User: starksm
Date: 01/07/14 10:10:53
Modified: src/main/org/jboss/test/security/test Tag: Branch_2_4
StatelessSessionClient.java TestEJBAccess.java
TestEJBSpec.java TestProjRepository.java
TestSecurityProxy.java
Removed: src/main/org/jboss/test/security/test Tag: Branch_2_4
AppCallbackHandler.java Deploy.java
Log:
Merge latest changes from main
Revision Changes Path
No revision
No revision
1.1.2.1 +2 -1
jbosstest/src/main/org/jboss/test/security/test/StatelessSessionClient.java
Index: StatelessSessionClient.java
===================================================================
RCS file:
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/security/test/StatelessSessionClient.java,v
retrieving revision 1.1
retrieving revision 1.1.2.1
diff -u -r1.1 -r1.1.2.1
--- StatelessSessionClient.java 2001/03/05 10:11:07 1.1
+++ StatelessSessionClient.java 2001/07/14 17:10:53 1.1.2.1
@@ -12,11 +12,12 @@
import org.jboss.test.security.interfaces.StatelessSession;
import org.jboss.test.security.interfaces.StatelessSessionHome;
+import org.jboss.test.util.AppCallbackHandler;
/** Run with -Djava.security.auth.login.config=url_to_jaas_login_conf
@author [EMAIL PROTECTED]
-@version $Revision: 1.1 $
+@version $Revision: 1.1.2.1 $
*/
public class StatelessSessionClient
{
1.1.2.1 +106 -79
jbosstest/src/main/org/jboss/test/security/test/TestEJBAccess.java
Index: TestEJBAccess.java
===================================================================
RCS file:
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/security/test/TestEJBAccess.java,v
retrieving revision 1.1
retrieving revision 1.1.2.1
diff -u -r1.1 -r1.1.2.1
--- TestEJBAccess.java 2001/03/05 10:11:07 1.1
+++ TestEJBAccess.java 2001/07/14 17:10:53 1.1.2.1
@@ -9,92 +9,119 @@
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
+import org.jboss.test.util.Deploy;
+
import org.jboss.test.security.interfaces.StatelessSession;
import org.jboss.test.security.interfaces.StatelessSessionHome;
-/** Tests of the secure access to EJBs.
-@author [EMAIL PROTECTED]
+/**
+ * Tests of the secure access to EJBs.
+ *
+ * @author [EMAIL PROTECTED]
*/
-public class TestEJBAccess extends junit.framework.TestCase
+public class TestEJBAccess
+ extends TestCase
{
- private boolean deployed;
+ private boolean deployed;
- public TestEJBAccess(String name)
- {
- super(name);
- }
-
- /** Deploy the security ejb jar one time
- */
- protected void setUp() throws Exception
- {
- Deploy.deploy("security.jar");
- }
-
- public void testDeclarativeAccess() throws Exception
- {
- StatelessSessionClient.runAs("scott", "echoman".toCharArray());
- try
- {
- StatelessSessionClient.runAs("stark", "javaman".toCharArray());
- fail("stark should NOT be able to access StatelessSession bean");
- }
- catch(Exception e)
- {
- }
- }
+ public TestEJBAccess(String name)
+ {
+ super(name);
+ }
- /** Test access to a stateless session bean that
+ /**
+ * Setup the test suite.
*/
- public void testUnsecureAccess() throws Exception
- {
- String securityDomain = System.getProperty("securityDomain");
- /* If the security ejbs are running with a global security-domain
- set, then every bean has a security manager regardless of
- what its container config is. In this case we expect the
- accessUnsecureStatelessSession method to fail and will fail
- the test if it does not.
