Java > Open Source Codes > org > jboss > ejb3 > test > security > unit > EJBSpecUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */
22 package org.jboss.ejb3.test.security.unit;
23
24 import java.util.HashSet ;
25 import javax.ejb.EJBException ;
26 import javax.jms.Message ;
27 import javax.jms.Queue ;
28 import javax.jms.QueueConnection ;
29 import javax.jms.QueueConnectionFactory ;
30 import javax.jms.QueueReceiver ;
31 import javax.jms.QueueSender ;
32 import javax.jms.QueueSession ;
33 import javax.jms.Session ;
34 import javax.management.MBeanServerConnection ;
35 import javax.management.MBeanServerInvocationHandler ;
36 import javax.management.ObjectName ;
37 import javax.naming.InitialContext ;
38 import javax.security.auth.login.Configuration ;
39 import javax.security.auth.login.LoginContext ;
40 import org.jboss.ejb3.test.security.AppCallbackHandler;
41 import org.jboss.ejb3.test.security.CalledSession;
42 import org.jboss.ejb3.test.security.SecurityContext;
43 import org.jboss.ejb3.test.security.SessionFacade;
44 import org.jboss.ejb3.test.security.StatefulSession;
45 import org.jboss.ejb3.test.security.StatelessSession;
46 import org.jboss.logging.Logger;
47 import org.jboss.security.SimplePrincipal;
48 import org.jboss.security.auth.login.XMLLoginConfigImpl;
49 import org.jboss.security.plugins.JaasSecurityManagerServiceMBean;
50 import org.jboss.test.JBossTestCase;
51 import junit.framework.Test;
52
53
54 /** Test of EJB spec conformace using the security-spec.jar
55  deployment unit. These test the basic role based access model.
56  
57  @author Scott.Stark@jboss.org
58  @version $Revision: 54985 $
59  */
60 public class EJBSpecUnitTestCase
61 extends JBossTestCase
62 {
63 private static final Logger log = Logger.getLogger(EJBSpecUnitTestCase.class);
64
65 static String username = "scott";
66 static char[] password = "echoman".toCharArray();
67 static String QUEUE_FACTORY = "ConnectionFactory";
68
69 LoginContext lc;
70 boolean loggedIn;
71
72 public EJBSpecUnitTestCase(String name)
73 {
74    super(name);
75 }
76
77 protected void tearDown() throws Exception
78 {
79    logout();
80 }
81
82 /** Validate that the users have the expected logins and roles.
83  *
84  * @throws Exception
85  */
86 public void testSecurityDomain() throws Exception
87 {
88    log.info("+++ testSecurityDomain, domain=spec-test");
89    MBeanServerConnection conn = (MBeanServerConnection ) getServer();
90    ObjectName secMgrName = new ObjectName ("jboss.security:service=JaasSecurityManager");
91    JaasSecurityManagerServiceMBean secMgr = (JaasSecurityManagerServiceMBean)
92       MBeanServerInvocationHandler.newProxyInstance(conn, secMgrName,
93       JaasSecurityManagerServiceMBean.class, false);
94
95    // Test the spec-test security domain
96 String domain = "spec-test";
97    SimplePrincipal user = new SimplePrincipal("scott");
98    boolean isValid = secMgr.isValid(domain, user, password);
99    assertTrue("scott password is echoman", isValid);
100    HashSet testRole = new HashSet ();
101    testRole.add(new SimplePrincipal("Echo"));
102    boolean hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
103    assertTrue("scott has Echo role", hasRole);
104    testRole.clear();
105    testRole.add(new SimplePrincipal("EchoLocal"));
106    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
107    assertTrue("scott has EchoLocal role", hasRole);
108    testRole.clear();
109    testRole.add(new SimplePrincipal("ProjectUser"));
110    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
111    assertTrue("scott has ProjectUser role", hasRole);
112
113    isValid = secMgr.isValid(domain, user, "badpass".toCharArray());
114    assertTrue("badpass is an invalid password for scott", isValid == false);
115
116    // Test the spec-test-domain security domain
117 log.info("+++ testSecurityDomain, domain=spec-test-domain");
118    domain = "spec-test-domain";
119    isValid = secMgr.isValid(domain, user, password);
120    assertTrue("scott password is echoman", isValid);
121    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
122    assertTrue("scott has Echo role", hasRole);
123    testRole.clear();
124    testRole.add(new SimplePrincipal("EchoLocal"));
125    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
126    assertTrue("scott has EchoLocal role", hasRole);
127    testRole.clear();
128    testRole.add(new SimplePrincipal("ProjectUser"));
129    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
130    assertTrue("scott has ProjectUser role", hasRole);
131
132    isValid = secMgr.isValid(domain, user, "badpass".toCharArray());
133    assertTrue("badpass is an invalid password for scott", isValid == false);
134 }
135
136 /** Test that:
137  1. SecureBean returns a non-null principal when getCallerPrincipal
138  is called with a security context and that this is propagated
139  to its Entity bean ref.
