KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > jboss > ejb3 > test > security > unit > EJBSpecUnitTestCase


1 /*
2   * JBoss, Home of Professional Open Source
3   * Copyright 2005, JBoss Inc., and individual contributors as indicated
4   * by the @authors tag. See the copyright.txt in the distribution for a
5   * full listing of individual contributors.
6   *
7   * This is free software; you can redistribute it and/or modify it
8   * under the terms of the GNU Lesser General Public License as
9   * published by the Free Software Foundation; either version 2.1 of
10   * the License, or (at your option) any later version.
11   *
12   * This software is distributed in the hope that it will be useful,
13   * but WITHOUT ANY WARRANTY; without even the implied warranty of
14   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15   * Lesser General Public License for more details.
16   *
17   * You should have received a copy of the GNU Lesser General Public
18   * License along with this software; if not, write to the Free
19   * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
20   * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
21   */

22 package org.jboss.ejb3.test.security.unit;
23
24 import java.util.HashSet JavaDoc;
25 import javax.ejb.EJBException JavaDoc;
26 import javax.jms.Message JavaDoc;
27 import javax.jms.Queue JavaDoc;
28 import javax.jms.QueueConnection JavaDoc;
29 import javax.jms.QueueConnectionFactory JavaDoc;
30 import javax.jms.QueueReceiver JavaDoc;
31 import javax.jms.QueueSender JavaDoc;
32 import javax.jms.QueueSession JavaDoc;
33 import javax.jms.Session JavaDoc;
34 import javax.management.MBeanServerConnection JavaDoc;
35 import javax.management.MBeanServerInvocationHandler JavaDoc;
36 import javax.management.ObjectName JavaDoc;
37 import javax.naming.InitialContext JavaDoc;
38 import javax.security.auth.login.Configuration JavaDoc;
39 import javax.security.auth.login.LoginContext JavaDoc;
40 import org.jboss.ejb3.test.security.AppCallbackHandler;
41 import org.jboss.ejb3.test.security.CalledSession;
42 import org.jboss.ejb3.test.security.SecurityContext;
43 import org.jboss.ejb3.test.security.SessionFacade;
44 import org.jboss.ejb3.test.security.StatefulSession;
45 import org.jboss.ejb3.test.security.StatelessSession;
46 import org.jboss.logging.Logger;
47 import org.jboss.security.SimplePrincipal;
48 import org.jboss.security.auth.login.XMLLoginConfigImpl;
49 import org.jboss.security.plugins.JaasSecurityManagerServiceMBean;
50 import org.jboss.test.JBossTestCase;
51 import junit.framework.Test;
52
53
54 /** Test of EJB spec conformace using the security-spec.jar
55  deployment unit. These test the basic role based access model.
56  
57  @author Scott.Stark@jboss.org
58  @version $Revision: 54985 $
59  */

60 public class EJBSpecUnitTestCase
61 extends JBossTestCase
62 {
63 private static final Logger log = Logger.getLogger(EJBSpecUnitTestCase.class);
64
65 static String JavaDoc username = "scott";
66 static char[] password = "echoman".toCharArray();
67 static String JavaDoc QUEUE_FACTORY = "ConnectionFactory";
68
69 LoginContext JavaDoc lc;
70 boolean loggedIn;
71
72 public EJBSpecUnitTestCase(String JavaDoc name)
73 {
74    super(name);
75 }
76
77 protected void tearDown() throws Exception JavaDoc
78 {
79    logout();
80 }
81
82 /** Validate that the users have the expected logins and roles.
83  *
84  * @throws Exception
85  */

