private void checkUserTransactionAccess() throws NamingException {
if (userTransaction == null) {
throw new RuntimeException(
"UserTransaction injection in a BMT bean was expected to happen successfully, but it didn't!");
}
// (JBoss specific) java:jboss/UserTransaction lookup string
final String utJndiName = "java:jboss/UserTransaction";
final UserTransaction userTxInJBossNamespace = InitialContext.doLookup(utJndiName);
if (userTxInJBossNamespace == null) {
throw new RuntimeException(
"UserTransaction lookup at " + utJndiName + " returned null in a BMT bean");
}
// (spec mandated) java:comp/UserTransaction lookup string
final String utJavaCompJndiName = "java:comp/UserTransaction";
final UserTransaction userTxInJavaCompNamespace = InitialContext.doLookup(utJavaCompJndiName);
if (userTxInJavaCompNamespace == null) {
throw new RuntimeException(
"UserTransaction lookup at " + utJavaCompJndiName + " returned null in a BMT bean");
}
// try invoking EJBContext.getUserTransaction()
final UserTransaction ut = ejbContext.getUserTransaction();
if (ut == null) {
throw new RuntimeException("EJBContext.getUserTransaction() returned null in a BMT bean");
}
}
public static DataSource lookupDataSource(
String dataSourceName, final Hashtable<Object, Object> jndiProperties) {
try {
if (jndiProperties == null || jndiProperties.isEmpty()) {
return (DataSource) InitialContext.doLookup(dataSourceName);
}
final InitialContext context = new InitialContext(jndiProperties);
return (DataSource) context.doLookup(dataSourceName);
} catch (Exception e) {
throw new RuntimeException("Error in looking up data source: " + e.getMessage(), e);
}
}
protected URL lookupBpmPlatformXmlLocationFromJndi() {
String jndi = "java:comp/env/" + BPM_PLATFORM_XML_LOCATION;
try {
String bpmPlatformXmlLocation = InitialContext.doLookup(jndi);
URL fileLocation = checkValidBpmPlatformXmlResourceLocation(bpmPlatformXmlLocation);
if (fileLocation != null) {
LOGGER.log(
Level.INFO,
"Found camunda bpm platform configuration in JNDI ["
+ jndi
+ "] at "
+ fileLocation.toString());
}
return fileLocation;
} catch (NamingException e) {
LOGGER.log(
Level.FINE,
"Failed to look up camunda bpm platform configuration in JNDI [" + jndi + "].",
e);
}
return null;
}
/**
* Tests that methods without any explicit security permissions or any entry in the descriptor are
* denied
*
* @throws Exception
*/
@Test
public void testDenyAccessByDefaultForMethodsMissingPermissions() throws Exception {
final SecurityTestRemoteView denyAccessBean =
InitialContext.doLookup(
"java:global/"
+ APP_NAME
+ "/"
+ MODULE_THREE_NAME
+ "/"
+ SecuredBeanThree.class.getSimpleName()
+ "!"
+ SecurityTestRemoteView.class.getName());
// first invoke on a method which has a specific role and that invocation should pass
final String callerPrincipalName = denyAccessBean.methodWithSpecificRole();
Assert.assertEquals("Unexpected caller prinicpal", "user1", callerPrincipalName);
// now invoke on a method which doesn't have an explicit security configuration. The
// SecuredBeanTwo (deployment) is configured for
// <missing-method-permissions-deny-access>true</missing-method-permissions-deny-access>
// so the invocation on such a method is expected to fail
try {
denyAccessBean.methodWithNoRole();
Assert.fail(
"Invocation on a method with no specific security configurations was expected to fail due to <missing-method-permissions-deny-access>true</missing-method-permissions-deny-access> configuration, but it didn't");
} catch (EJBAccessException eae) {
logger.info("Got the expected exception", eae);
}
}
/**
* Tests that methods without any explicit security permissions on an EJB marked with
* <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access> are
* allowed access
*
* @throws Exception
*/
@Test
public void testAllowAccessForMethodsMissingPermissions() throws Exception {
final SecurityTestRemoteView allowAccessBean =
InitialContext.doLookup(
"java:global/"
+ APP_NAME
+ "/"
+ MODULE_ONE_NAME
+ "/"
+ SecuredBeanOne.class.getSimpleName()
+ "!"