140  
141  2. UnsecureBean throws an IllegalStateException when getCallerPrincipal
142  is called without a security context.
143  */
144 public void testGetCallerPrincipal() throws Exception
145 {
146    log.debug("+++ testGetCallerPrincipal()");
147    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UnsecureStatelessSession2");
148    log.debug("Created spec.UnsecureStatelessSession2");
149    
150    try
151    {
152       // This should fail because echo calls getCallerPrincipal()
153 bean.echo("Hello from nobody?");
154       fail("Was able to call StatelessSession.echo");
155    }
156    catch(Exception e)
157    {
158       log.debug("echo failed as expected");
159    }
160    
161    login();
162    bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession2");
163    log.debug("Created spec.StatelessSession2");
164    // Test that the Entity bean sees username as its principal
165 String echo = bean.echo(username);
166    log.debug("bean.echo(username) = "+echo);
167    assertTrue("username == echo", echo.equals(username));
168    
169    logout();
170 }
171
172 /** Test the use of getCallerPrincipal from within the ejbCreate
173  * in a stateful session bean
174  */
175 public void testStatefulCreateCaller() throws Exception
176 {
177    log.debug("+++ testStatefulCreateCaller");
178    login();
179    InitialContext jndiContext = new InitialContext ();
180   
181    StatefulSession bean = (StatefulSession)jndiContext.lookup("spec.StatefulSession");
182    // Need to invoke a method to ensure an ejbCreate call
183 bean.echo("testStatefulCreateCaller");
184    log.debug("Bean.echo(), ok");
185
186    logout();
187 }
188
189 /**
190  * Test that a call interacting with different security domains does not
191  * change the
192  * @throws Exception
193  */
194 public void testDomainInteraction() throws Exception
195 {
196    logout();
197    login("testDomainInteraction", "testDomainInteraction".toCharArray());
198    log.debug("+++ testDomainInteraction()");
199    SecurityContext bean = (SecurityContext)getInitialContext().lookup("spec.UserInRoleContextSession");
200    log.debug("Created spec.UserInRoleContextSession");
201    HashSet roles = new HashSet ();
202    roles.add("Role1");
203    roles.add("Role2");
204    bean.testDomainInteraction(roles);
205 }
206
207 /** Test that the calling principal is propagated across bean calls.
208  */
209 public void testPrincipalPropagation() throws Exception
210 {
211    log.debug("+++ testPrincipalPropagation");
212    logout();
213    login();
214    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UnsecureStatelessSession2");
215    log.debug("Created spec.UnsecureStatelessSession2");
216    log.debug("Bean.forward('testPrincipalPropagation') -> "+bean.forward("testPrincipalPropagation"));
217 }
218
219 public void testMethodAccess() throws Exception
220 {
221    log.debug("+++ testMethodAccess");
222    login();
223    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession");
224    log.debug("Created spec.StatelessSession");
225    log.debug("Bean.echo('Hello') -> "+bean.echo("Hello"));
226
227    // This should be allowed in ejb3
228 bean.noop();
229 }
230
231 /** Test that the echo method is accessible by an Echo
232  role. Since the excluded() method of the StatelessSession
233  bean has been placed into the excluded set it should not
234  accessible by any user. This uses the security domain of the
235  JaasSecurityDomain service to test its use as an authentication mgr.
236  */
237 public void testDomainMethodAccess() throws Exception
238 {
239    log.debug("+++ testDomainMethodAccess");
240    login();
241    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSessionInDomain");
242    log.debug("Created spec.StatelessSessionInDomain");
243    log.debug("Bean.echo('testDomainMethodAccess') -> "+bean.echo("testDomainMethodAccess"));
244
245    try
246    {
247       // This should not be allowed
248 bean.excluded();
249       fail("Was able to call StatelessSession.excluded");
250    }
251    catch(Exception e)
252    {
253       log.debug("StatelessSession.excluded failed as expected");
254    }
255 }
256
257 /** Test that the permissions assigned to the stateless session bean:
258  with ejb-name=org/jboss/test/security/ejb/StatelessSession_test
259  are read correctly.
