Esempio n. 1
0
  @Test
  public void testRunAsICIR_TwoBeans() throws Exception {
    LoginContext lc = Util.getCLMLoginContext("user1", "password1");
    lc.login();
    try {
      // TODO - Enable once auth checks are working.
      /*
       * try { whoAmIBean.getCallerPrincipal(); fail("Expected call to whoAmIBean to fail"); } catch (Exception expected)
       * { }
       */

      boolean[] response;
      response = entryBean.doubleDoIHaveRole("Users");
      assertTrue(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role1");
      assertTrue(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role2");
      assertFalse(response[0]);
      assertTrue(response[1]);
    } finally {
      lc.logout();
    }

    lc = Util.getCLMLoginContext("user2", "password2");
    lc.login();
    try {
      // Verify the call now passes.
      Principal user = whoAmIBean.getCallerPrincipal();
      assertNotNull(user);

      boolean[] response;
      response = entryBean.doubleDoIHaveRole("Users");
      assertTrue(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role1");
      assertFalse(response[0]);
      assertFalse(response[1]);

      response = entryBean.doubleDoIHaveRole("Role2");
      assertTrue(response[0]);
      assertTrue(response[1]);
    } finally {
      lc.logout();
    }
  }
Esempio n. 2
0
  @Before
  public void login() throws Exception {
    final LoginContext lc = Util.getCLMLoginContext("user1", "password1");
    lc.login();

    this.loginContext = lc;
  }
Esempio n. 3
0
 @Test
 public void testAuthentication_TwoBeans() throws Exception {
   LoginContext lc = Util.getCLMLoginContext("user1", "password1");
   lc.login();
   try {
     String[] response = entryBean.doubleWhoAmI();
     assertEquals("user1", response[0]);
     assertEquals(
         "anonymous",
         response[
             1]); // Unless a run-as-principal configuration has been done, you cannot expect a
                  // principal
   } finally {
     lc.logout();
   }
 }
Esempio n. 4
0
  /** Migration test from EJB Testsuite (security/TimerRunAs) to AS7 [JBQA-5483]. */
  @Test
  public void testTimerNoSecurityAssociationPrincipal() throws Exception {
    LoginContext lc = Util.getCLMLoginContext("user1", "password1");
    lc.login();

    try {
      TimerTester test =
          (TimerTester) ctx.lookup("java:module/" + TimerTesterBean.class.getSimpleName());

      assertNotNull(test);
      test.startTimer(150);
      Assert.assertTrue(TimerTesterBean.awaitTimerCall());

      Assert.assertEquals(
          "user2", TimerTesterBean.calleeCallerPrincipal.iterator().next().getName());
    } finally {
      lc.logout();
    }
  }
Esempio n. 5
0
  /**
   * Test objective: Check if default, @RolesAllowed, @PermitAll, @DenyAll and @RolesAllowed with
   * multiple roles works on method level with user1 logged in as described in EJB 3.1 spec. user2
   * has "Users,Role2" roles. The target session bean is given as parameter. Expected results: Test
   * has to finish without any exception or error.
   *
   * <p>TODO: remove @Ignore after the JIRA is fixed
   *
   * @throws Exception
   */
  @Ignore("AS7-2942")
  public void testSingleMethodAnnotationsUser2Template(
      final String MODULE, final Logger log, final Class SB_CLASS) throws Exception {
    LoginContext lc = Util.getCLMLoginContext("user2", "password2");
    lc.login();

    try {

      String myContext =
          Util.createRemoteEjbJndiContext(
              "",
              MODULE,
              "",
              SB_CLASS.getSimpleName(),
              SimpleAuthorizationRemote.class.getName(),
              isBeanClassStatefull(SB_CLASS));
      log.info("JNDI name=" + myContext);

      final Context ctx = Util.createNamingContext();
      final SimpleAuthorizationRemote singleMethodsAnnOnlyBean =
          (SimpleAuthorizationRemote) ctx.lookup(myContext);

      try {
        String echoValue = singleMethodsAnnOnlyBean.defaultAccess("alohomora");
        Assert.assertEquals(echoValue, "alohomora");
      } catch (EJBAccessException e) {
        Assert.fail("EJBAccessException not expected");
      }

      try {
        String echoValue = singleMethodsAnnOnlyBean.roleBasedAccessOne("alohomora");
        Assert.fail("Method cannot be successfully called with logged in user2");
      } catch (Exception e) {
        // expected
        Assert.assertTrue(
            "Thrown exception must be EJBAccessException, but was different",
            e instanceof EJBAccessException);
      }

      try {
        String echoValue = singleMethodsAnnOnlyBean.roleBasedAccessMore("alohomora");
        Assert.assertEquals(echoValue, "alohomora");
      } catch (EJBAccessException e) {
        Assert.fail("EJBAccessException not expected");
      }

      try {
        String echoValue = singleMethodsAnnOnlyBean.permitAll("alohomora");
        Assert.assertEquals(echoValue, "alohomora");
      } catch (Exception e) {
        Assert.fail(
            "@PermitAll annotation must allow all users and no users to call the method - principal:"
                + lc.getSubject());
      }

      try {
        String echoValue = singleMethodsAnnOnlyBean.denyAll("alohomora");
        Assert.fail("@DenyAll annotation must allow all users and no users to call the method");
      } catch (Exception e) {
        // expected
        Assert.assertTrue(
            "Thrown exception must be EJBAccessException, but was different",
            e instanceof EJBAccessException);
      }

    } finally {
      lc.logout();
    }
  }