User: user57 Date: 01/08/26 21:48:25 Added: src/resources/security-spec/META-INF ejb-jar.xml jboss.xml Log: o Integrated the testsuite module with the new build system. Revision Changes Path 1.1 jbosstest/src/resources/security-spec/META-INF/ejb-jar.xml Index: ejb-jar.xml =================================================================== <?xml version="1.0"?> <!DOCTYPE ejb-jar PUBLIC "-//Sun Microsystems, Inc.//DTD Enterprise JavaBeans 2.0//EN" "http://java.sun.com/dtd/ejb-jar_2_0.dtd"> <ejb-jar> <display-name>SecurityTests</display-name> <enterprise-beans> <session> <description>A secured project repository stateful session bean</description> <ejb-name>ProjRepository</ejb-name> <home>org.jboss.test.security.interfaces.ProjRepositoryHome</home> <remote>org.jboss.test.security.interfaces.ProjRepository</remote> <ejb-class>org.jboss.test.security.ejb.project.ProjRepositoryBean</ejb-class> <session-type>Stateful</session-type> <transaction-type>Container</transaction-type> </session> <session> <description>A secured trival echo session bean</description> <ejb-name>StatelessSession</ejb-name> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-class>org.jboss.test.security.ejb.StatelessSessionBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <!-- Use the 'EchoCaller' role name in the bean code to test role linking with use of isCallerInRole(). --> <security-role-ref> <role-name>EchoCaller</role-name> <role-link>Echo</role-link> </security-role-ref> </session> <session> <description>A secured trival echo session bean that uses Entity</description> <ejb-name>StatelessSession2</ejb-name> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-class>org.jboss.test.security.ejb.StatelessSessionBean2</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <home>org.jboss.test.security.interfaces.EntityHome</home> <remote>org.jboss.test.security.interfaces.Entity</remote> <ejb-link>Entity</ejb-link> </ejb-ref> <ejb-ref> <ejb-ref-name>ejb/Session</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-link>StatelessSession</ejb-link> </ejb-ref> </session> <session> <description>A secured trival echo session bean that uses PrivateEntity, StatelessSession and itself via a runAs identity</description> <ejb-name>RunAsStatelessSession</ejb-name> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-class>org.jboss.test.security.ejb.StatelessSessionBean3</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <home>org.jboss.test.security.interfaces.EntityHome</home> <remote>org.jboss.test.security.interfaces.Entity</remote> <ejb-link>PrivateEntity</ejb-link> </ejb-ref> <ejb-ref> <ejb-ref-name>ejb/Session</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-link>StatelessSession</ejb-link> </ejb-ref> <security-identity> <description>Use a role that is not assigned to any users to access restricted server side functionallity</description> <run-as> <role-name>InternalRole</role-name> </run-as> </security-identity> </session> <session> <description>An unsecured trival echo session bean</description> <ejb-name>UnsecureStatelessSession</ejb-name> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-class>org.jboss.test.security.ejb.StatelessSessionBean</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> </session> <session> <description>An unsecured trival echo session bean type 2</description> <ejb-name>UnsecureStatelessSession2</ejb-name> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-class>org.jboss.test.security.ejb.StatelessSessionBean2</ejb-class> <session-type>Stateless</session-type> <transaction-type>Container</transaction-type> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <home>org.jboss.test.security.interfaces.EntityHome</home> <remote>org.jboss.test.security.interfaces.Entity</remote> <ejb-link>Entity</ejb-link> </ejb-ref> <ejb-ref> <ejb-ref-name>ejb/Session</ejb-ref-name> <ejb-ref-type>Session</ejb-ref-type> <home>org.jboss.test.security.interfaces.StatelessSessionHome</home> <remote>org.jboss.test.security.interfaces.StatelessSession</remote> <ejb-link>StatelessSession</ejb-link> </ejb-ref> </session> <entity> <description>A trival echo entity bean</description> <ejb-name>Entity</ejb-name> <home>org.jboss.test.security.interfaces.EntityHome</home> <remote>org.jboss.test.security.interfaces.Entity</remote> <ejb-class>org.jboss.test.security.ejb.EntityBeanImpl</ejb-class> <persistence-type>Bean</persistence-type> <prim-key-class>java.lang.String</prim-key-class> <reentrant>False</reentrant> </entity> <entity> <description>A