- */
- if( securityDomain != null )
- {
- try
- {
- accessUnsecureStatelessSession();
- fail("UnsecureStatelessSession was accessible");
- }
- catch(Exception e)
- {
- System.out.println("UnsecureStatelessSession not accessible");
- }
- }
- else
- { /* There is not global security-domain so the UnsecureStatelessSession
- bean should be accessible without any login
- */
- accessUnsecureStatelessSession();
- }
- }
+ public static Test suite() {
+ TestSuite suite = new TestSuite();
+
+ // add a test case to deploy our support applications
+ String filename = "security.jar";
+ suite.addTest(new Deploy.Deployer(filename));
+
+ suite.addTest(new TestSuite(TestEJBAccess.class));
+
+ // add a test case to undeploy our support applications
+ suite.addTest(new Deploy.Undeployer(filename));
+
+ return suite;
+ }
+
+ /** Deploy the security ejb jar one time
+ */
+ protected void setUp() throws Exception
+ {
+ //Deploy.deploy("security.jar");
+ }
+
+ public void testDeclarativeAccess() throws Exception
+ {
+ StatelessSessionClient.runAs("scott", "echoman".toCharArray());
+ try
+ {
+ StatelessSessionClient.runAs("stark", "javaman".toCharArray());
+ fail("stark should NOT be able to access StatelessSession bean");
+ }
+ catch(Exception e)
+ {
+ }
+ }
- private void accessUnsecureStatelessSession() throws Exception
- {
- InitialContext jndiContext = new InitialContext();
- StatelessSession bean = null;
- Object obj = jndiContext.lookup("UnsecureStatelessSession");
- obj = PortableRemoteObject.narrow(obj, StatelessSessionHome.class);
- StatelessSessionHome home = (StatelessSessionHome) obj;
- System.out.println("Found Unsecure StatelessSessionHome");
-
- try
- {
- bean = home.create();
- System.out.println("Created UnsecureStatelessSession");
- System.out.println("Bean.echo('Hello') -> "+bean.echo("Hello"));
- System.out.println("Bean.npeError() -> ");
- bean.npeError();
- }
- catch(Exception e)
- {
- System.out.println("Produced error as expected");
- }
- }
+ /** Test access to a stateless session bean that
+ */
+ public void testUnsecureAccess() throws Exception
+ {
+ String securityDomain = System.getProperty("securityDomain");
+ /* If the security ejbs are running with a global security-domain
+ set, then every bean has a security manager regardless of
+ what its container config is. In this case we expect the
+ accessUnsecureStatelessSession method to fail and will fail
+ the test if it does not.
+ */
+ if( securityDomain != null )
+ {
+ try
+ {
+ accessUnsecureStatelessSession();
+ fail("UnsecureStatelessSession was accessible");
+ }
+ catch(Exception e)
+ {
+ System.out.println("UnsecureStatelessSession not accessible");
+ }
+ }
+ else
+ { /* There is not global security-domain so the UnsecureStatelessSession
+ bean should be accessible without any login
+ */
+ accessUnsecureStatelessSession();
+ }
+ }
+
+ private void accessUnsecureStatelessSession() throws Exception
+ {
+ InitialContext jndiContext = new InitialContext();
+ StatelessSession bean = null;
+ Object obj = jndiContext.lookup("UnsecureStatelessSession");
+ obj = PortableRemoteObject.narrow(obj, StatelessSessionHome.class);
+ StatelessSessionHome home = (StatelessSessionHome) obj;
+ System.out.println("Found Unsecure StatelessSessionHome");
+
+ try
+ {
+ bean = home.create();
+ System.out.println("Created UnsecureStatelessSession");
+ System.out.println("Bean.echo('Hello') -> "+bean.echo("Hello"));
+ System.out.println("Bean.npeError() -> ");
+ bean.npeError();
+ }
+ catch(Exception e)
+ {
+ System.out.println("Produced error as expected");
+ }
+ }
}
1.6.2.3 +17 -20 jbosstest/src/main/org/jboss/test/security/test/TestEJBSpec.java
Index: TestEJBSpec.java
===================================================================
RCS file:
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/security/test/TestEJBSpec.java,v
retrieving revision 1.6.2.2
retrieving revision 1.6.2.3
diff -u -r1.6.2.2 -r1.6.2.3
--- TestEJBSpec.java 2001/07/09 08:54:12 1.6.2.2
+++ TestEJBSpec.java 2001/07/14 17:10:53 1.6.2.3
@@ -23,15 +23,17 @@
import junit.framework.TestCase;
import junit.framework.TestSuite;
+import org.jboss.test.util.AppCallbackHandler;
import org.jboss.test.util.Deploy;
/** Test of EJB spec conformace using the security-spec.jar
deployment unit. These test the basic role based access model.
