1 22 package org.jboss.ejb3.test.security.unit; 23 24 import java.util.HashSet ; 25 import javax.ejb.EJBException ; 26 import javax.jms.Message ; 27 import javax.jms.Queue ; 28 import javax.jms.QueueConnection ; 29 import javax.jms.QueueConnectionFactory ; 30 import javax.jms.QueueReceiver ; 31 import javax.jms.QueueSender ; 32 import javax.jms.QueueSession ; 33 import javax.jms.Session ; 34 import javax.management.MBeanServerConnection ; 35 import javax.management.MBeanServerInvocationHandler ; 36 import javax.management.ObjectName ; 37 import javax.naming.InitialContext ; 38 import javax.security.auth.login.Configuration ; 39 import javax.security.auth.login.LoginContext ; 40 import org.jboss.ejb3.test.security.AppCallbackHandler; 41 import org.jboss.ejb3.test.security.CalledSession; 42 import org.jboss.ejb3.test.security.SecurityContext; 43 import org.jboss.ejb3.test.security.SessionFacade; 44 import org.jboss.ejb3.test.security.StatefulSession; 45 import org.jboss.ejb3.test.security.StatelessSession; 46 import org.jboss.logging.Logger; 47 import org.jboss.security.SimplePrincipal; 48 import org.jboss.security.auth.login.XMLLoginConfigImpl; 49 import org.jboss.security.plugins.JaasSecurityManagerServiceMBean; 50 import org.jboss.test.JBossTestCase; 51 import junit.framework.Test; 52 53 54 60 public class EJBSpecUnitTestCase 61 extends JBossTestCase 62 { 63 private static final Logger log = Logger.getLogger(EJBSpecUnitTestCase.class); 64 65 static String username = "scott"; 66 static char[] password = "echoman".toCharArray(); 67 static String QUEUE_FACTORY = "ConnectionFactory"; 68 69 LoginContext lc; 70 boolean loggedIn; 71 72 public EJBSpecUnitTestCase(String name) 73 { 74 super(name); 75 } 76 77 protected void tearDown() throws Exception 78 { 79 logout(); 80 } 81 82 86 public void testSecurityDomain() throws Exception 87 { 88 log.info("+++ testSecurityDomain, domain=spec-test"); 89 MBeanServerConnection conn = (MBeanServerConnection ) getServer(); 90 ObjectName secMgrName = new ObjectName ("jboss.security:service=JaasSecurityManager"); 91 JaasSecurityManagerServiceMBean secMgr = (JaasSecurityManagerServiceMBean) 92 MBeanServerInvocationHandler.newProxyInstance(conn, secMgrName, 93 JaasSecurityManagerServiceMBean.class, false); 94 95 String domain = "spec-test"; 97 SimplePrincipal user = new SimplePrincipal("scott"); 98 boolean isValid = secMgr.isValid(domain, user, password); 99 assertTrue("scott password is echoman", isValid); 100 HashSet testRole = new HashSet (); 101 testRole.add(new SimplePrincipal("Echo")); 102 boolean hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole); 103 assertTrue("scott has Echo role", hasRole); 104 testRole.clear(); 105 testRole.add(new SimplePrincipal("EchoLocal")); 106 hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole); 107 assertTrue("scott has EchoLocal role", hasRole); 108 testRole.clear(); 109 testRole.add(new SimplePrincipal("ProjectUser")); 110 hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole); 111 assertTrue("scott has ProjectUser role", hasRole); 112 113 isValid = secMgr.isValid(domain, user, "badpass".toCharArray()); 114 assertTrue("badpass is an invalid password for scott", isValid == false); 115 116 log.info("+++ testSecurityDomain, domain=spec-test-domain"); 118 domain = "spec-test-domain"; 119 isValid = secMgr.isValid(domain, user, password); 120 assertTrue("scott password is echoman", isValid); 121 hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole); 122 assertTrue("scott has Echo role", hasRole); 123 testRole.clear(); 124 testRole.add(new SimplePrincipal("EchoLocal")); 125 hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole); 126 assertTrue("scott has EchoLocal role", hasRole); 127 testRole.clear(); 128 testRole.add(new SimplePrincipal("ProjectUser")); 129 hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole); 130 assertTrue("scott has ProjectUser role", hasRole); 131 132 isValid = secMgr.isValid(domain, user, "badpass".toCharArray()); 133 assertTrue("badpass is an invalid password for scott", isValid == false); 