From: Scott M S. <st...@us...> - 2001-09-09 05:49:07
|
User: starksm Date: 01/09/08 22:49:06 Modified: src/main/org/jboss/test/security/test TestEJBSpec.java Log: Add test of handle security Revision Changes Path 1.13 +54 -7 jbosstest/src/main/org/jboss/test/security/test/TestEJBSpec.java Index: TestEJBSpec.java =================================================================== RCS file: /cvsroot/jboss/jbosstest/src/main/org/jboss/test/security/test/TestEJBSpec.java,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- TestEJBSpec.java 2001/09/07 10:26:44 1.12 +++ TestEJBSpec.java 2001/09/09 05:49:06 1.13 @@ -4,6 +4,7 @@ import java.net.InetAddress; import java.rmi.RemoteException; import javax.ejb.CreateException; +import javax.ejb.Handle; import javax.management.ObjectName; import javax.naming.InitialContext; import javax.naming.NamingException; @@ -34,7 +35,7 @@ deployment unit. These test the basic role based access model. @author Sco...@jb... - @version $Revision: 1.12 $ + @version $Revision: 1.13 $ */ public class TestEJBSpec extends TestCase @@ -243,7 +244,10 @@ } bean.remove(); } - + + /** Test that an MDB with a run-as identity is able to access secure EJBs + that require the identity. + */ public void testMDBRunAs() throws Exception { System.out.println("+++ testMDBRunAs"); @@ -267,6 +271,50 @@ queueConn.close(); } + /** Test the security behavior of handles. To obtain secured bean from + a handle that the handle be + */ + public void testHandle() throws Exception + { + System.out.println("+++ testHandle"); + login(); + InitialContext jndiContext = new InitialContext(); + Object obj = jndiContext.lookup("spec.StatelessSession"); + obj = PortableRemoteObject.narrow(obj, StatelessSessionHome.class); + StatelessSessionHome home = (StatelessSessionHome) obj; + System.out.println("Found StatelessSessionHome"); + StatelessSession bean = home.create(); + System.out.println("Created spec.StatelessSession"); + Handle h = bean.getHandle(); + System.out.println("Obtained handle: "+h); + bean = (StatelessSession) h.getEJBObject(); + System.out.println("Obtained bean from handle: "+bean); + System.out.println("Bean.echo('Hello') -> "+bean.echo("Hello")); + logout(); + + /* Attempting to obtain the EJB fron the handle without security + association present should fail + */ + try + { + bean = (StatelessSession) h.getEJBObject(); + fail("Should not be able to obtain a bean without login info"); + } + catch(Exception e) + { + System.out.println("Obtaining bean from handle failed as expected, e="+e.getMessage()); + } + + // One should be able to obtain a handle without a login + h = bean.getHandle(); + login(); + // Now we should be able to obtain and use the secure bean + bean = (StatelessSession) h.getEJBObject(); + System.out.println("Obtained bean from handle: "+bean); + System.out.println("Bean.echo('Hello') -> "+bean.echo("Hello")); + logout(); + } + /** Login as user scott using the conf.name login config or 'spec-test' if conf.name is not defined. */ @@ -306,8 +354,7 @@ // Ask the deployer for the getWarDeployerName Object[] params = {"other"}; String[] signature = {"java.lang.String"}; - String warDeployerName = (String) server.invoke(jaasMgr, - "flushAuthenticationCache", params, signature); + server.invoke(jaasMgr, "flushAuthenticationCache", params, signature); } /** @@ -317,9 +364,9 @@ { TestSuite suite = new TestSuite(); suite.addTest(new TestSuite(TestEJBSpec.class)); - + final String filename = "security-spec.jar"; - + // Create an initializer for the test suite TestSetup wrapper= new TestSetup(suite) { @@ -334,5 +381,5 @@ } }; return wrapper; - } + } } |