@author [EMAIL PROTECTED]
- @version $Revision: 1.6.2.2 $
+ @version $Revision: 1.6.2.3 $
*/
-public class TestEJBSpec extends junit.framework.TestCase
+public class TestEJBSpec
+ extends TestCase
{
static String username = "scott";
static char[] password = "echoman".toCharArray();
@@ -290,26 +292,21 @@
lc.logout();
}
}
-
- public static Test suite()
- {
+
+ /**
+ * Setup the test suite.
+ */
+ public static Test suite() {
TestSuite suite = new TestSuite();
-
- try
- {
- String filename = "security-spec.jar";
- System.out.println("Deploying...");
- Deploy.deploy(filename);
+
+ // add a test case to deploy our support applications
+ String filename = "security-spec.jar";
+ suite.addTest(new Deploy.Deployer(filename));
- suite.addTest(new TestSuite(TestEJBSpec.class));
- // add a test case to undeploy our support applications
- suite.addTest(new Deploy.Undeployer(filename));
- }
- catch (Throwable t)
- {
- t.printStackTrace();
- System.exit(0);
- }
+ suite.addTest(new TestSuite(TestEJBSpec.class));
+
+ // add a test case to undeploy our support applications
+ suite.addTest(new Deploy.Undeployer(filename));
return suite;
}
1.2.2.1 +43 -17
jbosstest/src/main/org/jboss/test/security/test/TestProjRepository.java
Index: TestProjRepository.java
===================================================================
RCS file:
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/security/test/TestProjRepository.java,v
retrieving revision 1.2
retrieving revision 1.2.2.1
diff -u -r1.2 -r1.2.2.1
--- TestProjRepository.java 2001/06/13 04:55:50 1.2
+++ TestProjRepository.java 2001/07/14 17:10:53 1.2.2.1
@@ -8,6 +8,10 @@
import javax.security.auth.login.LoginException;
import javax.transaction.TransactionRolledbackException;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
import org.apache.log4j.Category;
import org.apache.log4j.FileAppender;
import org.apache.log4j.NDC;
@@ -18,23 +22,27 @@
import org.jboss.test.security.interfaces.ProjRepository;
import org.jboss.test.security.interfaces.ProjRepositoryHome;
import org.jboss.test.security.ejb.project.support.DefaultName;
+import org.jboss.test.util.AppCallbackHandler;
+import org.jboss.test.util.Deploy;
-/** The client driver for testing secure access to the ProjRepository bean.
-Each test runs as one of 4 different users who each have different
-levels of access. All attempt to do something they should not be able
-to do so that all should see a SecurityException. The tests succeed
-or fail based on whether the user can do what they should be able
-to do and are stopped from not doing what they should not do. A failure
-of the test only occurs if a user sees a SecurityException when they
-should not, or a user does not see a SecurityException when they should.
-This requires that this test module's accessTest ecpected values
-be kept in synch with the resources/security/sample_policy.xml that
-is deployed.
-
-@author [EMAIL PROTECTED]
-@version $Revision: 1.2 $
-*/
-public class TestProjRepository extends junit.framework.TestCase
+/**
+ * The client driver for testing secure access to the ProjRepository bean.
+ * Each test runs as one of 4 different users who each have different
+ * levels of access. All attempt to do something they should not be able
+ * to do so that all should see a SecurityException. The tests succeed
+ * or fail based on whether the user can do what they should be able
+ * to do and are stopped from not doing what they should not do. A failure
+ * of the test only occurs if a user sees a SecurityException when they
+ * should not, or a user does not see a SecurityException when they should.
+ * This requires that this test module's accessTest ecpected values
+ * be kept in synch with the resources/security/sample_policy.xml that
+ * is deployed.
