Source Code Cross Referenced for SecurityTest.java in  » J2EE » openejb3 » org » apache » openejb » core » security » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /**
002:         * Licensed to the Apache Software Foundation (ASF) under one or more
003:         * contributor license agreements.  See the NOTICE file distributed with
004:         * this work for additional information regarding copyright ownership.
005:         * The ASF licenses this file to You under the Apache License, Version 2.0
006:         * (the "License"); you may not use this file except in compliance with
007:         * the License.  You may obtain a copy of the License at
008:         *
009:         *     http://www.apache.org/licenses/LICENSE-2.0
010:         *
011:         *  Unless required by applicable law or agreed to in writing, software
012:         *  distributed under the License is distributed on an "AS IS" BASIS,
013:         *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014:         *  See the License for the specific language governing permissions and
015:         *  limitations under the License.
016:         */package org.apache.openejb.core.security;
017:
018:        import junit.framework.TestCase;
019:        import org.apache.openejb.core.ivm.naming.InitContextFactory;
020:        import org.apache.openejb.config.ConfigurationFactory;
021:        import org.apache.openejb.assembler.classic.Assembler;
022:        import org.apache.openejb.assembler.classic.ProxyFactoryInfo;
023:        import org.apache.openejb.assembler.classic.TransactionServiceInfo;
024:        import org.apache.openejb.assembler.classic.SecurityServiceInfo;
025:        import org.apache.openejb.assembler.classic.StatelessSessionContainerInfo;
026:        import org.apache.openejb.assembler.classic.EjbJarInfo;
027:        import org.apache.openejb.jee.EjbJar;
028:        import org.apache.openejb.jee.StatelessBean;
029:
030:        import javax.naming.InitialContext;
031:        import javax.naming.Context;
032:        import javax.ejb.Stateless;
033:        import javax.ejb.SessionContext;
034:        import javax.annotation.security.RolesAllowed;
035:        import javax.annotation.security.PermitAll;
036:        import javax.annotation.security.DenyAll;
037:        import javax.annotation.security.RunAs;
038:        import javax.annotation.security.DeclareRoles;
039:        import javax.annotation.Resource;
040:        import java.util.Properties;
041:
042:        /**
043:         * @version $Rev: 602704 $ $Date: 2007-12-09 09:58:22 -0800 $
044:         */
045:        public class SecurityTest extends TestCase {
046:
047:            public void _test() throws Exception {
048:            }
049:
050:            public void test() throws Exception {
051:                System.setProperty(
052:                        javax.naming.Context.INITIAL_CONTEXT_FACTORY,
053:                        InitContextFactory.class.getName());
054:
055:                ConfigurationFactory config = new ConfigurationFactory();
056:                Assembler assembler = new Assembler();
057:
058:                assembler.createProxyFactory(config
059:                        .configureService(ProxyFactoryInfo.class));
060:                assembler.createTransactionManager(config
061:                        .configureService(TransactionServiceInfo.class));
062:
063:                SecurityServiceInfo serviceInfo = new SecurityServiceInfo();
064:                serviceInfo.service = "SecurityService";
065:                serviceInfo.className = SecurityServiceImpl.class.getName();
066:                serviceInfo.id = "New Security Service";
067:                serviceInfo.properties = new Properties();
068:
069:                assembler.createSecurityService(serviceInfo);
070:
071:                // containers
072:                assembler.createContainer(config
073:                        .configureService(StatelessSessionContainerInfo.class));
074:
075:                EjbJar ejbJar = new EjbJar("SecurityTest");
076:
077:                ejbJar.addEnterpriseBean(new StatelessBean(FooBean.class));
078:                ejbJar.addEnterpriseBean(new StatelessBean(BarBean.class));
079:
080:                EjbJarInfo ejbJarInfo = config.configureApplication(ejbJar);
081:
082:                assembler.createApplication(ejbJarInfo);
083:
084:                Properties props = new Properties();
085:                props.setProperty(Context.SECURITY_PRINCIPAL, "jonathan");
086:                props.setProperty(Context.SECURITY_CREDENTIALS, "secret");
087:
088:                InitialContext ctx = new InitialContext(props);
089:
090:                Project foo = (Project) ctx.lookup("FooBeanLocal");
091:
092:                foo.svnCheckout("");
093:
094:                foo.svnCommit("");
095:
096:                try {
097:                    foo.deleteProject("");
098:                    fail("Should not be allowed");
099:                } catch (Exception e) {
100:                    // good.
101:                }
102:
103:                assertTrue("not in role committer", foo
104:                        .isCallerInRole("committer"));
105:                assertTrue("not in role community", foo
106:                        .isCallerInRole("community"));
107:                assertFalse("in role contributor", foo
108:                        .isCallerInRole("contributor"));
109:
110:                //        Project bar = (Project) ctx.lookup("BarBeanLocal");
111:                //
112:                //        bar.svnCheckout("");
113:                //
114:                //        try {
115:                //            bar.svnCommit("");
116:                //            fail("Should not be allowed");
117:                //        } catch (Exception e) {
118:                //            // good
119:                //        }
120:                //
121:                //        try {
122:                //            bar.deleteProject("");
123:                //            fail("Should not be allowed");
124:                //        } catch (Exception e) {
125:                //            // good.
126:                //        }
127:                //
128:                //        assertFalse("in role committer", bar.isCallerInRole("committer"));
129:                //        assertFalse("in role community", bar.isCallerInRole("community"));
130:                //        assertTrue("not in role contributor", bar.isCallerInRole("contributor"));
131:
132:            }
133:
134:            @Stateless
135:            @DeclareRoles({"committer","contributor","community"})
136:            public static class FooBean implements  Project {
137:
138:                @Resource
139:                private SessionContext context;
140:
141:                @RolesAllowed({"committer"})
142:                public String svnCommit(String s) {
143:                    return s;
144:                }
145:
146:                @RolesAllowed({"committer","contributor"})
147:                public String submitPatch(String s) {
148:                    return s;
149:                }
150:
151:                @PermitAll
152:                public String svnCheckout(String s) {
153:                    return s;
154:                }
155:
156:                @DenyAll
157:                public String deleteProject(String s) {
158:                    return s;
159:                }
160:
161:                public boolean isCallerInRole(String role) {
162:                    return context.isCallerInRole(role);
163:                }
164:            }
165:
166:            @Stateless
167:            @RunAs("contributor")
168:            @DeclareRoles({"committer","contributor","community"})
169:            public static class BarBean implements  Project {
170:
171:                @Resource
172:                private SessionContext context;
173:
174:                @RolesAllowed({"committer"})
175:                public String svnCommit(String s) {
176:                    return s;
177:                }
178:
179:                @RolesAllowed({"committer","contributor"})
180:                public String submitPatch(String s) {
181:                    return s;
182:                }
183:
184:                @PermitAll
185:                public String svnCheckout(String s) {
186:                    return s;
187:                }
188:
189:                @DenyAll
190:                public String deleteProject(String s) {
191:                    return s;
192:                }
193:
194:                @PermitAll
195:                public boolean isCallerInRole(String role) {
196:                    return context.isCallerInRole(role);
197:                }
198:            }
199:
200:            public static interface Project {
201:
202:                public String svnCommit(String s);
203:
204:                public String submitPatch(String s);
205:
206:                public String svnCheckout(String s);
207:
208:                public String deleteProject(String s);
209:
210:                public boolean isCallerInRole(String s);
211:            }
212:        }