</configuration>
</execution>
<execution>
+ <id>test-tomee-remote-secpol</id>
+ <phase>test</phase>
+ <goals>
+ <goal>test</goal>
+ </goals>
+ <configuration>
+ <skip>${skip.remote.webprofile}</skip>
+ <systemPropertyVariables>
+ <openejb.arquillian.debug>true</openejb.arquillian.debug>
+ <tomee.version>${project.version}</tomee.version>
+ <tomee.classifier>webprofile</tomee.classifier>
+ <arquillian.launch>tomee-remote-secpol</arquillian.launch>
+ <openejb.arquillian.adapter>tomee-remote</openejb.arquillian.adapter>
+ </systemPropertyVariables>
+ </configuration>
+ </execution>
+ <execution>
<id>test-tomee-embedded</id>
<phase>test</phase>
<goals>
diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicJaccProvider.java b/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicJaccProvider.java
index 4d59fa1..a77c46c 100644
--- a/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicJaccProvider.java
+++ b/container/openejb-core/src/main/java/org/apache/openejb/core/security/jacc/BasicJaccProvider.java
@@ -19,20 +19,36 @@ package org.apache.openejb.core.security.jacc;
import org.apache.openejb.core.security.JaccProvider;
+import javax.security.jacc.EJBMethodPermission;
+import javax.security.jacc.EJBRoleRefPermission;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
+import javax.security.jacc.WebResourcePermission;
+import javax.security.jacc.WebRoleRefPermission;
+import javax.security.jacc.WebUserDataPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.ProtectionDomain;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Map;
+import java.util.Set;
/**
* @version $Rev$ $Date$
*/
public class BasicJaccProvider extends JaccProvider {
+ private static final Set<Class> JACC_PERMISSIONS = new HashSet<Class>() {
+ {
+ add(EJBMethodPermission.class);
+ add(EJBRoleRefPermission.class);
+ add(WebResourcePermission.class);
+ add(WebRoleRefPermission.class);
+ add(WebUserDataPermission.class);
+ }
+ };
static {
// force preloading to avoid to loop under SecurityManager
try {
@@ -82,7 +98,7 @@ public class BasicJaccProvider extends JaccProvider {
public boolean implies(final ProtectionDomain domain, final Permission permission) {
final String contextID = PolicyContext.getContextID();
- if (contextID != null) {
+ if (contextID != null && JACC_PERMISSIONS.contains(permission.getClass())) {
try {
final BasicPolicyConfiguration configuration = configurations.get(contextID);
[tomee] 06/06: Fix test
Posted by jg...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 0471c799ed109096e14a95f9a0f5da47a23ed1c1
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Tue May 28 14:09:05 2019 +0100
Fix test
---
.../java/org/apache/openejb/core/security/BasicJaccProviderTest.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java b/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
index 2d9b387..451c105 100644
--- a/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
+++ b/container/openejb-core/src/test/java/org/apache/openejb/core/security/BasicJaccProviderTest.java
@@ -33,7 +33,7 @@ import java.security.Policy;
@ContainerProperties(
@ContainerProperties.Property(
name = "javax.security.jacc.policy.provider",
- value = "org.apache.openejb.core.security.BasicJaccProviderTest.MyPolicy"))
+ value = "org.apache.openejb.core.security.BasicJaccProviderTest$MyPolicy"))
public class BasicJaccProviderTest {
@EJB
@@ -41,6 +41,7 @@ public class BasicJaccProviderTest {
@Test
public void run() throws Exception {
+ Assert.assertNotNull("Singleton bean could not be created", myBean);
Assert.assertEquals("tset", myBean.reverse("test"));
}
@@ -67,4 +68,3 @@ public class BasicJaccProviderTest {
}
}
}
-