+ *
+ * @author [EMAIL PROTECTED]
+ * @version $Revision: 1.2.2.1 $
+ */
+public class TestProjRepository
+ extends TestCase
{
static String[] users = {"scott", "starksm", "guest", "nobody"};
static String[] passwds = {"stark", "scott_stark", "guest", "badpass"};
@@ -211,9 +219,27 @@
Category root = Category.getRoot();
root.setPriority(Priority.DEBUG);
root.addAppender(new FileAppender(new PatternLayout("%x%m%n"), System.out));
- Deploy.deploy("security.jar");
+ // Deploy.deploy("security.jar");
}
+ /**
+ * Setup the test suite.
+ */
+ public static Test suite() {
+ TestSuite suite = new TestSuite();
+
+ // add a test case to deploy our support applications
+ String filename = "security.jar";
+ suite.addTest(new Deploy.Deployer(filename));
+
+ suite.addTest(new TestSuite(TestProjRepository.class));
+
+ // add a test case to undeploy our support applications
+ suite.addTest(new Deploy.Undeployer(filename));
+
+ return suite;
+ }
+
/** Try to invoke getItem for the given name on the bean.
If this fails the bean will be discarded by the server,
so if we expect the failure we restore the bean to
1.1.2.1 +110 -84
jbosstest/src/main/org/jboss/test/security/test/TestSecurityProxy.java
Index: TestSecurityProxy.java
===================================================================
RCS file:
/cvsroot/jboss/jbosstest/src/main/org/jboss/test/security/test/TestSecurityProxy.java,v
retrieving revision 1.1
retrieving revision 1.1.2.1
diff -u -r1.1 -r1.1.2.1
--- TestSecurityProxy.java 2001/06/13 04:55:50 1.1
+++ TestSecurityProxy.java 2001/07/14 17:10:53 1.1.2.1
@@ -8,96 +8,122 @@
import javax.rmi.PortableRemoteObject;
import javax.security.auth.login.*;
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
import org.jboss.test.security.interfaces.Entity;
import org.jboss.test.security.interfaces.EntityHome;
import org.jboss.test.security.interfaces.IOSession;
import org.jboss.test.security.interfaces.IOSessionHome;
-
-/** Simple tests of security stateless, stateful and entity beans via custom
-security proxies.
+import org.jboss.test.util.AppCallbackHandler;
+import org.jboss.test.util.Deploy;
-@author [EMAIL PROTECTED]
-@version $Revision: 1.1 $
-*/
-public class TestSecurityProxy extends junit.framework.TestCase
+/**
+ * Simple tests of security stateless, stateful and entity beans via custom
+ * security proxies.
+ *
+ * @author [EMAIL PROTECTED]
+ * @version $Revision: 1.1.2.1 $
+ */
+public class TestSecurityProxy
+ extends TestCase
{
- static String username = "scott";
- static char[] password = "echoman".toCharArray();
+ static String username = "scott";
+ static char[] password = "echoman".toCharArray();
- LoginContext lc;
- boolean loggedIn;
+ LoginContext lc;
+ boolean loggedIn;
- public TestSecurityProxy(String name)
- {
- super(name);
- }
-
- protected void setUp() throws Exception
- {
- Deploy.deploy("security-proxy.jar");
- }
-
- public void testProxiedStatelessBean() throws Exception
- {
- login();
- InitialContext jndiContext = new InitialContext();
- Object obj = jndiContext.lookup("ProxiedStatelessBean");
- obj = PortableRemoteObject.narrow(obj, IOSessionHome.class);
- IOSessionHome home = (IOSessionHome) obj;
- System.out.println("Found ProxiedStatelessBean");
- IOSession bean = home.create();
- System.out.println("Created ProxiedStatelessBean");
- System.out.println("ProxiedStatelessBean.read() ->
"+bean.read("/user/scott/.password"));
- bean.write("/user/scott/.password");
- System.out.println("ProxiedStatelessBean.write()");
- bean.remove();
- logout();
- }
-
- public void testProxiedStatefulBean() throws Exception
- {
- login();
- InitialContext jndiContext = new InitialContext();
- Object obj = jndiContext.lookup("ProxiedStatefulBean");
- obj = PortableRemoteObject.narrow(obj, IOSessionHome.class);
- IOSessionHome home = (IOSessionHome) obj;
- System.out.println("Found ProxiedStatefulBean");
- IOSession bean = home.create();
- System.out.println("Created ProxiedStatefulBean");
- System.out.println("ProxiedStatefulBean.read() ->
"+bean.read("/user/scott/.password"));
- bean.write("/user/scott/.password");
- System.out.println("ProxiedStatefulBean.write()");
- bean.remove();
- logout();
- }
-
- /** Login as user scott using the conf.name login config or
- 'spec-test' if conf.name is not defined.
