Example #1
0
  @Test
  public void testRunAsICIR_TwoBeans() throws Exception {
    LoginContext lc = Util.getCLMLoginContext("user1", "password1");
    lc.login();
    try {
      // TODO - Enable once auth checks are working.
      /*
       * try { whoAmIBean.getCallerPrincipal(); fail("Expected call to whoAmIBean to fail"); } catch (Exception expected)
       * { }
       */

      boolean[] response;
      response = entryBean.doubleDoIHaveRole("Users");
      assertTrue(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role1");
      assertTrue(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role2");
      assertFalse(response[0]);
      assertTrue(response[1]);
    } finally {
      lc.logout();
    }

    lc = Util.getCLMLoginContext("user2", "password2");
    lc.login();
    try {
      // Verify the call now passes.
      Principal user = whoAmIBean.getCallerPrincipal();
      assertNotNull(user);

      boolean[] response;
      response = entryBean.doubleDoIHaveRole("Users");
      assertTrue(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role1");
      assertFalse(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role2");
      assertTrue(response[0]);
      assertTrue(response[1]);
    } finally {
      lc.logout();
    }
  }
  @Before
  public void login() throws Exception {
    final LoginContext lc = Util.getCLMLoginContext("user1", "password1");
    lc.login();

    this.loginContext = lc;
  }
Example #3
0
 @Test
 public void testAuthentication_TwoBeans() throws Exception {
   LoginContext lc = Util.getCLMLoginContext("user1", "password1");
   lc.login();
   try {
     String[] response = entryBean.doubleWhoAmI();
     assertEquals("user1", response[0]);
     assertEquals(
         "anonymous",
         response[
             1]); // Unless a run-as-principal configuration has been done, you cannot expect a
                  // principal
   } finally {
     lc.logout();
   }
 }
Example #4
0
  /** Migration test from EJB Testsuite (security/TimerRunAs) to AS7 [JBQA-5483]. */
  @Test
  public void testTimerNoSecurityAssociationPrincipal() throws Exception {
    LoginContext lc = Util.getCLMLoginContext("user1", "password1");
    lc.login();

    try {
      TimerTester test =
          (TimerTester) ctx.lookup("java:module/" + TimerTesterBean.class.getSimpleName());

      assertNotNull(test);
      test.startTimer(150);
      Assert.assertTrue(TimerTesterBean.awaitTimerCall());

      Assert.assertEquals(
          "user2", TimerTesterBean.calleeCallerPrincipal.iterator().next().getName());
    } finally {
      lc.logout();
    }
  }
Example #5
0
  /**
   * Test objective: Check if default, @RolesAllowed, @PermitAll, @DenyAll and @RolesAllowed with
   * multiple roles works on method level without user logged in as described in EJB 3.1 spec. The
   * target session bean is given as parameter Expected results: Test has to finish without any
   * exception or error.
   *
   * @throws Exception
   */
  public void testSingleMethodAnnotationsNoUserTemplate(
      final String MODULE, final Logger log, final Class SB_CLASS) throws Exception {

    String myContext =
        Util.createRemoteEjbJndiContext(
            "",
            MODULE,
            "",
            SB_CLASS.getSimpleName(),
            SimpleAuthorizationRemote.class.getName(),
            isBeanClassStatefull(SB_CLASS));

    log.info("JNDI name=" + myContext);

    final Context ctx = Util.createNamingContext();
    final SimpleAuthorizationRemote singleMethodsAnnOnlyBean =
        (SimpleAuthorizationRemote) ctx.lookup(myContext);

    try {
      String echoValue = singleMethodsAnnOnlyBean.defaultAccess("alohomora");
      Assert.assertEquals(echoValue, "alohomora");
    } catch (EJBAccessException e) {
      Assert.fail("Exception not expected");
    }

    try {
      String echoValue = singleMethodsAnnOnlyBean.roleBasedAccessOne("alohomora");
      Assert.fail("Method cannot be successfully called without logged in user");
    } catch (Exception e) {
      // expected
      Assert.assertTrue(
          "Thrown exception must be EJBAccessException, but was " + e.getClass().getSimpleName(),
          e instanceof EJBAccessException);
    }

    try {
      String echoValue = singleMethodsAnnOnlyBean.roleBasedAccessMore("alohomora");
      Assert.fail("Method cannot be successfully called without logged in user");
    } catch (Exception e) {
      // expected
      Assert.assertTrue(
          "Thrown exception must be EJBAccessException, but was " + e.getClass().getSimpleName(),
          e instanceof EJBAccessException);
    }

    try {
      String echoValue = singleMethodsAnnOnlyBean.permitAll("alohomora");
      Assert.assertEquals(echoValue, "alohomora");
    } catch (Exception e) {
      Assert.fail("@PermitAll annotation must allow all users and no users to call the method");
    }

    try {
      String echoValue = singleMethodsAnnOnlyBean.denyAll("alohomora");
      Assert.fail("@DenyAll annotation must allow all users and no users to call the method");
    } catch (Exception e) {
      // expected
      Assert.assertTrue(
          "Thrown exception must be EJBAccessException, but was " + e.getClass().getSimpleName(),
          e instanceof EJBAccessException);
    }
  }