260  */
261 public void testMethodAccess2() throws Exception
262 {
263    log.debug("+++ testMethodAccess2");
264    login();
265    InitialContext jndiContext = new InitialContext ();
266    StatelessSession bean = (StatelessSession)jndiContext.lookup("spec.StatelessSession_test");
267    log.debug("Created spec.StatelessSession_test");
268    log.debug("Bean.echo('testMethodAccess2') -> "+bean.echo("testMethodAccess2"));
269 }
270
271 /** Test a user with Echo and EchoLocal roles can access the CalleeBean
272  through its local interface by calling the CallerBean and that a user
273  with only a EchoLocal cannot call the CallerBean.
274  */
275 public void a1testLocalMethodAccess() throws Exception
276 {
277    log.debug("+++ testLocalMethodAccess");
278    login();
279    InitialContext jndiContext = new InitialContext ();
280    CalledSession bean = (CalledSession)jndiContext.lookup("spec.CallerBean");
281    log.debug("Created spec.CallerBean");
282    log.debug("Bean.invokeEcho('testLocalMethodAccess') -> "+bean.invokeEcho("testLocalMethodAccess"));
283 }
284
285 /** Test access to a bean with a mix of remote interface permissions and
286  * unchecked permissions with the unchecked permissions declared first.
287  * @throws Exception
288  */
289 public void testUncheckedRemote() throws Exception
290 {
291    log.debug("+++ testUncheckedRemote");
292    login();
293    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSessionRemoteLast");
294    log.debug("Created spec.UncheckedSessionRemoteLast");
295    log.debug("Bean.echo('testUncheckedRemote') -> "+bean.echo("testUncheckedRemote"));
296    try
297    {
298       bean.excluded();
299       fail("Was able to call UncheckedSessionRemoteLast.excluded");
300    }
301    catch(Exception e)
302    {
303       log.debug("UncheckedSessionRemoteLast.excluded failed as expected");
304    }
305    logout();
306 }
307
308 /** Test access to a bean with a mix of remote interface permissions and
309  * unchecked permissions with the unchecked permissions declared last.
310  * @throws Exception
311  */
312 public void testRemoteUnchecked() throws Exception
313 {
314    log.debug("+++ testRemoteUnchecked");
315    login();
316    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSessionRemoteFirst");
317    log.debug("Created spec.UncheckedSessionRemoteFirst");
318    log.debug("Bean.echo('testRemoteUnchecked') -> "+bean.echo("testRemoteUnchecked"));
319    try
320    {
321       bean.excluded();
322       fail("Was able to call UncheckedSessionRemoteFirst.excluded");
323    }
324    catch(Exception e)
325    {
326       log.debug("UncheckedSessionRemoteFirst.excluded failed as expected");
327    }
328    logout();
329 }
330
331 /** Test that a user with a role that has not been assigned any
332  method permissions in the ejb-jar descriptor is able to access a
333  method that has been marked as unchecked.
334  */
335 public void testUnchecked() throws Exception
336 {
337    log.debug("+++ testUnchecked");
338    // Login as scott to create the bean
339 login();
340    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession");
341    log.debug("Created spec.StatelessSession");
342    // Logout and login back in as stark to test access to the unchecked method
343 logout();
344    login("stark", "javaman".toCharArray());
345    bean.unchecked();
346    log.debug("Called Bean.unchecked()");
347    logout();
348 }
349
350 /** Test that a user with a valid role is able to access a
351  bean for which all methods have been marked as unchecked.
352  */
353 public void testUncheckedWithLogin() throws Exception
354 {
355    log.debug("+++ testUncheckedWithLogin");
356    // Login as scott to see that a user with roles is allowed access
357 login();
358    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSession");
359    log.debug("Created spec.StatelessSession");
360    bean.unchecked();
361    log.debug("Called Bean.unchecked()");
362    logout();
363 }
364
365 /** Test that user scott who has the Echo role is not able to
366  access the StatelessSession2.excluded method even though
367  the Echo role has been granted access to all methods of
368  StatelessSession2 to test that the excluded-list takes
369  precendence over the method-permissions.
