You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2008/06/21 19:39:48 UTC
svn commit: r670237 - in
/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests:
sec-client/src/main/java/org/apache/geronimo/itest/
sec-ear/src/test/java/org/apache/geronimo/testsuite/security/
sec-ejb/src/main/java/org/apache/geronimo/itest/...
Author: djencks
Date: Sat Jun 21 10:39:47 2008
New Revision: 670237
URL: http://svn.apache.org/viewvc?rev=670237&view=rev
Log:
GERONIMO-4124 more run-as tests. Not clear results are correct, but they agree on jetty and tomcat
Added:
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestForwardServlet.java
- copied, changed from r669932, geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
Modified:
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestClient.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestSession.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/ClientTest.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/resources/META-INF/ejb-jar.xml
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/TestJsp.jsp
geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestClient.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestClient.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestClient.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestClient.java Sat Jun 21 10:39:47 2008
@@ -47,13 +47,11 @@
System.out.println("Context: " + ContextManager.getCurrentCaller());
try {
TestSession session = sessionHome.create();
- String principalName = session.testAccess();
- System.out.println("Test EJB principal: " + principalName);
+ System.out.print(session.testAccessBar());
try {
- String bad = session.testNoAccess();
- System.out.println("NoAccess method call succeeded with principal: " + bad);
+ System.out.println(session.testAccessFoo());
} catch (AccessException e) {
- System.out.println("Correctly received security exception on noAccess method");
+ System.out.println("Correctly received security exception on testAccessFoo method");
}
} catch (RemoteException e) {
e.printStackTrace();
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestSession.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestSession.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestSession.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-client/src/main/java/org/apache/geronimo/itest/TestSession.java Sat Jun 21 10:39:47 2008
@@ -22,7 +22,7 @@
* @version $Rev$ $Date$
*/
public interface TestSession extends javax.ejb.EJBObject {
- String testAccess() throws RemoteException;
- String testNoAccess() throws RemoteException;
+ String testAccessFoo() throws RemoteException;
+ String testAccessBar() throws RemoteException;
}
\ No newline at end of file
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/ClientTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/ClientTest.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/ClientTest.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/ClientTest.java Sat Jun 21 10:39:47 2008
@@ -42,7 +42,11 @@
assertTrue("Expected Hello World", output.indexOf("Hello World!") != -1);
assertTrue("Expected Principal", output.indexOf("Principal: org.apache.geronimo.security.IdentificationPrincipal") != -1);
assertTrue("Expected Private Credential", output.indexOf("Private Credential: org.apache.geronimo.openejb.ServerIdentityToken") != -1);
-
+ assertTrue("wrong server response", output.endsWith("Test EJB principal: bar\n" +
+ "TestSession isCallerInRole foo: false\n" +
+ "TestSession isCallerInRole bar: true\n" +
+ "TestSession isCallerInRole baz: false\n" +
+ "Correctly received security exception on testAccessFoo method\n"));
} finally {
if (in != null) {
in.close();
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java Sat Jun 21 10:39:47 2008
@@ -19,9 +19,9 @@
package org.apache.geronimo.testsuite.security;
-import org.testng.annotations.Test;
-import org.testng.annotations.BeforeSuite;
import org.apache.geronimo.testsupport.SeleniumTestSupport;
+import org.testng.annotations.BeforeSuite;
+import org.testng.annotations.Test;
/**
* ???