trival echo entity bean that should only be accessible via other beans</description> <ejb-name>PrivateEntity</ejb-name> <home>org.jboss.test.security.interfaces.EntityHome</home> <remote>org.jboss.test.security.interfaces.Entity</remote> <ejb-class>org.jboss.test.security.ejb.EntityBeanImpl</ejb-class> <persistence-type>Bean</persistence-type> <prim-key-class>java.lang.String</prim-key-class> <reentrant>False</reentrant> <security-role-ref> <role-name>InternalRole</role-name> <role-link>InternalRole</role-link> </security-role-ref> </entity> <message-driven> <description>A trival echo entity bean</description> <ejb-name>RunAsMDB</ejb-name> <ejb-class>org.jboss.test.security.ejb.RunAsMDB</ejb-class> <transaction-type>Container</transaction-type> <message-driven-destination> <destination-type>javax.jms.Queue</destination-type> <subscription-durability>NonDurable</subscription-durability> </message-driven-destination> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <ejb-ref-type>Entity</ejb-ref-type> <home>org.jboss.test.security.interfaces.EntityHome</home> <remote>org.jboss.test.security.interfaces.Entity</remote> <ejb-link>PrivateEntity</ejb-link> </ejb-ref> <security-identity> <description>Use a role that is not assigned to any users to access restricted server side functionallity</description> <run-as> <role-name>InternalRole</role-name> </run-as> </security-identity> </message-driven> </enterprise-beans> <assembly-descriptor> <security-role> <description>The role required to invoke the echo method</description> <role-name>Echo</role-name> </security-role> <security-role> <description>The role used to prevent access to the PrivateEntity bean from external users. </description> <role-name>InternalRole</role-name> </security-role> <!-- The methods the Echo role can access --> <method-permission> <role-name>Echo</role-name> <method> <ejb-name>StatelessSession</ejb-name> <method-name>create</method-name> </method> <method> <ejb-name>StatelessSession</ejb-name> <method-name>remove</method-name> </method> <method> <ejb-name>StatelessSession</ejb-name> <method-name>echo</method-name> </method> <method> <ejb-name>StatelessSession</ejb-name> <method-name>npeError</method-name> </method> <method> <ejb-name>StatelessSession2</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>Entity</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>RunAsStatelessSession</ejb-name> <method-name>create</method-name> </method> <method> <ejb-name>RunAsStatelessSession</ejb-name> <method-name>remove</method-name> </method> <method> <ejb-name>RunAsStatelessSession</ejb-name> <method-name>echo</method-name> </method> <method> <ejb-name>RunAsStatelessSession</ejb-name> <method-name>forward</method-name> </method> <method> <ejb-name>RunAsStatelessSession</ejb-name> <method-name>noop</method-name> </method> </method-permission> <!-- The methods the InternalRole role can access --> <method-permission> <role-name>InternalRole</role-name> <method> <ejb-name>PrivateEntity</ejb-name> <method-name>*</method-name> </method> <method> <ejb-name>RunAsStatelessSession</ejb-name> <method-name>excluded</method-name> </method> </method-permission> <!-- Anyone can access the unchecked() method of the StatelessSession bean --> <method-permission> <unchecked/> <method> <ejb-name>StatelessSession</ejb-name> <method-name>unchecked</method-name> </method> </method-permission> <method-permission> <role-name>ProjectUser</role-name> <method> <ejb-name>ProjRepository</ejb-name> <method-name>*</method-name> </method> </method-permission> <!-- No one can access the excluded() method of the StatelessSession and StatelessSession2 beans --> <exclude-list> <description>A method that no one can access in this deployment</description> <method> <ejb-name>StatelessSession</ejb-name> <method-name>excluded</method-name> </method> <method> <ejb-name>StatelessSession2</ejb-name> <method-name>excluded</method-name> </method> </exclude-list> </assembly-descriptor> </ejb-jar> 1.1 jbosstest/src/resources/security-spec/META-INF/jboss.xml Index: jboss.xml =================================================================== <?xml version="1.0"?> <!-- The jboss.xml descriptor for the security-spec.jar ejb unit. This descriptor redefines the JNDI names of the beans in the ejb-jar.xml descriptor so that there is no conflict with the security.jar deployment. --> <jboss> <unauthenticated-principal>nobody</unauthenticated-principal> <container-configurations> <!