370  */
371 public void testExcluded() throws Exception
372 {
373    log.debug("+++ testExcluded");
374    login();
375    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession2");
376    log.debug("Created spec.StatelessSession2");
377    try
378    {
379       bean.excluded();
380       fail("Was able to call Bean.excluded()");
381    }
382    catch(Exception e)
383    {
384       log.debug("Bean.excluded() failed as expected");
385       // This is what we expect
386 }
387    logout();
388 }
389
390 /** This method tests the following call chains:
391  1. RunAsStatelessSession.echo() -> PrivateEntity.echo()
392  2. RunAsStatelessSession.noop() -> RunAsStatelessSession.excluded()
393  3. RunAsStatelessSession.forward() -> StatelessSession.echo()
394  1. Should succeed because the run-as identity of RunAsStatelessSession
395  is valid for accessing PrivateEntity.
396  2. Should succeed because the run-as identity of RunAsStatelessSession
397  is valid for accessing RunAsStatelessSession.excluded().
398  3. Should fail because the run-as identity of RunAsStatelessSession
399  is not Echo.
400  */
401 public void testRunAs() throws Exception
402 {
403    log.debug("+++ testRunAs");
404    login();
405    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.RunAsStatelessSession");
406    log.debug("Created spec.RunAsStatelessSession");
407    log.debug("Bean.echo('testRunAs') -> "+bean.echo("testRunAs"));
408    bean.noop();
409    log.debug("Bean.noop(), ok");
410    
411    try
412    {
413       // This should not be allowed
414 bean.forward("Hello");
415       fail("Was able to call RunAsStatelessSession.forward");
416    }
417    catch(Exception e)
418    {
419       log.debug("StatelessSession.forward failed as expected");
420    }
421    
422    logout();
423 }
424
425 /** This method tests the following call chain:
426  Level1CallerBean.callEcho() -> Level2CallerBean.invokeEcho()
427    -> Level3CalleeBean.echo()
428  The Level1CallerBean uses a run-as of InternalRole and the Level2CallerBean
429  and Level3CalleeBean are only accessible by InternalRole.
430  */
431 public void testDeepRunAs() throws Exception
432 {
433    log.debug("+++ testDeepRunAs");
434    login();
435    CalledSession bean = (CalledSession)getInitialContext().lookup("spec.Level1CallerBean");
436    log.debug("Created spec.Level1CallerBean");
437    String principal = bean.callEcho();
438    assertEquals("scott", principal);
439    log.debug("Bean.callEcho() ok");
440 }
441
442 public void testRunAsSFSB() throws Exception
443 {
444    log.info("+++ testRunAsSFSB");
445    login();
446    log.debug("Found CallerFacadeBean-testRunAsSFSB Home");
447    CalledSession bean = (CalledSession)getInitialContext().lookup("spec.CallerFacadeBean-testRunAsSFSB");
448    log.debug("Created spec.CallerFacadeBean-testRunAsSFSB");
449    bean.invokeEcho("testRunAsSFSB");
450    log.debug("Bean.invokeEcho() ok");
451 }
452
453 /**
454  * Test the run-as side-effects raised in
455  * http://jira.jboss.com/jira/browse/JBAS-1852
456  *
457  * @throws Exception
458  */
459 public void testJBAS1852() throws Exception
460 {
461    log.info("+++ testJBAS1852");
462    login();
463    SessionFacade bean = (SessionFacade)getInitialContext().lookup("spec.PublicSessionFacade");
464    log.debug("Created PublicSessionFacade");
465    log.debug("Bean.callEcho('testJBAS1852') -> " + bean.callEcho("testJBAS1852"));
466 }
467
468 /** Test that an MDB with a run-as identity is able to access secure EJBs
469  that require the identity.
470  */
471 public void a1testMDBRunAs() throws Exception
472 {
473    log.debug("+++ testMDBRunAs");
474    logout();
475    QueueConnectionFactory queueFactory = (QueueConnectionFactory ) getInitialContext().lookup(QUEUE_FACTORY);
476    Queue queA = (Queue ) getInitialContext().lookup("queue/A");
477    Queue queB = (Queue ) getInitialContext().lookup("queue/B");
478    QueueConnection queueConn = queueFactory.createQueueConnection();
479    QueueSession session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
480    Message msg = session.createMessage();
481    msg.setStringProperty("arg", "testMDBRunAs");
482    msg.setJMSReplyTo(queB);
483    QueueSender sender = session.createSender(queA);
484    sender.send(msg);
485    sender.close();
486    log.debug("Sent msg to queue/A");
487    queueConn.start();
488    QueueReceiver recv = session.createReceiver(queB);
489    msg = recv.receive(5000);
490    log.debug("Recv msg: "+msg);
491    String info = msg.getStringProperty("reply");
492    recv.close();
493    session.close();
494    queueConn.close();
495
496    if( info == null || info.startsWith("Failed") )
497    {
498       fail("Recevied exception reply, info="+info);
499    }
500 }
501
502 /** Test that an MDB with a run-as identity is able to access secure EJBs
503  that require the identity. DeepRunAsMDB -> Level1MDBCallerBean.callEcho() ->
504    Level2CallerBean.invokeEcho() -> Level3CalleeBean.echo()
505  The MDB uses a run-as of InternalRole and the Level2CallerBean
506  and Level3CalleeBean are only accessible by InternalRole.