@@ -30,12 +30,37 @@
*/
@Test
public class RunAsTest
- extends SeleniumTestSupport
-{
+ extends SeleniumTestSupport {
+ private static final String SERVLET_FOO = "TestServlet principal: foo\n" +
+ "TestServlet isUserInRole foo: true\n" +
+ "TestServlet isUserInRole bar: false\n" +
+ "TestServlet isUserInRole baz: false";
+ private static final String SERVLET_BAZ = "TestServlet principal: baz\n" +
+ "TestServlet isUserInRole foo: false\n" +
+ "TestServlet isUserInRole bar: false\n" +
+ "TestServlet isUserInRole baz: true";
+ private static final String EJB_FOO = "\nTest EJB principal: foo\n" +
+ "TestSession isCallerInRole foo: true\n" +
+ "TestSession isCallerInRole bar: false\n" +
+ "TestSession isCallerInRole baz: false\n" +
+ "security exception on testAccessBar method\n" +
+ "security exception on testAccessBaz method\n";
+ private static final String EJB_BAR = "\nsecurity exception on testAccessFoo method\n" +
+ "Test EJB principal: bar\n" +
+ "TestSession isCallerInRole foo: false\n" +
+ "TestSession isCallerInRole bar: true\n" +
+ "TestSession isCallerInRole baz: false\n" +
+ "security exception on testAccessBaz method\n";
+ private static final String EJB_BAZ = "\nsecurity exception on testAccessFoo method\n" +
+ "security exception on testAccessBar method\n" +
+ "Test EJB principal: baz\n" +
+ "TestSession isCallerInRole foo: false\n" +
+ "TestSession isCallerInRole bar: false\n" +
+ "TestSession isCallerInRole baz: true\n";
@BeforeSuite
- protected void startSeleniumClient() throws Exception {
+ protected void startSeleniumClient() throws Exception {
log.info("Starting Selenium client");
selenium = createSeleniumClient("http://foo:foo@localhost:8080/");
@@ -43,40 +68,60 @@
}
@Test
+ public void testServletNoRunAs() throws Exception {
+ String path = "/sec/noRunAsServlet";
+ testPath(path, SERVLET_FOO + EJB_FOO + SERVLET_FOO);
+ }
+
+ @Test
public void testServletRunAs() throws Exception {
String path = "/sec/servlet";
- testPath(path);
+ testPath(path, SERVLET_FOO + EJB_BAR + SERVLET_FOO);
}
@Test
public void testInjectionServletRunAs() throws Exception {
- testPath("/sec/injectionServlet");
+ testPath("/sec/injectionServlet", SERVLET_FOO + EJB_BAR + SERVLET_FOO);
}
- private void testPath(String path) throws Exception {
- selenium.open(path);
- waitForPageLoad();
- System.out.println("----------------------------------------------");
- System.out.println(selenium.getText("xpath=/html/body"));
- assertEquals("TestServlet principal: foo\n" +
- "TestServlet isUserInRole foo: true\n" +
- "TestServlet isUserInRole bar: false\n" +
- "Test EJB principal: bar\n" +
- "Correctly received security exception on noAccess method\n" +
- "TestSession isCallerInRole foo: false\n" +
- "TestSession isCallerInRole bar: true\n" +
- "TestServlet isUserInRole foo: true\n" +
- "TestServlet isUserInRole bar: false", selenium.getText("xpath=/html/body"));
+ @Test
+ public void testJspRunAs() throws Exception {
+ testPath("/sec/jsp", (SERVLET_FOO + EJB_BAR + SERVLET_FOO).replace("\n", " "));
}
@Test
- public void testJspRunAs() throws Exception {
- selenium.open("/sec/jsp");
+ public void testForwardServlet() throws Exception {
+ String path = "/sec/forwardServlet";
+ testPath(path, SERVLET_FOO + "\n" + SERVLET_FOO + EJB_FOO + SERVLET_FOO + "\n" + SERVLET_FOO);
+ }
+ @Test
+ public void testForwardServletToRunAs() throws Exception {
+ String path = "/sec/forwardServletToRunAs";
+ testPath(path, SERVLET_FOO + "\n" + SERVLET_FOO + EJB_BAR + SERVLET_FOO + "\n" + SERVLET_FOO);
+ }
+ @Test
+ public void testForwardRunAsServlet() throws Exception {
+ String path = "/sec/forwardRunAsServlet";
+// testPath(path, SERVLET_FOO + "\n" + SERVLET_BAZ + EJB_BAZ + SERVLET_BAZ + "\n" + SERVLET_FOO);
+ //currently
+ testPath(path, SERVLET_FOO + "\n" + SERVLET_FOO + EJB_FOO + SERVLET_FOO + "\n" + SERVLET_FOO);
+ }
+ @Test
+ public void testForwardRunAsServletToRunAs() throws Exception {
+ String path = "/sec/forwardRunAsServletToRunAs";
+// testPath(path, SERVLET_FOO + "\n" + SERVLET_BAZ + EJB_BAR + SERVLET_BAZ + "\n" + SERVLET_FOO);