86 public void testSecurityDomain() throws Exception JavaDoc
87 {
88    log.info("+++ testSecurityDomain, domain=spec-test");
89    MBeanServerConnection JavaDoc conn = (MBeanServerConnection JavaDoc) getServer();
90    ObjectName JavaDoc secMgrName = new ObjectName JavaDoc("jboss.security:service=JaasSecurityManager");
91    JaasSecurityManagerServiceMBean secMgr = (JaasSecurityManagerServiceMBean)
92       MBeanServerInvocationHandler.newProxyInstance(conn, secMgrName,
93       JaasSecurityManagerServiceMBean.class, false);
94
95    // Test the spec-test security domain
96
String JavaDoc domain = "spec-test";
97    SimplePrincipal user = new SimplePrincipal("scott");
98    boolean isValid = secMgr.isValid(domain, user, password);
99    assertTrue("scott password is echoman", isValid);
100    HashSet JavaDoc testRole = new HashSet JavaDoc();
101    testRole.add(new SimplePrincipal("Echo"));
102    boolean hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
103    assertTrue("scott has Echo role", hasRole);
104    testRole.clear();
105    testRole.add(new SimplePrincipal("EchoLocal"));
106    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
107    assertTrue("scott has EchoLocal role", hasRole);
108    testRole.clear();
109    testRole.add(new SimplePrincipal("ProjectUser"));
110    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
111    assertTrue("scott has ProjectUser role", hasRole);
112
113    isValid = secMgr.isValid(domain, user, "badpass".toCharArray());
114    assertTrue("badpass is an invalid password for scott", isValid == false);
115
116    // Test the spec-test-domain security domain
117
log.info("+++ testSecurityDomain, domain=spec-test-domain");
118    domain = "spec-test-domain";
119    isValid = secMgr.isValid(domain, user, password);
120    assertTrue("scott password is echoman", isValid);
121    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
122    assertTrue("scott has Echo role", hasRole);
123    testRole.clear();
124    testRole.add(new SimplePrincipal("EchoLocal"));
125    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
126    assertTrue("scott has EchoLocal role", hasRole);
127    testRole.clear();
128    testRole.add(new SimplePrincipal("ProjectUser"));
129    hasRole = secMgr.doesUserHaveRole(domain, user, password, testRole);
130    assertTrue("scott has ProjectUser role", hasRole);
131
132    isValid = secMgr.isValid(domain, user, "badpass".toCharArray());
133    assertTrue("badpass is an invalid password for scott", isValid == false);
134 }
135
136 /** Test that:
137  1. SecureBean returns a non-null principal when getCallerPrincipal
138  is called with a security context and that this is propagated
139  to its Entity bean ref.
140  
141  2. UnsecureBean throws an IllegalStateException when getCallerPrincipal
142  is called without a security context.
143  */

144 public void testGetCallerPrincipal() throws Exception JavaDoc
145 {
146    log.debug("+++ testGetCallerPrincipal()");
147    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UnsecureStatelessSession2");
148    log.debug("Created spec.UnsecureStatelessSession2");
149    
150    try
151    {
152       // This should fail because echo calls getCallerPrincipal()
153
bean.echo("Hello from nobody?");
154       fail("Was able to call StatelessSession.echo");
155    }
156    catch(Exception JavaDoc e)
157    {
158       log.debug("echo failed as expected");
159    }
160    
161    login();
162    bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession2");
163    log.debug("Created spec.StatelessSession2");
164    // Test that the Entity bean sees username as its principal
165
String JavaDoc echo = bean.echo(username);
166    log.debug("bean.echo(username) = "+echo);
167    assertTrue("username == echo", echo.equals(username));
168    
169    logout();
170 }
171
172 /** Test the use of getCallerPrincipal from within the ejbCreate
173  * in a stateful session bean
174  */

175 public void testStatefulCreateCaller() throws Exception JavaDoc
176 {
177    log.debug("+++ testStatefulCreateCaller");
178    login();
179    InitialContext JavaDoc jndiContext = new InitialContext JavaDoc();
180   
181    StatefulSession bean = (StatefulSession)jndiContext.lookup("spec.StatefulSession");
182    // Need to invoke a method to ensure an ejbCreate call
183
bean.echo("testStatefulCreateCaller");
184    log.debug("Bean.echo(), ok");
185
186    logout();
187 }
188
189 /**
190  * Test that a call interacting with different security domains does not
191  * change the
192  * @throws Exception
193  */

