Java SecurityTestRemoteView示例

编程语言: Java

类/类型: SecurityTestRemoteView

hotexamples.com的示例: 2

Java SecurityTestRemoteView - 已找到2个示例。这些是从开源项目中提取的最受好评的SecurityTestRemoteView现实Java示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

methodWithNoRole(2)

methodWithSpecificRole(2)

示例#1

显示文件

文件： MissingMethodPermissionsTestCase.java 项目： Chaohua/wildfly

 /**
  * Tests that methods without any explicit security permissions or any entry in the descriptor are
  * denied
  *
  * @throws Exception
  */
 @Test
 public void testDenyAccessByDefaultForMethodsMissingPermissions() throws Exception {
   final SecurityTestRemoteView denyAccessBean =
       InitialContext.doLookup(
           "java:global/"
               + APP_NAME
               + "/"
               + MODULE_THREE_NAME
               + "/"
               + SecuredBeanThree.class.getSimpleName()
               + "!"
               + SecurityTestRemoteView.class.getName());
   // first invoke on a method which has a specific role and that invocation should pass
   final String callerPrincipalName = denyAccessBean.methodWithSpecificRole();
   Assert.assertEquals("Unexpected caller prinicpal", "user1", callerPrincipalName);
   // now invoke on a method which doesn't have an explicit security configuration. The
   // SecuredBeanTwo (deployment) is configured for
   // <missing-method-permissions-deny-access>true</missing-method-permissions-deny-access>
   // so the invocation on such a method is expected to fail
   try {
     denyAccessBean.methodWithNoRole();
     Assert.fail(
         "Invocation on a method with no specific security configurations was expected to fail due to <missing-method-permissions-deny-access>true</missing-method-permissions-deny-access> configuration, but it didn't");
   } catch (EJBAccessException eae) {
     logger.info("Got the expected exception", eae);
   }
 }

示例#2

显示文件

文件： MissingMethodPermissionsTestCase.java 项目： Chaohua/wildfly

 /**
  * Tests that methods without any explicit security permissions on an EJB marked with
  * <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access> are
  * allowed access
  *
  * @throws Exception
  */
 @Test
 public void testAllowAccessForMethodsMissingPermissions() throws Exception {
   final SecurityTestRemoteView allowAccessBean =
       InitialContext.doLookup(
           "java:global/"
               + APP_NAME
               + "/"
               + MODULE_ONE_NAME
               + "/"
               + SecuredBeanOne.class.getSimpleName()
               + "!"
               + SecurityTestRemoteView.class.getName());
   // first invoke on a method which has a specific role and that invocation should pass
   final String callerPrincipalName = allowAccessBean.methodWithSpecificRole();
   Assert.assertEquals("Unexpected caller prinicpal", "user1", callerPrincipalName);
   // now invoke on a method which doesn't have an explicit security configuration. The
   // SecuredBeanOne (deployment) is configured for
   // <missing-method-permissions-deny-access>false</missing-method-permissions-deny-access>
   // so the invocation on such a method is expected to fail
   final String callerPrincipalForMethodWithNoRole = allowAccessBean.methodWithNoRole();
   Assert.assertEquals(
       "Unexpected caller prinicpal when invoking method with no role",
       "user1",
       callerPrincipalForMethodWithNoRole);
 }