- */
- private void login() throws Exception
- {
- login(username, password);
- }
- private void login(String username, char[] password) throws Exception
- {
- if( loggedIn )
- return;
-
- lc = null;
- String confName = System.getProperty("conf.name", "spec-test");
- AppCallbackHandler handler = new AppCallbackHandler(username, password);
- System.out.println("Creating LoginContext("+confName+")");
- lc = new LoginContext(confName, handler);
- lc.login();
- System.out.println("Created LoginContext, subject="+lc.getSubject());
- loggedIn = true;
- }
- private void logout() throws Exception
- {
- if( loggedIn )
- {
- loggedIn = false;
- lc.logout();
- }
- }
+ public TestSecurityProxy(String name)
+ {
+ super(name);
+ }
+
+ /**
+ * Setup the test suite.
+ */
+ public static Test suite() {
+ TestSuite suite = new TestSuite();
+
+ // add a test case to deploy our support applications
+ String filename = "security-proxy.jar";
+ suite.addTest(new Deploy.Deployer(filename));
+
+ suite.addTest(new TestSuite(TestSecurityProxy.class));
+
+ // add a test case to undeploy our support applications
+ suite.addTest(new Deploy.Undeployer(filename));
+
+ return suite;
+ }
+
+ protected void setUp() throws Exception
+ {
+ // Deploy.deploy("security-proxy.jar");
+ }
+
+ public void testProxiedStatelessBean() throws Exception
+ {
+ login();
+ InitialContext jndiContext = new InitialContext();
+ Object obj = jndiContext.lookup("ProxiedStatelessBean");
+ obj = PortableRemoteObject.narrow(obj, IOSessionHome.class);
+ IOSessionHome home = (IOSessionHome) obj;
+ System.out.println("Found ProxiedStatelessBean");
+ IOSession bean = home.create();
+ System.out.println("Created ProxiedStatelessBean");
+ System.out.println("ProxiedStatelessBean.read() ->
"+bean.read("/user/scott/.password"));
+ bean.write("/user/scott/.password");
+ System.out.println("ProxiedStatelessBean.write()");
+ bean.remove();
+ logout();
+ }
+
+ public void testProxiedStatefulBean() throws Exception
+ {
+ login();
+ InitialContext jndiContext = new InitialContext();
+ Object obj = jndiContext.lookup("ProxiedStatefulBean");
+ obj = PortableRemoteObject.narrow(obj, IOSessionHome.class);
+ IOSessionHome home = (IOSessionHome) obj;
+ System.out.println("Found ProxiedStatefulBean");
+ IOSession bean = home.create();
+ System.out.println("Created ProxiedStatefulBean");
+ System.out.println("ProxiedStatefulBean.read() ->
"+bean.read("/user/scott/.password"));
+ bean.write("/user/scott/.password");
+ System.out.println("ProxiedStatefulBean.write()");
+ bean.remove();
+ logout();
+ }
+
+ /** Login as user scott using the conf.name login config or
+ 'spec-test' if conf.name is not defined.
+ */
+ private void login() throws Exception
+ {
+ login(username, password);
+ }
+ private void login(String username, char[] password) throws Exception
+ {
+ if( loggedIn )
+ return;
+
+ lc = null;
+ String confName = System.getProperty("conf.name", "spec-test");
+ AppCallbackHandler handler = new AppCallbackHandler(username, password);
+ System.out.println("Creating LoginContext("+confName+")");
+ lc = new LoginContext(confName, handler);
+ lc.login();
+ System.out.println("Created LoginContext, subject="+lc.getSubject());
+ loggedIn = true;
+ }
+ private void logout() throws Exception
+ {
+ if( loggedIn )
+ {
+ loggedIn = false;
+ lc.logout();
+ }
+ }
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