-- StatelessSession beans are secure by default --> <container-configuration> <container-name>Standard Stateless SessionBean</container-name> <role-mapping-manager>java:/jaas/spec-test</role-mapping-manager> <authentication-module>java:/jaas/spec-test</authentication-module> </container-configuration> <!-- Entity beans are secure by default --> <container-configuration> <container-name>Standard BMP EntityBean</container-name> <role-mapping-manager>java:/jaas/spec-test</role-mapping-manager> <authentication-module>java:/jaas/spec-test</authentication-module> </container-configuration> <!-- A stateless session config that is not secured --> <container-configuration> <container-name>Unsecure Stateless SessionBean</container-name> <call-logging>false</call-logging> <container-invoker>org.jboss.ejb.plugins.jrmp.server.JRMPContainerInvoker</container-invoker> <container-interceptors> <interceptor>org.jboss.ejb.plugins.LogInterceptor</interceptor> <interceptor>org.jboss.ejb.plugins.SecurityInterceptor</interceptor> <!-- CMT --> <interceptor transaction="Container">org.jboss.ejb.plugins.TxInterceptorCMT</interceptor> <interceptor transaction="Container" metricsEnabled="true">org.jboss.ejb.plugins.MetricsInterceptor</interceptor> <interceptor transaction="Container">org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor</interceptor> <!-- BMT --> <interceptor transaction="Bean">org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor</interceptor> <interceptor transaction="Bean">org.jboss.ejb.plugins.TxInterceptorBMT</interceptor> <interceptor transaction="Bean" metricsEnabled="true">org.jboss.ejb.plugins.MetricsInterceptor</interceptor> </container-interceptors> <instance-pool>org.jboss.ejb.plugins.StatelessSessionInstancePool</instance-pool> <instance-cache></instance-cache> <persistence-manager></persistence-manager> <transaction-manager>org.jboss.tm.TxManager</transaction-manager> <container-invoker-conf> <RMIObjectPort>4444</RMIObjectPort> <Optimized>True</Optimized> </container-invoker-conf> <container-pool-conf> <MaximumSize>100</MaximumSize> <MinimumSize>10</MinimumSize> </container-pool-conf> </container-configuration> </container-configurations> <enterprise-beans> <session> <ejb-name>Entity</ejb-name> <jndi-name>spec.Entity</jndi-name> </session> <session> <ejb-name>PrivateEntity</ejb-name> <jndi-name>spec.PrivateEntity</jndi-name> </session> <session> <ejb-name>StatelessSession</ejb-name> <jndi-name>spec.StatelessSession</jndi-name> <configuration-name>Standard Stateless SessionBean</configuration-name> </session> <session> <ejb-name>StatelessSession2</ejb-name> <jndi-name>spec.StatelessSession2</jndi-name> <configuration-name>Standard Stateless SessionBean</configuration-name> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <jndi-name>spec.Entity</jndi-name> </ejb-ref> <ejb-ref> <ejb-ref-name>ejb/Session</ejb-ref-name> <jndi-name>spec.StatelessSession</jndi-name> </ejb-ref> </session> <session> <ejb-name>RunAsStatelessSession</ejb-name> <jndi-name>spec.RunAsStatelessSession</jndi-name> <configuration-name>Standard Stateless SessionBean</configuration-name> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <jndi-name>spec.PrivateEntity</jndi-name> </ejb-ref> <ejb-ref> <ejb-ref-name>ejb/Session</ejb-ref-name> <jndi-name>spec.StatelessSession</jndi-name> </ejb-ref> </session> <session> <ejb-name>UnsecureStatelessSession</ejb-name> <jndi-name>spec.UnsecureStatelessSession</jndi-name> <configuration-name>Unsecure Stateless SessionBean</configuration-name> </session> <session> <ejb-name>UnsecureStatelessSession2</ejb-name> <jndi-name>spec.UnsecureStatelessSession2</jndi-name> <configuration-name>Unsecure Stateless SessionBean</configuration-name> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <jndi-name>spec.Entity</jndi-name> </ejb-ref> <ejb-ref> <ejb-ref-name>ejb/Session</ejb-ref-name> <jndi-name>spec.StatelessSession</jndi-name> </ejb-ref> </session> <message-driven> <ejb-name>RunAsMDB</ejb-name> <configuration-name>Standard Message Driven Bean</configuration-name> <destination-jndi-name>queue/A</destination-jndi-name> <ejb-ref> <ejb-ref-name>ejb/Entity</ejb-ref-name> <jndi-name>spec.PrivateEntity</jndi-name> </ejb-ref> </message-driven> </enterprise-beans> </jboss> _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/jboss-development