Example #1
0
  /**
   * All methods should have a
   *
   * @param descriptor the Enterprise Java Bean deployment descriptor
   * @return <code>Result</code> the results for this assertion
   */
  public Result check(EjbDescriptor descriptor) {

    result = getInitializedResult();
    //        boolean oneFailed = false;

    try {
      if (descriptor instanceof EjbSessionDescriptor || descriptor instanceof EjbEntityDescriptor) {

        Set methods = descriptor.getMethodDescriptors();
        //		 Set methodPermissions = new HashSet();
        boolean noPermissions = false;

        for (Iterator i = methods.iterator(); i.hasNext(); ) {
          MethodDescriptor md = (MethodDescriptor) i.next();
          Set permissions = descriptor.getMethodPermissionsFor(md);
          if (permissions.isEmpty() || (permissions == null)) {
            result.addWarningDetails(
                smh.getLocalString(
                    getClass().getName() + ".failed",
                    "Warning: Method [ {0} ] of EJB [ {1} ] does not have assigned security-permissions",
                    new Object[] {md.getName(), descriptor.getName()}));
            result.setStatus(result.WARNING);
            noPermissions = true;
          }
        }

        if (!noPermissions) {
          result.passed(
              smh.getLocalString(
                  getClass().getName() + ".passed",
                  "Valid: All [ {0} ]EJB  interfaces methods have security-permissions assigned.",
                  new Object[] {descriptor.getName()}));
        }

      } else {
        result.notApplicable(
            smh.getLocalString(
                getClass().getName() + ".notApplicable",
                "The bean [ {0} ] is neither a Session nor Entity Bean",
                new Object[] {descriptor.getName()}));
        return result;
      }
    } catch (Exception e) {
      result.failed(
          smh.getLocalString(
              getClass().getName() + ".exception",
              "The test generated the following exception [ {0} ]",
              new Object[] {e.getLocalizedMessage()}));
    }
    return result;
  }
Example #2
0
 public Result check(EjbDescriptor descriptor) {
   Result result = getInitializedResult();
   ComponentNameConstructor compName = getVerifierContext().getComponentNameConstructor();
   boolean oneFailed = false;
   try {
     Set resRef = descriptor.getResourceReferenceDescriptors();
     if (!(resRef.isEmpty())) {
       Iterator it = resRef.iterator();
       while (it.hasNext()) {
         ResourceReferenceDescriptor resDesc = ((ResourceReferenceDescriptor) it.next());
         String refName = resDesc.getName();
         if (refName == null || refName.length() == 0) {
           addErrorDetails(result, compName);
           result.failed(
               smh.getLocalString(
                   getClass().getName() + ".failed",
                   "FAILED [AS-EJB resource-ref] : resource-ref has empty res-ref-name"));
         } else {
           addGoodDetails(result, compName);
           result.passed(
               smh.getLocalString(
                   getClass().getName() + ".passed",
                   "PASSED [AS-EJB resource-ref] : res-ref-name is {0}",
                   new Object[] {refName}));
         }
       }
     } else {
       addNaDetails(result, compName);
       result.notApplicable(
           smh.getLocalString(
               getClass().getName() + ".notApplicable",
               "{0} Does not define any resource-ref Elements",
               new Object[] {descriptor.getName()}));
     }
   } catch (Exception ex) {
     addErrorDetails(result, compName);
     result.addErrorDetails(
         smh.getLocalString(
             getClass().getName() + ".notRun",
             "NOT RUN [AS-EJB] : Could not create the descriptor object"));
   }
   return result;
 }