Source Code Cross Referenced for DeepCopySubjectUnitTestCase.java in  » EJB-Server-JBoss-4.2.1 » testsuite » org » jboss » test » security » test » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:         * JBoss, Home of Professional Open Source.
003:         * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004:         * as indicated by the @author tags. See the copyright.txt file in the
005:         * distribution for a full listing of individual contributors.
006:         *
007:         * This is free software; you can redistribute it and/or modify it
008:         * under the terms of the GNU Lesser General Public License as
009:         * published by the Free Software Foundation; either version 2.1 of
010:         * the License, or (at your option) any later version.
011:         *
012:         * This software is distributed in the hope that it will be useful,
013:         * but WITHOUT ANY WARRANTY; without even the implied warranty of
014:         * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015:         * Lesser General Public License for more details.
016:         *
017:         * You should have received a copy of the GNU Lesser General Public
018:         * License along with this software; if not, write to the Free
019:         * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020:         * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021:         */
022:        package org.jboss.test.security.test;
023:
024:        import java.net.HttpURLConnection;
025:        import java.net.URL;
026:        import java.util.Set;
027:
028:        import javax.management.ObjectName;
029:
030:        import junit.framework.Test;
031:        import junit.framework.TestSuite;
032:
033:        import org.jboss.security.NestableGroup;
034:        import org.jboss.security.NestablePrincipal;
035:        import org.jboss.security.RunAsIdentity;
036:        import org.jboss.security.SimpleGroup;
037:        import org.jboss.security.SimplePrincipal;
038:        import org.jboss.test.JBossTestCase;
039:        import org.jboss.test.JBossTestSetup;
040:        import org.jboss.test.util.web.HttpUtils;
041:
042:        //$Id: DeepCopySubjectUnitTestCase.java 57211 2006-09-26 12:39:46Z dimitris@jboss.org $
043:
044:        /**
045:         *  JBAS-2657: Add option to deep copy the authenticated subject sets
046:         *  
047:         *  Testcase that unit tests the cloneability of various JBossSX 
048:         *  Principal/Groups
049:         *  Also does a test of the serverside Subject deep copy via a mutable
050:         *  Principal
051:         *  @author <a href="mailto:Anil.Saldhana@jboss.org">Anil Saldhana</a>
052:         *  @since  Apr 4, 2006
053:         *  @version $Revision: 57211 $
054:         */
055:        public class DeepCopySubjectUnitTestCase extends JBossTestCase {
056:            public static String REALM = "JBossTest Servlets";
057:
058:            public DeepCopySubjectUnitTestCase(String name) {
059:                super (name);
060:            }
061:
062:            /**
063:             * Test the cloneability of Nestable Principal
064:             * 
065:             * @throws Exception
066:             */
067:            public void testCloneNestablePrincipal() throws Exception {
068:                SimplePrincipal sp1 = new SimplePrincipal("sp1");
069:                SimplePrincipal sp2 = new SimplePrincipal("sp2");
070:                NestablePrincipal np = new NestablePrincipal("TestStack");
071:                //Add principals to the NestablePrincipal
072:                np.addMember(sp1);
073:                np.addMember(sp2);
074:                assertTrue("np.isMember(sp2)", np.isMember(sp2));
075:
076:                //Clone the NestablePrincipal
077:                NestablePrincipal clonedNP = (NestablePrincipal) np.clone();
078:
079:                //Remove a principal from the orig NestablePrincipal
080:                np.removeMember(sp2);
081:                //Only the active principal is valid
082:                assertFalse("np.isMember(sp2) == false", np.isMember(sp2));
083:                assertTrue("np.isMember(sp1)", np.isMember(sp1));
084:                //Check that the cloned NestablePrincipal is not affected
085:                assertTrue("clonedNP.isMember(sp2)", clonedNP.isMember(sp2));
086:            }
087:
088:            /**
089:             * Test the Cloneability of NestableGroup
090:             * 
091:             * @throws Exception
092:             */
093:            public void testCloneNestableGroup() throws Exception {
094:                SimplePrincipal sp1 = new SimplePrincipal("sp1");
095:                SimplePrincipal sp2 = new SimplePrincipal("sp2");
096:
097:                SimpleGroup sg1 = new SimpleGroup("sg1");
098:                SimpleGroup sg2 = new SimpleGroup("sg1");
099:                sg1.addMember(sp1);
100:                sg2.addMember(sp2);
101:                NestableGroup ng = new NestableGroup("TestGroup");
102:                //Add principals to the NestablePrincipal
103:                ng.addMember(sg1);
104:                ng.addMember(sg2);
105:                assertTrue("ng.isMember(sp2)", ng.isMember(sp2));
106:
107:                //Clone the NestableGroup
108:                NestableGroup clonedNP = (NestableGroup) ng.clone();
109:
110:                //Remove a group from the orig NestableGroup
111:                ng.removeMember(sg2);
112:                //Only the active principal is valid
113:                assertFalse("ng.isMember(sp2) == false", ng.isMember(sp2));
114:                assertTrue("ng.isMember(sp1)", ng.isMember(sp1));
115:                //Check that the cloned NestablePrincipal is not affected