+ testPath(path, SERVLET_FOO + "\n" + SERVLET_FOO + EJB_BAR + SERVLET_FOO + "\n" + SERVLET_FOO);
+ }
+
+
+
+ private void testPath(String path, String expected) throws Exception {
+ selenium.open(path);
waitForPageLoad();
System.out.println("----------------------------------------------");
System.out.println(selenium.getText("xpath=/html/body"));
- assertEquals("TestServlet principal: foo Test EJB principal: bar Correctly received security exception on noAccess method", selenium.getText("xpath=/html/body"));
-
+ assertEquals(expected, selenium.getText("xpath=/html/body"));
}
+
}
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSession.java Sat Jun 21 10:39:47 2008
@@ -22,7 +22,7 @@
* @version $Rev$ $Date$
*/
public interface TestSession extends javax.ejb.EJBObject {
- String testAccess() throws RemoteException;
- String testNoAccess() throws RemoteException;
- boolean isCallerInRole(String role) throws RemoteException;
+ String testAccessFoo() throws RemoteException;
+ String testAccessBar() throws RemoteException;
+ String testAccessBaz() throws RemoteException;
}
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/java/org/apache/geronimo/itest/TestSessionBean.java Sat Jun 21 10:39:47 2008
@@ -16,13 +16,10 @@
*/
package org.apache.geronimo.itest;
+import javax.annotation.security.DeclareRoles;
import javax.ejb.EJBException;
import javax.ejb.SessionBean;
import javax.ejb.SessionContext;
-import javax.ejb.Remote;
-import javax.ejb.Local;
-import javax.ejb.Stateless;
-import javax.annotation.security.DeclareRoles;
/**
* @version $Rev$ $Date$
@@ -32,16 +29,24 @@
SessionContext sessionContext;
- public String testAccess() {
- return sessionContext.getCallerPrincipal().getName();
+ public String testAccessBar() {
+ return testAccess();
+ }
+
+ public String testAccessFoo() {
+ return testAccess();
}
- public String testNoAccess() {
- return sessionContext.getCallerPrincipal().getName();
+ public String testAccessBaz() {
+ return testAccess();
}
- public boolean isCallerInRole(String role) {
- return sessionContext.isCallerInRole(role);
+ private String testAccess() {
+ StringBuilder r = new StringBuilder("Test EJB principal: ").append(sessionContext.getCallerPrincipal().getName()).append("\n");
+ r.append("TestSession isCallerInRole foo: ").append(sessionContext.isCallerInRole("foo")).append("\n");
+ r.append("TestSession isCallerInRole bar: ").append(sessionContext.isCallerInRole("bar")).append("\n");
+ r.append("TestSession isCallerInRole baz: ").append(sessionContext.isCallerInRole("baz")).append("\n");
+ return r.toString();
}
public void ejbCreate() {
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/resources/META-INF/ejb-jar.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/resources/META-INF/ejb-jar.xml?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/resources/META-INF/ejb-jar.xml (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ejb/src/main/resources/META-INF/ejb-jar.xml Sat Jun 21 10:39:47 2008
@@ -34,17 +34,24 @@
</enterprise-beans>
<assembly-descriptor>
<method-permission>
+ <role-name>foo</role-name>
+ <method>
+ <ejb-name>TestSession</ejb-name>
+ <method-name>testAccessFoo</method-name>
+ </method>
+ </method-permission>
+ <method-permission>
<role-name>bar</role-name>
<method>
<ejb-name>TestSession</ejb-name>
- <method-name>testAccess</method-name>
+ <method-name>testAccessBar</method-name>
</method>
</method-permission>
<method-permission>
- <role-name>foo</role-name>
+ <role-name>baz</role-name>
<method>
<ejb-name>TestSession</ejb-name>
- <method-name>testNoAccess</method-name>
+ <method-name>testAccessBaz</method-name>
</method>
</method-permission>
</assembly-descriptor>
Copied: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestForwardServlet.java (from r669932, geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java)
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestForwardServlet.java?p2=geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestForwardServlet.java&p1=geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java&r1=669932&r2=670237&rev=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestForwardServlet.java Sat Jun 21 10:39:47 2008