+ SecurityTestRemoteView.class.getName());
// first invoke on a method which has a specific role and that invocation should pass
final String callerPrincipalName = allowAccessBean.methodWithSpecificRole();
Assert.assertEquals("Unexpected caller prinicpal", "user1", callerPrincipalName);
// now invoke on a method which doesn't have an explicit security configuration. The
// SecuredBeanOne (deployment) is configured for
// <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access>
// so the invocation on such a method is expected to fail
final String callerPrincipalForMethodWithNoRole = allowAccessBean.methodWithNoRole();
Assert.assertEquals(
"Unexpected caller prinicpal when invoking method with no role",
"user1",
callerPrincipalForMethodWithNoRole);
}
@Override
protected void service(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
PrintWriter out = response.getWriter();
try {
Object doLookup = InitialContext.doLookup(InvoiceFacadeHome.COMP_NAME);
InvoiceFacadeHome home;
if (doLookup instanceof MarshalledValuePair) {
home = (InvoiceFacadeHome) ((MarshalledValuePair) doLookup).get();
} else {
home = (InvoiceFacadeHome) doLookup;
}
InvoiceFacade facade = home.create();
out.println("<html>");
out.println("<body>");
out.println("Primeira servlet");
out.println(facade.insertInvoice(80, 10));
out.println("</body>");
out.println("</html>");
} catch (Exception e) {
e.printStackTrace();
}
}
private static DataSource lookupDataSource(String dataSourceName) {
try {
return (DataSource) InitialContext.doLookup(dataSourceName);
} catch (Exception e) {
throw new RuntimeException("Error in looking up data source: " + e.getMessage(), e);
}
}
/**
* @param <T> the return type
* @param retvalClass the returned value's {@link Class}
* @param jndi the JNDI path to the resource
* @return the resource at the specified {@code jndi} path
*/
private static <T> T lookup(Class<T> retvalClass, String jndi) {
try {
return retvalClass.cast(InitialContext.doLookup(jndi));
} catch (NamingException ex) {
throw new IllegalArgumentException(
"failed to lookup instance of " + retvalClass + " at " + jndi, ex);
}
}
private static BeanManager lookupTrial(final String url) {
try {
// in an application server
return (BeanManager) InitialContext.doLookup(url);
} catch (final NamingException e) {
LOG.log(Level.SEVERE, "Can't find the bean manager by the url <" + url + ">", e);
}
return null;
}
// converts the password to SHA-5 Then stores the account in the DB YAY
public String createUser(String username, String password)
throws DataStoreException, NoSuchAlgorithmException {
try {
DataSource ds = InitialContext.doLookup(JNDI_NAME);
try (Connection conn = ds.getConnection();
PreparedStatement ps = conn.prepareStatement(ACCOUNT_CREATE)) {
ps.setString(1, username);
ps.setString(2, Sha.hash256(password));
ps.execute();
}
} catch (NamingException | SQLException e) {
throw new DataStoreException(e);
}
return "login";
}
/**
* Get the container managed transaction manager; if a JNDI name is given, that name is looked for
* a TransactionManager object, if not, the standard JNDI names are checked.
*
* @param txManagerJNDIName The user given JNDI name of the TransactionManager
* @return The TransactionManager object
* @throws DataServiceFault
*/
public static TransactionManager getContainerTransactionManager(String txManagerJNDIName)
throws DataServiceFault {
TransactionManager txManager = null;
if (txManagerJNDIName != null) {
try {
txManager = InitialContext.doLookup(txManagerJNDIName);
} catch (Exception e) {
throw new DataServiceFault(
e,
"Cannot find TransactionManager with the given JNDI name '" + txManagerJNDIName + "'");
}
}
/* get the transaction manager from the well known JNDI names from the cache */
txManager = DBDeployer.getCachedTransactionManager();
return txManager;
}
private void testCreateQuartzSchema() {
Scanner scanner =
new Scanner(this.getClass().getResourceAsStream("/quartz_tables_h2.sql")).useDelimiter(";");
try {
Connection connection =
((DataSource) InitialContext.doLookup("jdbc/jbpm-ds")).getConnection();
Statement stmt = connection.createStatement();
while (scanner.hasNext()) {
String sql = scanner.next();
stmt.executeUpdate(sql);
}
stmt.close();
connection.close();
} catch (Exception e) {
}
}
public static DisposableExecutor getDefaultInstance() {
synchronized (lock) {
if (defaultInstance == null) {
DisposableExecutor _executorManager = null;
// Unless overridden, delegate instantiation of the ExecutorService to the container
// See https://issues.jboss.org/browse/UF-244 and https://issues.jboss.org/browse/WFLY-4198
// When running in Hosted Mode (on Wildfly 8.1 at present) the System Property should be set
// to "true"
if (!USE_EXECUTOR_SAFE_MODE) {
try {
_executorManager = InitialContext.doLookup("java:module/SimpleAsyncExecutorService");
isEJB.set(true);
} catch (final Exception e) {
LOG.warn(
"Unable to instantiate EJB Asynchronous Bean. Falling back to Executors' CachedThreadPool.",
e);
}
} else {
LOG.info(
"Use of to Executors' CachedThreadPool has been requested; overriding container provisioning.");
}
if (_executorManager == null) {
if (unmanagedInstance == null) {
unmanagedInstance = new SimpleAsyncExecutorService(false);
}
defaultInstance = unmanagedInstance;
} else {
if (managedInstance == null) {
managedInstance = _executorManager;
}
defaultInstance = managedInstance;
}
}
}
return defaultInstance;
}
@Override
public LoginSession login(String email, String password) {
AccountImpl account = accountRepository.findAccount(email);
if (account == null) {
throw new RuntimeException("login failed");
}
if (!account.getPassword().equals(password)) {
throw new RuntimeException("login failed");
}
if (account.isLoggedIn()) {
throw new RuntimeException("Already logged in");
}
try {
account.setLoggedIn(true);
accountRepository.save(account);
// locationService.setLocationRetriever(userid, clientLocationRetriever);
// THis works!!! (requires an extra local method with a SessionContext call to
// getBusinessObject in LoginSessionImpl)
LoginSessionImpl loginSession =
InitialContext.doLookup(
"java:module/"
+ LoginSessionImpl.class.getSimpleName()
+ "!"
+ LoginSessionImpl.class.getName());
loginSession.setLoggedInUser(account.getPrivatePerson().getSelf().getEmail());
// same session bean, different proxy interface
return loginSession.getRemoteBusinessInterface();
} catch (Exception e) {
throw new RuntimeException(e);
}
}
public restService() throws Exception {
remoteBean = InitialContext.doLookup("java:global/wildfly-helloworld/IocRemoteBean");
}
