001: /*
002: * JBoss, Home of Professional Open Source.
003: * Copyright 2006, Red Hat Middleware LLC, and individual contributors
004: * as indicated by the @author tags. See the copyright.txt file in the
005: * distribution for a full listing of individual contributors.
006: *
007: * This is free software; you can redistribute it and/or modify it
008: * under the terms of the GNU Lesser General Public License as
009: * published by the Free Software Foundation; either version 2.1 of
010: * the License, or (at your option) any later version.
011: *
012: * This software is distributed in the hope that it will be useful,
013: * but WITHOUT ANY WARRANTY; without even the implied warranty of
014: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015: * Lesser General Public License for more details.
016: *
017: * You should have received a copy of the GNU Lesser General Public
018: * License along with this software; if not, write to the Free
019: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
021: */
022: package org.jboss.test.webservice.jbws309;
023:
024: import java.io.File;
025: import java.rmi.RemoteException;
026:
027: import javax.naming.InitialContext;
028: import javax.xml.namespace.QName;
029: import javax.xml.rpc.Call;
030: import javax.xml.rpc.Service;
031: import javax.xml.rpc.ServiceFactory;
032: import javax.xml.rpc.Stub;
033:
034: import junit.framework.Test;
035:
036: import org.jboss.security.SecurityAssociation;
037: import org.jboss.security.SimplePrincipal;
038: import org.jboss.test.webservice.WebserviceTestBase;
039:
040: /**
041: * Authorization Error using JBossWS together with JACC
042: *
043: * http://jira.jboss.org/jira/browse/JBWS-309
044: *
045: * This test should be run against the jacc configuration.
046: * It should also succedd with standard jboss authentication (no jacc) enabled.
047: *
048: * @author Thomas.Diesler@jboss.org
049: * @since 08-Jul-2005
050: */
051: public class JBWS309TestCase extends WebserviceTestBase {
052: private static final String nsURI = "http://org.jboss.test.webservice/jbws309";
053: private static final String USERNAME = "kermit";
054: private static final String PASSWORD = "thefrog";
055:
056: public JBWS309TestCase(String name) {
057: super (name);
058: }
059:
060: /** Deploy the test */
061: public static Test suite() throws Exception {
062: return getDeploySetup(JBWS309TestCase.class,
063: "ws4ee-jbws309.jar, ws4ee-jbws309-client.jar");
064: }
065:
066: protected void setUp() throws Exception {
067: super .setUp();
068: SecurityAssociation.setPrincipal(null);
069: SecurityAssociation.setCredential(null);
070: }
071:
072: /** Test required principal/credential for this bean
073: */
074: public void testRoleSecuredSLSB() throws Exception {
075: InitialContext iniCtx = getClientContext();
076: OrganizationHome home = (OrganizationHome) iniCtx
077: .lookup("ejb/RoleSecuredSLSB");
078:
079: OrganizationRemote bean = null;
080: try {
081: bean = home.create();
082: fail("Security exception expected");
083: } catch (Exception e) {
084: // all cool, now try again with valid credentials
085: SecurityAssociation.setPrincipal(new SimplePrincipal(
086: USERNAME));
087: SecurityAssociation.setCredential(PASSWORD);
088: bean = home.create();
089: }
090:
091: String info = bean.getContactInfo("mafia");
092: assertEquals(
093: "The 'mafia' boss is currently out of office, please call again.",
094: info);
095: }
096:
097: /** Test that the remote access to this bean is unchecked
098: */
099: public void testBasicSecuredSLSB() throws Exception {
100: InitialContext iniCtx = getClientContext();
101: OrganizationHome home = (OrganizationHome) iniCtx
102: .lookup("ejb/BasicSecuredSLSB");
103:
104: OrganizationRemote bean = home.create();
105: String info = bean.getContactInfo("mafia");
106: assertEquals(
107: "The 'mafia' boss is currently out of office, please call again.",
108: info);
109: }
110:
111: public void testBasicSecuredServiceAccess() throws Exception {
112: InitialContext iniCtx = getClientContext();
113: Service service = (Service) iniCtx
114: .lookup("java:comp/env/service/BasicSecured");
115: Organization endpoint = (Organization) service.getPort(
116: new QName(nsURI, "BasicSecuredPort"),
117: Organization.class);
118:
119: try {
120: endpoint.getContactInfo("mafia");
121: fail("Security exception expected");
122: } catch (RemoteException ignore) {
123: // ignore expected exception
124: }
125:
126: Stub stub = (Stub) endpoint;
127: stub._setProperty(Stub.USERNAME_PROPERTY, USERNAME);
128: stub._setProperty(Stub.PASSWORD_PROPERTY, PASSWORD);
129:
130: String info = endpoint.getContactInfo("mafia");
131: assertEquals(
132: "The 'mafia' boss is currently out of office, please call again.",
133: info);
134: }
135:
136: /**
137: * DII client access a WSDL using basic auth
138: *
139: * http://jira.jboss.org/jira/browse/JBWS-483
140: */
141: public void testBasicSecuredDIIAccess() throws Exception {
142: String targetAddress = "http://" + getServerHost()
143: + ":8080/ws4ee-jbws309/BasicSecured";
144:
145: File wsdlFile = new File(
146: "resources/webservice/jbws309/META-INF/wsdl/OrganizationService.wsdl");
147: assertTrue("wsdl file exists", wsdlFile.exists());
148:
149: ServiceFactory factory = ServiceFactory.newInstance();
150: Service service = factory.createService(wsdlFile.toURL(),
151: new QName(nsURI, "OrganizationService"));
152: Call call = service.createCall(new QName(nsURI,
153: "BasicSecuredPort"), "getContactInfo");
154: call.setTargetEndpointAddress(targetAddress);
155:
156: try {
157: call.invoke(new Object[] { "mafia" });
158: fail("Security exception expected");
159: } catch (RemoteException ignore) {
160: // ignore expected exception
161: }
162:
163: call.setProperty(Stub.USERNAME_PROPERTY, USERNAME);
164: call.setProperty(Stub.PASSWORD_PROPERTY, PASSWORD);
165:
166: Object retObj = call.invoke(new Object[] { "mafia" });
167: assertEquals(
168: "The 'mafia' boss is currently out of office, please call again.",
169: retObj);
170: }
171:
172: public void testRoleSecuredServiceAccess() throws Exception {
173: InitialContext iniCtx = getClientContext();
174: Service service = (Service) iniCtx
175: .lookup("java:comp/env/service/RoleSecured");
176: Organization endpoint = (Organization) service
177: .getPort(new QName(nsURI, "RoleSecuredPort"),
178: Organization.class);
179:
180: try {
181: endpoint.getContactInfo("mafia");
182: fail("Security exception expected");
183: } catch (RemoteException ignore) {
184: // ignore expected exception
185: }
186:
187: Stub stub = (Stub) endpoint;
188: stub._setProperty(Stub.USERNAME_PROPERTY, USERNAME);
189: stub._setProperty(Stub.PASSWORD_PROPERTY, PASSWORD);
190:
191: String info = endpoint.getContactInfo("mafia");
192: assertEquals(
193: "The 'mafia' boss is currently out of office, please call again.",
194: info);
195: }
196: }
|