134 } 135 136 144 public void testGetCallerPrincipal() throws Exception 145 { 146 log.debug("+++ testGetCallerPrincipal()"); 147 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UnsecureStatelessSession2"); 148 log.debug("Created spec.UnsecureStatelessSession2"); 149 150 try 151 { 152 bean.echo("Hello from nobody?"); 154 fail("Was able to call StatelessSession.echo"); 155 } 156 catch(Exception e) 157 { 158 log.debug("echo failed as expected"); 159 } 160 161 login(); 162 bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession2"); 163 log.debug("Created spec.StatelessSession2"); 164 String echo = bean.echo(username); 166 log.debug("bean.echo(username) = "+echo); 167 assertTrue("username == echo", echo.equals(username)); 168 169 logout(); 170 } 171 172 175 public void testStatefulCreateCaller() throws Exception 176 { 177 log.debug("+++ testStatefulCreateCaller"); 178 login(); 179 InitialContext jndiContext = new InitialContext (); 180 181 StatefulSession bean = (StatefulSession)jndiContext.lookup("spec.StatefulSession"); 182 bean.echo("testStatefulCreateCaller"); 184 log.debug("Bean.echo(), ok"); 185 186 logout(); 187 } 188 189 194 public void testDomainInteraction() throws Exception 195 { 196 logout(); 197 login("testDomainInteraction", "testDomainInteraction".toCharArray()); 198 log.debug("+++ testDomainInteraction()"); 199 SecurityContext bean = (SecurityContext)getInitialContext().lookup("spec.UserInRoleContextSession"); 200 log.debug("Created spec.UserInRoleContextSession"); 201 HashSet roles = new HashSet (); 202 roles.add("Role1"); 203 roles.add("Role2"); 204 bean.testDomainInteraction(roles); 205 } 206 207 209 public void testPrincipalPropagation() throws Exception 210 { 211 log.debug("+++ testPrincipalPropagation"); 212 logout(); 213 login(); 214 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UnsecureStatelessSession2"); 215 log.debug("Created spec.UnsecureStatelessSession2"); 216 log.debug("Bean.forward('testPrincipalPropagation') -> "+bean.forward("testPrincipalPropagation")); 217 } 218 219 public void testMethodAccess() throws Exception 220 { 221 log.debug("+++ testMethodAccess"); 222 login(); 223 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession"); 224 log.debug("Created spec.StatelessSession"); 225 log.debug("Bean.echo('Hello') -> "+bean.echo("Hello")); 226 227 bean.noop(); 229 } 230 231 237 public void testDomainMethodAccess() throws Exception 238 { 239 log.debug("+++ testDomainMethodAccess"); 240 login(); 241 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSessionInDomain"); 242 log.debug("Created spec.StatelessSessionInDomain"); 243 log.debug("Bean.echo('testDomainMethodAccess') -> "+bean.echo("testDomainMethodAccess")); 244 245 try 246 { 247 bean.excluded(); 249 fail("Was able to call StatelessSession.excluded"); 250 } 251 catch(Exception e) 252 { 253 log.debug("StatelessSession.excluded failed as expected"); 254 } 255 } 256 257 261 public void testMethodAccess2() throws Exception 262 { 263 log.debug("+++ testMethodAccess2"); 264 login(); 265 InitialContext jndiContext = new InitialContext (); 266 StatelessSession bean = (StatelessSession)jndiContext.lookup("spec.StatelessSession_test"); 267 log.debug("Created spec.StatelessSession_test"); 268 log.debug("Bean.echo('testMethodAccess2') -> "+bean.echo("testMethodAccess2")); 269 } 270 271 275 public void a1testLocalMethodAccess() throws Exception 276 { 277 log.debug("+++ testLocalMethodAccess"); 278 login(); 279 InitialContext jndiContext = new InitialContext (); 280 CalledSession bean = (CalledSession)jndiContext.lookup("spec.CallerBean"); 281 log.debug("Created spec.CallerBean"); 282 log.debug("Bean.invokeEcho('testLocalMethodAccess') -> "+bean.invokeEcho("testLocalMethodAccess")); 283 } 284 285 289 public void testUncheckedRemote() throws Exception 290 { 291 log.debug("+++ testUncheckedRemote"); 292 login(); 293 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSessionRemoteLast"); 294 log.debug("Created spec.UncheckedSessionRemoteLast"); 295 log.debug("Bean.echo('testUncheckedRemote') -> "+bean.echo("testUncheckedRemote")); 