Java SecurityTestRemoteView Examples

Programming Language: Java

Examples at hotexamples.com: 2

Java SecurityTestRemoteView - 2 examples found. These are the top rated real world Java examples of SecurityTestRemoteView extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

methodWithNoRole(2)

methodWithSpecificRole(2)

Example #1

Show file

File: MissingMethodPermissionsTestCase.java Project: Chaohua/wildfly

 /**
  * Tests that methods without any explicit security permissions or any entry in the descriptor are
  * denied
  *
  * @throws Exception
  */
 @Test
 public void testDenyAccessByDefaultForMethodsMissingPermissions() throws Exception {
   final SecurityTestRemoteView denyAccessBean =
       InitialContext.doLookup(
           "java:global/"
               + APP_NAME
               + "/"
               + MODULE_THREE_NAME
               + "/"
               + SecuredBeanThree.class.getSimpleName()
               + "!"
               + SecurityTestRemoteView.class.getName());
   // first invoke on a method which has a specific role and that invocation should pass
   final String callerPrincipalName = denyAccessBean.methodWithSpecificRole();
   Assert.assertEquals("Unexpected caller prinicpal", "user1", callerPrincipalName);
   // now invoke on a method which doesn't have an explicit security configuration. The
   // SecuredBeanTwo (deployment) is configured for
   // <missing-method-permissions-deny-access>true</missing-method-permissions-deny-access>
   // so the invocation on such a method is expected to fail
   try {
     denyAccessBean.methodWithNoRole();
     Assert.fail(
         "Invocation on a method with no specific security configurations was expected to fail due to <missing-method-permissions-deny-access>true</missing-method-permissions-deny-access> configuration, but it didn't");
   } catch (EJBAccessException eae) {
     logger.info("Got the expected exception", eae);
   }
 }

Example #2

Show file

File: MissingMethodPermissionsTestCase.java Project: Chaohua/wildfly

 /**
  * Tests that methods without any explicit security permissions on an EJB marked with
  * <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access> are
  * allowed access
  *
  * @throws Exception
  */
 @Test
 public void testAllowAccessForMethodsMissingPermissions() throws Exception {
   final SecurityTestRemoteView allowAccessBean =
       InitialContext.doLookup(
           "java:global/"
               + APP_NAME
               + "/"
               + MODULE_ONE_NAME
               + "/"
               + SecuredBeanOne.class.getSimpleName()
               + "!"
               + SecurityTestRemoteView.class.getName());
   // first invoke on a method which has a specific role and that invocation should pass
   final String callerPrincipalName = allowAccessBean.methodWithSpecificRole();
   Assert.assertEquals("Unexpected caller prinicpal", "user1", callerPrincipalName);
   // now invoke on a method which doesn't have an explicit security configuration. The
   // SecuredBeanOne (deployment) is configured for
   // <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access>
   // so the invocation on such a method is expected to fail
   final String callerPrincipalForMethodWithNoRole = allowAccessBean.methodWithNoRole();
   Assert.assertEquals(
       "Unexpected caller prinicpal when invoking method with no role",
       "user1",
       callerPrincipalForMethodWithNoRole);
 }