001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.jca.securedejb;
023:
024: import java.rmi.RemoteException;
025: import java.sql.Connection;
026: import java.sql.SQLException;
027: import java.security.Principal;
028: import javax.ejb.SessionBean;
029: import javax.ejb.SessionContext;
030: import javax.ejb.EJBException;
031: import javax.naming.InitialContext;
032: import javax.naming.directory.DirContext;
033: import javax.sql.DataSource;
034:
035: import org.jboss.logging.Logger;
036: import org.jboss.test.jca.fs.DirContextFactory;
037:
038: /** An ejb for testing the ejb caller identity propagation
039: *
040: * @author Scott.Stark@jboss.org
041: * @version $Revision: 57211 $
042: */
043: public class CallerIdentityBean implements SessionBean {
044: static Logger log = Logger.getLogger(CallerIdentityBean.class);
045: private SessionContext ctx;
046:
047: public void ejbCreate() {
048: }
049:
050: public void ejbActivate() {
051: }
052:
053: public void ejbPassivate() throws RemoteException {
054: }
055:
056: public void ejbRemove() throws RemoteException {
057: }
058:
059: public void setSessionContext(SessionContext ctx)
060: throws RemoteException {
061: this .ctx = ctx;
062: }
063:
064: public void unsetSessionContext() throws RemoteException {
065: this .ctx = null;
066: }
067:
068: public void useCallerForAuth() {
069: try {
070: Principal caller = ctx.getCallerPrincipal();
071: String name0 = caller.getName();
072: boolean isCallerIdentityUser = ctx
073: .isCallerInRole("CallerIdentityUser");
074: boolean isUseCallerForAuth = ctx
075: .isCallerInRole("UseCallerForAuth");
076: log.info("useCallerForAuth#0, caller=" + caller
077: + ", isCallerIdentityUser=" + isCallerIdentityUser
078: + ", isUseCallerForAuth=" + isUseCallerForAuth);
079: InitialContext enc = new InitialContext();
080: DataSource ds = (DataSource) enc
081: .lookup("java:comp/env/jdbc/CallerIdentityDS");
082: testConnection(ds);
083: caller = ctx.getCallerPrincipal();
084: String name1 = caller.getName();
085: isCallerIdentityUser = ctx
086: .isCallerInRole("CallerIdentityUser");
087: isUseCallerForAuth = ctx.isCallerInRole("UseCallerForAuth");
088: log.info("useCallerForAuth#1, caller=" + caller
089: + ", isCallerIdentityUser=" + isCallerIdentityUser
090: + ", isUseCallerForAuth=" + isUseCallerForAuth);
091: if (name0.equals(name1) == false)
092: throw new EJBException(name0 + " != " + name1);
093: if (isCallerIdentityUser == false
094: || isUseCallerForAuth == false)
095: throw new EJBException(
096: "Lost CallerIdentityUser, UseCallerForAuth roles");
097: } catch (Exception e) {
098: e.fillInStackTrace();
099: throw new EJBException(e);
100: }
101: }
102:
103: public void useConfiguredForAuth() {
104: try {
105: Principal caller = ctx.getCallerPrincipal();
106: String name0 = caller.getName();
107: boolean isCallerIdentityUser = ctx
108: .isCallerInRole("CallerIdentityUser");
109: boolean isUseConfiguredForAuth = ctx
110: .isCallerInRole("UseConfiguredForAuth");
111: log.info("useConfiguredForAuth#0, caller=" + caller
112: + ", isCallerIdentityUser=" + isCallerIdentityUser
113: + ", isUseConfiguredForAuth="
114: + isUseConfiguredForAuth);
115: InitialContext enc = new InitialContext();
116: DataSource ds = (DataSource) enc
117: .lookup("java:comp/env/jdbc/ConfiguredIdentityDS");
118: testConnection(ds);
119: caller = ctx.getCallerPrincipal();
120: String name1 = caller.getName();
121: isCallerIdentityUser = ctx
122: .isCallerInRole("CallerIdentityUser");
123: isUseConfiguredForAuth = ctx
124: .isCallerInRole("UseConfiguredForAuth");
125: log.info("useConfiguredForAuth#1, caller=" + caller
126: + ", isCallerIdentityUser=" + isCallerIdentityUser
127: + ", isUseConfiguredForAuth="
128: + isUseConfiguredForAuth);
129: if (name0.equals(name1) == false)
130: throw new EJBException(name0 + " != " + name1);
131: if (isCallerIdentityUser == false
132: || isUseConfiguredForAuth == false)
133: throw new EJBException(
134: "Lost CallerIdentityUser, UseConfiguredForAuth roles");
135:
136: // Access the connection again
137: ds = (DataSource) enc
138: .lookup("java:comp/env/jdbc/ConfiguredIdentityDS");
139: for (int n = 0; n < 1000; n++) {
140: testConnection(ds);
141: }
142: caller = ctx.getCallerPrincipal();
143: String name2 = caller.getName();
144: isCallerIdentityUser = ctx
145: .isCallerInRole("CallerIdentityUser");
146: isUseConfiguredForAuth = ctx
147: .isCallerInRole("UseConfiguredForAuth");
148: log.info("useRunAsForAuthDS#2, caller=" + caller
149: + ", isCallerIdentityUser=" + isCallerIdentityUser
150: + ", isUseConfiguredForAuth="
151: + isUseConfiguredForAuth);
152: if (name0.equals(name2) == false)
153: throw new EJBException(name0 + " != " + name2);
154: if (isCallerIdentityUser == false
155: || isUseConfiguredForAuth == false)