296 try 297 { 298 bean.excluded(); 299 fail("Was able to call UncheckedSessionRemoteLast.excluded"); 300 } 301 catch(Exception e) 302 { 303 log.debug("UncheckedSessionRemoteLast.excluded failed as expected"); 304 } 305 logout(); 306 } 307 308 312 public void testRemoteUnchecked() throws Exception 313 { 314 log.debug("+++ testRemoteUnchecked"); 315 login(); 316 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSessionRemoteFirst"); 317 log.debug("Created spec.UncheckedSessionRemoteFirst"); 318 log.debug("Bean.echo('testRemoteUnchecked') -> "+bean.echo("testRemoteUnchecked")); 319 try 320 { 321 bean.excluded(); 322 fail("Was able to call UncheckedSessionRemoteFirst.excluded"); 323 } 324 catch(Exception e) 325 { 326 log.debug("UncheckedSessionRemoteFirst.excluded failed as expected"); 327 } 328 logout(); 329 } 330 331 335 public void testUnchecked() throws Exception 336 { 337 log.debug("+++ testUnchecked"); 338 login(); 340 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession"); 341 log.debug("Created spec.StatelessSession"); 342 logout(); 344 login("stark", "javaman".toCharArray()); 345 bean.unchecked(); 346 log.debug("Called Bean.unchecked()"); 347 logout(); 348 } 349 350 353 public void testUncheckedWithLogin() throws Exception 354 { 355 log.debug("+++ testUncheckedWithLogin"); 356 login(); 358 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSession"); 359 log.debug("Created spec.StatelessSession"); 360 bean.unchecked(); 361 log.debug("Called Bean.unchecked()"); 362 logout(); 363 } 364 365 371 public void testExcluded() throws Exception 372 { 373 log.debug("+++ testExcluded"); 374 login(); 375 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession2"); 376 log.debug("Created spec.StatelessSession2"); 377 try 378 { 379 bean.excluded(); 380 fail("Was able to call Bean.excluded()"); 381 } 382 catch(Exception e) 383 { 384 log.debug("Bean.excluded() failed as expected"); 385 } 387 logout(); 388 } 389 390 401 public void testRunAs() throws Exception 402 { 403 log.debug("+++ testRunAs"); 404 login(); 405 StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.RunAsStatelessSession"); 406 log.debug("Created spec.RunAsStatelessSession"); 407 log.debug("Bean.echo('testRunAs') -> "+bean.echo("testRunAs")); 408 bean.noop(); 409 log.debug("Bean.noop(), ok"); 410 411 try 412 { 413 bean.forward("Hello"); 415 fail("Was able to call RunAsStatelessSession.forward"); 416 } 417 catch(Exception e) 418 { 419 log.debug("StatelessSession.forward failed as expected"); 420 } 421 422 logout(); 423 } 424 425 431 public void testDeepRunAs() throws Exception 432 { 433 log.debug("+++ testDeepRunAs"); 434 login(); 435 CalledSession bean = (CalledSession)getInitialContext().lookup("spec.Level1CallerBean"); 436 log.debug("Created spec.Level1CallerBean"); 437 String principal = bean.callEcho(); 438 assertEquals("scott", principal); 439 log.debug("Bean.callEcho() ok"); 440 } 441 442 public void testRunAsSFSB() throws Exception 443 { 444 log.info("+++ testRunAsSFSB"); 445 login(); 446 log.debug("Found CallerFacadeBean-testRunAsSFSB Home"); 447 CalledSession bean = (CalledSession)getInitialContext().lookup("spec.CallerFacadeBean-testRunAsSFSB"); 448 log.debug("Created spec.CallerFacadeBean-testRunAsSFSB"); 449 bean.invokeEcho("testRunAsSFSB"); 450 log.debug("Bean.invokeEcho() ok"); 451 } 452 453 459 public void testJBAS1852() throws Exception 460 { 461 log.info("+++ testJBAS1852"); 462 login(); 463 SessionFacade bean = (SessionFacade)getInitialContext().lookup("spec.PublicSessionFacade"); 464 log.debug("Created PublicSessionFacade"); 465 log.debug("Bean.callEcho('testJBAS1852') -> " + bean.callEcho("testJBAS1852")); 466 } 467 468 471 public void a1testMDBRunAs() throws Exception 472 { 473 log.debug("+++ testMDBRunAs"); 474 logout(); 475 QueueConnectionFactory queueFactory = (QueueConnectionFactory ) getInitialContext().lookup(QUEUE_FACTORY); 476 Queue queA = (Queue ) getInitialContext().lookup("queue/A"); 477 Queue queB = (Queue ) getInitialContext().lookup("queue/B"); 478 QueueConnection queueConn = queueFactory.createQueueConnection(); 479 QueueSession session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE); 480 Message msg = session.createMessage(); 481 msg.setStringProperty("arg", "testMDBRunAs"); 482 msg.setJMSReplyTo(queB); 483 QueueSender sender = session.createSender(queA); 484 sender.send(msg); 485 sender.close(); 486 log.debug("Sent msg to queue/A"); 487 queueConn.start(); 488 QueueReceiver recv = session.createReceiver(queB); 489 msg = recv.receive(5000); 490 log.debug("Recv msg: "+msg); 491 String info = msg.getStringProperty("reply"); 492 recv.close(); 493 session.close(); 494 queueConn.close(); 495 496 if( info == null || info.startsWith("Failed") ) 497 { 498 fail("Recevied exception reply, info="+info); 499 } 500 } 501 502 508 public void a1testMDBDeepRunAs() throws Exception 509 { 510 log.debug("+++ testMDBDeepRunAs"); 511 logout(); 512 QueueConnectionFactory queueFactory = (QueueConnectionFactory ) getInitialContext().lookup(QUEUE_FACTORY); 513 Queue queD = (Queue ) getInitialContext().lookup("queue/D"); 514 Queue queB = (Queue ) getInitialContext().lookup("queue/B"); 515 QueueConnection queueConn = queueFactory.createQueueConnection(); 516 QueueSession session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE); 517 Message msg = session.createMessage(); 518 msg.setStringProperty("arg", "testMDBDeepRunAs"); 519 msg.setJMSReplyTo(queB); 520 QueueSender sender = session.createSender(queD); 521 sender.send(msg); 522 sender.close(); 523 log.debug("Sent msg to "+queD); 524 queueConn.start(); 525 QueueReceiver recv = session.createReceiver(queB); 526 msg = recv.receive(5000); 527 log.debug("Recv msg: "+msg); 528 String info = msg.getStringProperty("reply"); 529 recv.close(); 530 session.close(); 531 queueConn.close(); 532 533 if( info == null || info.startsWith("Failed") ) 534 { 535 fail("Recevied exception reply, info="+info); 536 } 537 } 538 539 544 public void a1testRunAsWithRoles() throws Exception 545 { 546 log.debug("+++ testRunAsWithRoles"); 547 logout(); 548 QueueConnectionFactory queueFactory = (QueueConnectionFactory ) getInitialContext().lookup(QUEUE_FACTORY); 549 Queue queC = (Queue ) getInitialContext().lookup("queue/C"); 550 Queue queB = (Queue ) getInitialContext().lookup("queue/B"); 551 QueueConnection queueConn = queueFactory.createQueueConnection(); 552 QueueSession session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE); 553 Message msg = session.createMessage(); 554 msg.setStringProperty("name", "testRunAsWithRoles"); 555 msg.setJMSReplyTo(queB); 556 QueueSender sender = session.createSender(queC); 557 sender.send(msg); 558 sender.close(); 559 log.debug("Sent msg to queue/C"); 560 queueConn.start(); 561 QueueReceiver recv = session.createReceiver(queB); 562 msg = recv.receive(5000); 563 log.debug("Recv msg: "+msg); 564 String info = msg.getStringProperty("reply"); 565 recv.close(); 566 session.close(); 567 queueConn.close(); 568 569 if( info == null || info.startsWith("Failed") ) 570 { 571 fail("Recevied exception reply, info="+info); 572 } 573 } 574 575 578 private void login() throws Exception 579 { 580 login(username, password); 581 } 582 private void login(String username, char[] password) throws Exception 583 { 584 if( loggedIn ) 585 return; 586 587 String confName = System.getProperty("conf.name", "spec-test"); 588 AppCallbackHandler handler = new AppCallbackHandler(username, password); 589 log.debug("Creating LoginContext("+confName+")"); 590 lc = new LoginContext (confName, handler); 591 lc.login(); 592 log.debug("Created LoginContext, subject="+lc.getSubject()); 593 loggedIn = true; 594 } 595 private void logout() throws Exception 596 { 597 if( lc != null ) 598 { 599 loggedIn = false; 600 lc.logout(); 601 lc = null; 602 } 603 } 604 605 606 609 public static Test suite() throws Exception 610 { 611 try { 612 Configuration.setConfiguration(new XMLLoginConfigImpl()); 613 return getDeploySetup(EJBSpecUnitTestCase.class, "security.jar"); 614 } 615 catch (Exception e) 616 { 617 e.printStackTrace(); 618 throw e; 619 } 620 } 621 } 622 | Popular Tags |