@@ -26,6 +26,7 @@
import javax.naming.NamingException;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
+import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -36,50 +37,23 @@
/**
* @version $Rev$ $Date$
*/
-public class TestServlet extends HttpServlet {
-
+public class TestForwardServlet extends TestServlet {
+ private String forwardPath;
public void init() {
System.out.println("Test Servlet init");
+ forwardPath = getInitParameter("forward-path");
}
- protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
- PrintWriter out = httpServletResponse.getWriter();
- if (httpServletRequest.getUserPrincipal() == null) {
- out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
- } else {
- out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
- }
- out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
- out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
- try {
- InitialContext ctx = new InitialContext();
-
- //test ejb access using geronimo plan refs
- TestSessionHome home = (TestSessionHome)ctx.lookup("java:comp/env/TestSession");
- TestSession session = home.create();
- String principalName = session.testAccess();
- out.println("Test EJB principal: " + principalName);
- try {
- String bad = session.testNoAccess();
- out.println("NoAccess method call succeeded with principal: " + bad);
- } catch (AccessException e) {
- out.println("Correctly received security exception on noAccess method");
- }
- out.println("TestSession isCallerInRole foo: " + session.isCallerInRole("foo"));
- out.println("TestSession isCallerInRole bar: " + session.isCallerInRole("bar"));
-
- } catch (NamingException e) {
- System.out.print("Exception:");
- e.printStackTrace();
- } catch (RemoteException e) {
- e.printStackTrace();
- } catch (CreateException e) {
- e.printStackTrace();
- }
- out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
- out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
+ protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ PrintWriter out = response.getWriter();
+ showServletState(request, out);
+
+ RequestDispatcher dispatcher = request.getRequestDispatcher(forwardPath);
+ dispatcher.include(request, response);
+
+ showServletState(request, out);
out.flush();
}
-}
+}
\ No newline at end of file
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestInjectionServlet.java Sat Jun 21 10:39:47 2008
@@ -27,6 +27,7 @@
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.naming.NamingException;
import org.apache.geronimo.security.ContextManager;
@@ -34,7 +35,7 @@
/**
* @version $Rev$ $Date$
*/
-public class TestInjectionServlet extends HttpServlet {
+public class TestInjectionServlet extends TestServlet {
@EJB
private TestSessionHome sessionHome;
@@ -44,36 +45,8 @@
System.out.println("Test Servlet init");
}
- protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
- PrintWriter out = httpServletResponse.getWriter();
- if (httpServletRequest.getUserPrincipal() == null) {
- out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
- } else {
- out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
- }
- out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
- out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
- try {
- TestSession session = sessionHome.create();
- String principalName = session.testAccess();
- out.println("Test EJB principal: " + principalName);
- try {
- String bad = session.testNoAccess();
- out.println("NoAccess method call succeeded with principal: " + bad);
- } catch (AccessException e) {
- out.println("Correctly received security exception on noAccess method");
- }
- out.println("TestSession isCallerInRole foo: " + session.isCallerInRole("foo"));
- out.println("TestSession isCallerInRole bar: " + session.isCallerInRole("bar"));
- } catch (RemoteException e) {
- e.printStackTrace();
- } catch (CreateException e) {
- e.printStackTrace();
- }
- out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
- out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
- out.flush();
+ @Override
+ protected TestSession getSession() throws NamingException, RemoteException, CreateException {