507  */
508 public void a1testMDBDeepRunAs() throws Exception
509 {
510    log.debug("+++ testMDBDeepRunAs");
511    logout();
512    QueueConnectionFactory queueFactory = (QueueConnectionFactory ) getInitialContext().lookup(QUEUE_FACTORY);
513    Queue queD = (Queue ) getInitialContext().lookup("queue/D");
514    Queue queB = (Queue ) getInitialContext().lookup("queue/B");
515    QueueConnection queueConn = queueFactory.createQueueConnection();
516    QueueSession session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
517    Message msg = session.createMessage();
518    msg.setStringProperty("arg", "testMDBDeepRunAs");
519    msg.setJMSReplyTo(queB);
520    QueueSender sender = session.createSender(queD);
521    sender.send(msg);
522    sender.close();
523    log.debug("Sent msg to "+queD);
524    queueConn.start();
525    QueueReceiver recv = session.createReceiver(queB);
526    msg = recv.receive(5000);
527    log.debug("Recv msg: "+msg);
528    String info = msg.getStringProperty("reply");
529    recv.close();
530    session.close();
531    queueConn.close();
532
533    if( info == null || info.startsWith("Failed") )
534    {
535       fail("Recevied exception reply, info="+info);
536    }
537 }
538
539 /** This method tests that the RunAsWithRolesMDB is assigned multiple roles
540  * within its onMessage so that it can call into the ProjRepository session
541  * bean's methods that required ProjectAdmin, CreateFolder and DeleteFolder
542  * roles.
543  */
544 public void a1testRunAsWithRoles() throws Exception
545 {
546    log.debug("+++ testRunAsWithRoles");
547    logout();
548    QueueConnectionFactory queueFactory = (QueueConnectionFactory ) getInitialContext().lookup(QUEUE_FACTORY);
549    Queue queC = (Queue ) getInitialContext().lookup("queue/C");
550    Queue queB = (Queue ) getInitialContext().lookup("queue/B");
551    QueueConnection queueConn = queueFactory.createQueueConnection();
552    QueueSession session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
553    Message msg = session.createMessage();
554    msg.setStringProperty("name", "testRunAsWithRoles");
555    msg.setJMSReplyTo(queB);
556    QueueSender sender = session.createSender(queC);
557    sender.send(msg);
558    sender.close();
559    log.debug("Sent msg to queue/C");
560    queueConn.start();
561    QueueReceiver recv = session.createReceiver(queB);
562    msg = recv.receive(5000);
563    log.debug("Recv msg: "+msg);
564    String info = msg.getStringProperty("reply");
565    recv.close();
566    session.close();
567    queueConn.close();
568
569    if( info == null || info.startsWith("Failed") )
570    {
571       fail("Recevied exception reply, info="+info);
572    }
573 }
574
575 /** Login as user scott using the conf.name login config or
576  'spec-test' if conf.name is not defined.
577  */
578 private void login() throws Exception
579 {
580    login(username, password);
581 }
582 private void login(String username, char[] password) throws Exception
583 {
584    if( loggedIn )
585       return;
586    
587    String confName = System.getProperty("conf.name", "spec-test");
588    AppCallbackHandler handler = new AppCallbackHandler(username, password);
589    log.debug("Creating LoginContext("+confName+")");
590    lc = new LoginContext (confName, handler);
591    lc.login();
592    log.debug("Created LoginContext, subject="+lc.getSubject());
593    loggedIn = true;
594 }
595 private void logout() throws Exception
596 {
597    if( lc != null )
598    {
599       loggedIn = false;
600       lc.logout();
601       lc = null;
602    }
603 }
604
605
606 /**
607  * Setup the test suite.
608  */
609 public static Test suite() throws Exception
610 {
611    try {
612       Configuration.setConfiguration(new XMLLoginConfigImpl());
613       return getDeploySetup(EJBSpecUnitTestCase.class, "security.jar");
614    }
615    catch (Exception e)
616    {
617       e.printStackTrace();
618       throw e;
619    }
620 }
621 }
622

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags