public class WebIntegrationUnitTestCase extends JBossTestCase (Code)
Tests of servlet container integration into the JBoss server. This test
requires than a web container be integrated into the JBoss server. The tests
currently do NOT use the java.net.HttpURLConnection and associated http client
and these do not return valid HTTP error codes so if a failure occurs it
is best to connect the webserver using a browser to look for additional error
info.
The secure access tests require a user named 'jduke' with a password of 'theduke'
with a role of 'AuthorizedUser' in the servlet container.
author: Scott.Stark@jboss.org version: $Revision: 62620 $
testUnsecureAnonEJBAccess() Access the http://{host}/jbosstest/UnsecureEJBAccess with method=unchecked
to test that an unsecured servlet can access a secured EJB method that
only requires an authenticated user.
public void
testUnsecureEJBAccess() Access the http://{host}/jbosstest/UnsecureEJBAccess with method=echo
to test that an unsecured servlet cannot access a secured EJB method
that requires a valid permission.
testUnsecureRunAsServletWithPrincipalName() Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalName
to test that an unsecured servlet can access a secured EJB method by using
a run-as role.
public void
testUnsecureRunAsServletWithPrincipalNameAndRoles() Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalNameAndRoles
to test that an unsecured servlet can access a secured EJB method by using
a run-as role.
public void
testUserInRoleServlet() Access the http://{host}/jbosstest/restricted/UserInRoleServlet to
test isUserInRole.
Deploy a second ear that include a notjbosstest-web.war to test ears
with the same war names conflicting.
Access the http://{host}/jbosstest-not2/unrestricted/SecureServlet
JBAS-3279: Authenticated user can bypass declarative role checks for servlets
testUnsecureAnonEJBAccess
public void testUnsecureAnonEJBAccess() throws Exception(Code)
Access the http://{host}/jbosstest/UnsecureEJBAccess with method=unchecked
to test that an unsecured servlet can access a secured EJB method that
only requires an authenticated user. This requires unauthenticated
identity support by the web security domain.
Access the http://{host}/jbosstest/UnsecureEJBAccess with method=echo
to test that an unsecured servlet cannot access a secured EJB method
that requires a valid permission. This should fail.
testUnsecureRunAsServlet
public void testUnsecureRunAsServlet() throws Exception(Code)
testUnsecureRunAsServletWithPrincipalName
public void testUnsecureRunAsServletWithPrincipalName() throws Exception(Code)
Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalName
to test that an unsecured servlet can access a secured EJB method by using
a run-as role. This should also have a custom run-as principal name.
throws: Exception -
testUnsecureRunAsServletWithPrincipalNameAndRoles
public void testUnsecureRunAsServletWithPrincipalNameAndRoles() throws Exception(Code)
Access the http://{host}/jbosstest/UnsecureRunAsServletWithPrincipalNameAndRoles
to test that an unsecured servlet can access a secured EJB method by using
a run-as role. This should also have a custom run-as principal name and
additional roles.
throws: Exception -