156: throw new EJBException(
157: "Lost CallerIdentityUser, UseConfiguredForAuth roles");
158: } catch (Exception e) {
159: throw new EJBException(e);
160: }
161: }
162:
163: public void useRunAsForAuthDS() {
164: try {
165: Principal caller = ctx.getCallerPrincipal();
166: String name0 = caller.getName();
167: boolean isCallerIdentityUser = ctx
168: .isCallerInRole("CallerIdentityUser");
169: boolean isUseConfiguredForAuth = ctx
170: .isCallerInRole("UseConfiguredForAuth");
171: log.info("useRunAsForAuthDS#0, caller=" + caller
172: + ", isCallerIdentityUser=" + isCallerIdentityUser
173: + ", isUseConfiguredForAuth="
174: + isUseConfiguredForAuth);
175: InitialContext enc = new InitialContext();
176: DataSource ds = (DataSource) enc
177: .lookup("java:comp/env/jdbc/RunAsIdentityDS");
178: testConnection(ds);
179: caller = ctx.getCallerPrincipal();
180: String name1 = caller.getName();
181: isCallerIdentityUser = ctx
182: .isCallerInRole("CallerIdentityUser");
183: isUseConfiguredForAuth = ctx
184: .isCallerInRole("UseConfiguredForAuth");
185: log.info("useRunAsForAuthDS#1, caller=" + caller
186: + ", isCallerIdentityUser=" + isCallerIdentityUser
187: + ", isUseConfiguredForAuth="
188: + isUseConfiguredForAuth);
189: if (name0.equals(name1) == false)
190: throw new EJBException(name0 + " != " + name1);
191: if (isCallerIdentityUser == false
192: || isUseConfiguredForAuth == false)
193: throw new EJBException(
194: "Lost CallerIdentityUser, UseConfiguredForAuth roles");
195:
196: // Access the connection again
197: ds = (DataSource) enc
198: .lookup("java:comp/env/jdbc/RunAsIdentityDS");
199: for (int n = 0; n < 1000; n++) {
200: testConnection(ds);
201: }
202: caller = ctx.getCallerPrincipal();
203: String name2 = caller.getName();
204: isCallerIdentityUser = ctx
205: .isCallerInRole("CallerIdentityUser");
206: isUseConfiguredForAuth = ctx
207: .isCallerInRole("UseConfiguredForAuth");
208: log.info("useRunAsForAuthDS#2, caller=" + caller
209: + ", isCallerIdentityUser=" + isCallerIdentityUser
210: + ", isUseConfiguredForAuth="
211: + isUseConfiguredForAuth);
212: if (name0.equals(name2) == false)
213: throw new EJBException(name0 + " != " + name2);
214: if (isCallerIdentityUser == false
215: || isUseConfiguredForAuth == false)
216: throw new EJBException(
217: "Lost CallerIdentityUser, UseConfiguredForAuth roles");
218: } catch (Exception e) {
219: throw new EJBException(e);
220: }
221: }
222:
223: public void useRunAsForAuthFS() {
224: try {
225: Principal caller = ctx.getCallerPrincipal();
226: String name0 = caller.getName();
227: boolean isCallerIdentityUser = ctx
228: .isCallerInRole("CallerIdentityUser");
229: boolean isUseConfiguredForAuth = ctx
230: .isCallerInRole("UseConfiguredForAuth");
231: log.info("useRunAsForAuthFS#0, caller=" + caller
232: + ", isCallerIdentityUser=" + isCallerIdentityUser
233: + ", isUseConfiguredForAuth="
234: + isUseConfiguredForAuth);
235: InitialContext enc = new InitialContext();
236: DirContextFactory dcf = (DirContextFactory) enc
237: .lookup("java:comp/env/jndi/RunAsIdentityFS");
238: DirContext dc = dcf.getConnection();
239: caller = ctx.getCallerPrincipal();
240: dc.close();
241: String name1 = caller.getName();
242: isCallerIdentityUser = ctx
243: .isCallerInRole("CallerIdentityUser");
244: isUseConfiguredForAuth = ctx
245: .isCallerInRole("UseConfiguredForAuth");
246: log.info("useRunAsForAuthFS#1, caller=" + caller
247: + ", isCallerIdentityUser=" + isCallerIdentityUser
248: + ", isUseConfiguredForAuth="
249: + isUseConfiguredForAuth);
250: if (name0.equals(name1) == false)
251: throw new EJBException(name0 + " != " + name1);
252: if (isCallerIdentityUser == false
253: || isUseConfiguredForAuth == false)
254: throw new EJBException(
255: "Lost CallerIdentityUser, UseConfiguredForAuth roles");
256: for (int n = 0; n < 1000; n++) {
257: dc = dcf.getConnection();
258: dc.close();
259: }
260: String name2 = caller.getName();
261: isCallerIdentityUser = ctx
262: .isCallerInRole("CallerIdentityUser");
263: isUseConfiguredForAuth = ctx
264: .isCallerInRole("UseConfiguredForAuth");
265: log.info("useRunAsForAuthFS#1, caller=" + caller
266: + ", isCallerIdentityUser=" + isCallerIdentityUser
267: + ", isUseConfiguredForAuth="
268: + isUseConfiguredForAuth);
269: if (name0.equals(name2) == false)
270: throw new EJBException(name0 + " != " + name2);
271: if (isCallerIdentityUser == false
272: || isUseConfiguredForAuth == false)
273: throw new EJBException(
274: "Lost CallerIdentityUser, UseConfiguredForAuth roles");
275: } catch (Exception e) {
276: throw new EJBException(e);
277: }
278: }
279:
280: private void testConnection(DataSource ds) throws SQLException {
281: Connection conn = ds.getConnection();
282: conn.close();
283: }
284: }
|