+ return sessionHome.create();
}
-
-
}
\ No newline at end of file
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/java/org/apache/geronimo/itest/TestServlet.java Sat Jun 21 10:39:47 2008
@@ -21,14 +21,13 @@
import java.rmi.AccessException;
import java.rmi.RemoteException;
-import javax.ejb.CreateException;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.ServletException;
-import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.ejb.CreateException;
import org.apache.geronimo.security.ContextManager;
@@ -42,44 +41,54 @@
System.out.println("Test Servlet init");
}
- protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
- PrintWriter out = httpServletResponse.getWriter();
- if (httpServletRequest.getUserPrincipal() == null) {
- out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
- } else {
- out.println("TestServlet principal: " + httpServletRequest.getUserPrincipal().getName());
- }
- out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
- out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
+ protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ PrintWriter out = response.getWriter();
+ showServletState(request, out);
try {
- InitialContext ctx = new InitialContext();
-
- //test ejb access using geronimo plan refs
- TestSessionHome home = (TestSessionHome)ctx.lookup("java:comp/env/TestSession");
- TestSession session = home.create();
- String principalName = session.testAccess();
- out.println("Test EJB principal: " + principalName);
+ TestSession session = getSession();
+ try {
+ out.print(session.testAccessFoo());
+ } catch (AccessException e) {
+ out.println("security exception on testAccessFoo method");
+ }
+ try {
+ out.print(session.testAccessBar());
+ } catch (AccessException e) {
+ out.println("security exception on testAccessBar method");
+ }
try {
- String bad = session.testNoAccess();
- out.println("NoAccess method call succeeded with principal: " + bad);
+ out.print(session.testAccessBaz());
} catch (AccessException e) {
- out.println("Correctly received security exception on noAccess method");
+ out.println("security exception on testAccessBaz method");
}
- out.println("TestSession isCallerInRole foo: " + session.isCallerInRole("foo"));
- out.println("TestSession isCallerInRole bar: " + session.isCallerInRole("bar"));
- } catch (NamingException e) {
- System.out.print("Exception:");
- e.printStackTrace();
- } catch (RemoteException e) {
- e.printStackTrace();
- } catch (CreateException e) {
- e.printStackTrace();
+ } catch (Exception e) {
+ out.println("Exception:");
+ e.printStackTrace(out);
}
- out.println("TestServlet isUserInRole foo: " + httpServletRequest.isUserInRole("foo"));
- out.println("TestServlet isUserInRole bar: " + httpServletRequest.isUserInRole("bar"));
+ showServletState(request, out);
out.flush();
}
+ protected void showServletState(HttpServletRequest request, PrintWriter out) {
+ if (request.getUserPrincipal() == null) {
+ out.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+ } else {
+ out.println("TestServlet principal: " + request.getUserPrincipal().getName());
+ }
+ out.println("TestServlet isUserInRole foo: " + request.isUserInRole("foo"));
+ out.println("TestServlet isUserInRole bar: " + request.isUserInRole("bar"));
+ out.println("TestServlet isUserInRole baz: " + request.isUserInRole("baz"));
+ }
+
+ protected TestSession getSession() throws NamingException, RemoteException, CreateException {
+ InitialContext ctx = new InitialContext();
+
+ //test ejb access using geronimo plan refs
+ TestSessionHome home = (TestSessionHome)ctx.lookup("java:comp/env/TestSession");
+ TestSession session = home.create();
+ return session;
+ }
+
}
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/TestJsp.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/TestJsp.jsp?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/TestJsp.jsp (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/TestJsp.jsp Sat Jun 21 10:39:47 2008
@@ -14,40 +14,55 @@
See the License for the specific language governing permissions and
limitations under the License.