116:                assertTrue("clonedNP.isMember(sp2)", clonedNP.isMember(sp2));
117:            }
118:
119:            /**
120:             * Test the cloneability of Simple Group
121:             * 
122:             * @throws Exception
123:             */
124:            public void testCloneSimpleGroup() throws Exception {
125:                SimplePrincipal sp1 = new SimplePrincipal("sp1");
126:                SimplePrincipal sp2 = new SimplePrincipal("sp2");
127:
128:                SimpleGroup sg = new SimpleGroup("sg1");
129:                sg.addMember(sp1);
130:                sg.addMember(sp2);
131:                assertTrue("sg.isMember(sp1)", sg.isMember(sp1));
132:                assertTrue("sg.isMember(sp2)", sg.isMember(sp2));
133:
134:                //Clone
135:                SimpleGroup clonedSP = (SimpleGroup) sg.clone();
136:                sg.removeMember(sp2);
137:
138:                //Only the active principal is valid
139:                assertFalse("sg.isMember(sp2) == false", sg.isMember(sp2));
140:                assertTrue("sg.isMember(sp1)", sg.isMember(sp1));
141:                //Check that the cloned SimpleGroup is not affected
142:                assertTrue("clonedSP.isMember(sp2)", clonedSP.isMember(sp2));
143:            }
144:
145:            /**
146:             * Test the cloneability of RunAsIdentity
147:             * 
148:             * @throws Exception
149:             */
150:            public void testCloneRunAsIdentity() throws Exception {
151:                SimplePrincipal sp1 = new SimplePrincipal("sp1");
152:                SimplePrincipal sp2 = new SimplePrincipal("sp2");
153:                RunAsIdentity ras = new RunAsIdentity("testRole", "testUser");
154:                //There is no need to test the set of run-as roles
155:                //as each time, a new HashSet is returned
156:                Set principalSet = ras.getPrincipalsSet();
157:                principalSet.add(sp1);
158:                principalSet.add(sp2);
159:                //Clone
160:                RunAsIdentity rasClone = (RunAsIdentity) ras.clone();
161:                principalSet.remove(sp1);
162:                assertFalse("principalSet.contains(sp1)==false", principalSet
163:                        .contains(sp1));
164:
165:                Set clonedPrincipalSet = rasClone.getPrincipalsSet();
166:                assertTrue("clonedPrincipalSet.contains(sp1)",
167:                        clonedPrincipalSet.contains(sp1));
168:                assertTrue("clonedPrincipalSet.contains(sp2)",
169:                        clonedPrincipalSet.contains(sp2));
170:            }
171:
172:            /**
173:             * Test the Deep Copy of Subjects by the JaasSecurityManager
174:             * via a test servlet deployed
175:             * 
176:             * @throws Exception
177:             */
178:            public void testSubjectCloning() throws Exception {
179:                flagDeepCopy(Boolean.FALSE);
180:                accessWeb(true);
181:                flagDeepCopy(Boolean.TRUE);
182:                this .redeploy("deepcopy.ear");
183:                accessWeb(false);
184:                flagDeepCopy(Boolean.FALSE);
185:                this .redeploy("deepcopy.ear");
186:                accessWeb(true);
187:            }
188:
189:            /**
190:             * Turn the deep copy of subjects on the JaasSecurityManagerService
191:             * ON or OFF based on the flag
192:             * 
193:             * @param flag Boolean.TRUE or Boolean.FALSE
194:             * @throws Exception
195:             */
196:            private void flagDeepCopy(Boolean flag) throws Exception {
197:                this .getServer().invoke(
198:                        new ObjectName(
199:                                "jboss.security:service=JaasSecurityManager"),
200:                        "setDeepCopySubjectMode", new Object[] { flag },
201:                        new String[] { Boolean.TYPE.getName() });
202:            }
203:
204:            /**
205:             * Utility method that accesses the secured servlet 
206:             * @param shouldMatch Parameter to be passed to the web app
207:             * @throws Exception
208:             */
209:            private void accessWeb(boolean shouldMatch) throws Exception {
210:                //Access the SecureServletSecureEJB servlet
211:                String baseURL = HttpUtils.getBaseURL("scott", "echoman");
212:                //Test the Restricted servlet
213:                URL url = new URL(baseURL
214:                        + "deepcopy/DeepCopyServlet?shouldMatch=" + shouldMatch);
215:                HttpUtils.accessURL(url, REALM, HttpURLConnection.HTTP_OK);
216:            }
217:
218:            public static Test suite() throws Exception {
219:                TestSuite suite = new TestSuite();
220:                suite.addTest(new TestSuite(DeepCopySubjectUnitTestCase.class));
221:
222:                // Create an initializer for the test suite
223:                Test wrapper = new JBossTestSetup(suite) {
224:                    protected void setUp() throws Exception {
225:                        super .setUp();
226:                        deploy("deepcopy.ear");
227:                        // Make sure the security cache is clear
228:                        flushAuthCache();
229:                    }
230:
231:                    protected void tearDown() throws Exception {
232:                        undeploy("deepcopy.ear");
233:                        super.tearDown();
234:                    }
235:                };
236:                return wrapper;
237:            }
238:        }