--%>
-<%@ page import="org.apache.geronimo.itest.TestSession" %>
-<%@ page import="javax.naming.InitialContext" %>
-<%@ page import="org.apache.geronimo.itest.TestSessionHome" %>
-<%@ page import="javax.naming.NamingException" %>
<%@ page import="java.io.PrintWriter" %>
<%@ page import="java.rmi.AccessException" %>
-<%@ page import="java.rmi.RemoteException" %>
-<%@ page import="javax.ejb.CreateException" %>
+<%@ page import="javax.naming.InitialContext" %>
+<%@ page import="org.apache.geronimo.itest.TestSession" %>
+<%@ page import="org.apache.geronimo.itest.TestSessionHome" %>
+<%@ page import="org.apache.geronimo.security.ContextManager" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%
PrintWriter myout = response.getWriter();
- myout.println("TestServlet principal: " + request.getUserPrincipal().getName());
+ if (request.getUserPrincipal() == null) {
+ myout.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+ } else {
+ myout.println("TestServlet principal: " + request.getUserPrincipal().getName());
+ }
+ myout.println("TestServlet isUserInRole foo: " + request.isUserInRole("foo"));
+ myout.println("TestServlet isUserInRole bar: " + request.isUserInRole("bar"));
+ myout.println("TestServlet isUserInRole baz: " + request.isUserInRole("baz"));
try {
InitialContext ctx = new InitialContext();
//test ejb access using geronimo plan refs
- TestSessionHome home = (TestSessionHome) ctx.lookup("java:comp/env/TestSession");
- TestSession sessionBean = home.create();
- String principalName = sessionBean.testAccess();
- myout.println("Test EJB principal: " + principalName);
+ TestSessionHome home = (TestSessionHome)ctx.lookup("java:comp/env/TestSession");
+ TestSession testSession = home.create();
try {
- String bad = sessionBean.testNoAccess();
- myout.println("NoAccess method call succeeded with principal: " + bad);
+ myout.print(testSession.testAccessFoo());
} catch (AccessException e) {
- myout.println("Correctly received security exception on noAccess method");
+ myout.println("security exception on testAccessFoo method");
+ }
+ try {
+ myout.print(testSession.testAccessBar());
+ } catch (AccessException e) {
+ myout.println("security exception on testAccessBar method");
+ }
+ try {
+ myout.print(testSession.testAccessBaz());
+ } catch (AccessException e) {
+ myout.println("security exception on testAccessBaz method");
}
- } catch (NamingException e) {
- myout.print("Exception:");
- e.printStackTrace();
- } catch (RemoteException e) {
- e.printStackTrace();
- } catch (CreateException e) {
- e.printStackTrace();
+ } catch (Exception e) {
+ myout.println("Exception:");
+ e.printStackTrace(myout);
+ }
+ if (request.getUserPrincipal() == null) {
+ myout.println("TestServlet principal is null, current caller Subject: " + ContextManager.getCurrentCaller());
+ } else {
+ myout.println("TestServlet principal: " + request.getUserPrincipal().getName());
}
- out.flush();
+ myout.println("TestServlet isUserInRole foo: " + request.isUserInRole("foo"));
+ myout.println("TestServlet isUserInRole bar: " + request.isUserInRole("bar"));
+ myout.println("TestServlet isUserInRole baz: " + request.isUserInRole("baz"));
%>
Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml?rev=670237&r1=670236&r2=670237&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml (original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-war/src/main/webapp/WEB-INF/web.xml Sat Jun 21 10:39:47 2008
@@ -26,6 +26,12 @@
<servlet>
<display-name>Security itest servlet</display-name>
+ <servlet-name>noRunAsServlet</servlet-name>
+ <servlet-class>org.apache.geronimo.itest.TestServlet</servlet-class>
+ <load-on-startup>0</load-on-startup>
+ </servlet>
+ <servlet>
+ <display-name>Security itest servlet</display-name>
<servlet-name>servlet</servlet-name>
<servlet-class>org.apache.geronimo.itest.TestServlet</servlet-class>
<load-on-startup>0</load-on-startup>
@@ -52,6 +58,58 @@
</run-as>
</servlet>
+ <servlet>
+ <display-name>Security itest servlet</display-name>
+ <servlet-name>forwardServlet</servlet-name>
+ <servlet-class>org.apache.geronimo.itest.TestForwardServlet</servlet-class>
+ <init-param>
+ <param-name>forward-path</param-name>
+ <param-value>/noRunAsServlet</param-value>
+ </init-param>
+ <load-on-startup>0</load-on-startup>
+ </servlet>
+ <servlet>
+ <display-name>Security itest servlet</display-name>
+ <servlet-name>forwardServletToRunAs</servlet-name>
+ <servlet-class>org.apache.geronimo.itest.TestForwardServlet</servlet-class>
+ <init-param>
+ <param-name>forward-path</param-name>
+ <param-value>/servlet</param-value>
+ </init-param>
+ <load-on-startup>0</load-on-startup>
+ </servlet>
+ <servlet>
+ <display-name>Security itest servlet</display-name>
+ <servlet-name>forwardRunAsServlet</servlet-name>
+ <servlet-class>org.apache.geronimo.itest.TestForwardServlet</servlet-class>
+ <init-param>
+ <param-name>forward-path</param-name>
+ <param-value>/noRunAsServlet</param-value>
+ </init-param>
+ <load-on-startup>0</load-on-startup>
+ <run-as>
+ <role-name>baz</role-name>
+ </run-as>
+ </servlet>
+ <servlet>
+ <display-name>Security itest servlet</display-name>
+ <servlet-name>forwardRunAsServletToRunAs</servlet-name>
+ <servlet-class>org.apache.geronimo.itest.TestForwardServlet</servlet-class>
+ <init-param>
+ <param-name>forward-path</param-name>
+ <param-value>/servlet</param-value>
+ </init-param>
+ <load-on-startup>0</load-on-startup>
+ <run-as>
+ <role-name>baz</role-name>
+ </run-as>
+ </servlet>
+
+
+ <servlet-mapping>
+ <servlet-name>noRunAsServlet</servlet-name>
+ <url-pattern>/noRunAsServlet</url-pattern>
+ </servlet-mapping>
<servlet-mapping>
<servlet-name>servlet</servlet-name>
<url-pattern>/servlet</url-pattern>
@@ -65,6 +123,23 @@
<url-pattern>/jsp</url-pattern>
</servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>forwardServlet</servlet-name>
+ <url-pattern>/forwardServlet</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>forwardServletToRunAs</servlet-name>
+ <url-pattern>/forwardServletToRunAs</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>forwardRunAsServlet</servlet-name>
+ <url-pattern>/forwardRunAsServlet</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>forwardRunAsServletToRunAs</servlet-name>
+ <url-pattern>/forwardRunAsServletToRunAs</url-pattern>
+ </servlet-mapping>
+
<ejb-ref>
<ejb-ref-name>TestSession</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
@@ -75,9 +150,10 @@
<security-constraint>
<web-resource-collection>
<web-resource-name>secureServlet</web-resource-name>
- <url-pattern>/servlet</url-pattern>
- <url-pattern>/jsp</url-pattern>
- <url-pattern>/injectionServlet</url-pattern>
+ <url-pattern>/*</url-pattern>
+ <!--<url-pattern>/jsp</url-pattern>-->
+ <!--<url-pattern>/injectionServlet</url-pattern>-->
+ <!--<url-pattern>/noRunAsServlet</url-pattern>-->
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
@@ -98,5 +174,8 @@
<security-role>
<role-name>bar</role-name>
</security-role>
+ <security-role>
+ <role-name>baz</role-name>
+ </security-role>
</web-app>