194 public void testDomainInteraction() throws Exception JavaDoc
195 {
196    logout();
197    login("testDomainInteraction", "testDomainInteraction".toCharArray());
198    log.debug("+++ testDomainInteraction()");
199    SecurityContext bean = (SecurityContext)getInitialContext().lookup("spec.UserInRoleContextSession");
200    log.debug("Created spec.UserInRoleContextSession");
201    HashSet JavaDoc roles = new HashSet JavaDoc();
202    roles.add("Role1");
203    roles.add("Role2");
204    bean.testDomainInteraction(roles);
205 }
206
207 /** Test that the calling principal is propagated across bean calls.
208  */

209 public void testPrincipalPropagation() throws Exception JavaDoc
210 {
211    log.debug("+++ testPrincipalPropagation");
212    logout();
213    login();
214    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UnsecureStatelessSession2");
215    log.debug("Created spec.UnsecureStatelessSession2");
216    log.debug("Bean.forward('testPrincipalPropagation') -> "+bean.forward("testPrincipalPropagation"));
217 }
218
219 public void testMethodAccess() throws Exception JavaDoc
220 {
221    log.debug("+++ testMethodAccess");
222    login();
223    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession");
224    log.debug("Created spec.StatelessSession");
225    log.debug("Bean.echo('Hello') -> "+bean.echo("Hello"));
226
227    // This should be allowed in ejb3
228
bean.noop();
229 }
230
231 /** Test that the echo method is accessible by an Echo
232  role. Since the excluded() method of the StatelessSession
233  bean has been placed into the excluded set it should not
234  accessible by any user. This uses the security domain of the
235  JaasSecurityDomain service to test its use as an authentication mgr.
236  */

237 public void testDomainMethodAccess() throws Exception JavaDoc
238 {
239    log.debug("+++ testDomainMethodAccess");
240    login();
241    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSessionInDomain");
242    log.debug("Created spec.StatelessSessionInDomain");
243    log.debug("Bean.echo('testDomainMethodAccess') -> "+bean.echo("testDomainMethodAccess"));
244
245    try
246    {
247       // This should not be allowed
248
bean.excluded();
249       fail("Was able to call StatelessSession.excluded");
250    }
251    catch(Exception JavaDoc e)
252    {
253       log.debug("StatelessSession.excluded failed as expected");
254    }
255 }
256
257 /** Test that the permissions assigned to the stateless session bean:
258  with ejb-name=org/jboss/test/security/ejb/StatelessSession_test
259  are read correctly.
260  */

261 public void testMethodAccess2() throws Exception JavaDoc
262 {
263    log.debug("+++ testMethodAccess2");
264    login();
265    InitialContext JavaDoc jndiContext = new InitialContext JavaDoc();
266    StatelessSession bean = (StatelessSession)jndiContext.lookup("spec.StatelessSession_test");
267    log.debug("Created spec.StatelessSession_test");
268    log.debug("Bean.echo('testMethodAccess2') -> "+bean.echo("testMethodAccess2"));
269 }
270
271 /** Test a user with Echo and EchoLocal roles can access the CalleeBean
272  through its local interface by calling the CallerBean and that a user
273  with only a EchoLocal cannot call the CallerBean.
274  */

275 public void a1testLocalMethodAccess() throws Exception JavaDoc
276 {
277    log.debug("+++ testLocalMethodAccess");
278    login();
279    InitialContext JavaDoc jndiContext = new InitialContext JavaDoc();
280    CalledSession bean = (CalledSession)jndiContext.lookup("spec.CallerBean");
281    log.debug("Created spec.CallerBean");
282    log.debug("Bean.invokeEcho('testLocalMethodAccess') -> "+bean.invokeEcho("testLocalMethodAccess"));
283 }
284
285 /** Test access to a bean with a mix of remote interface permissions and
286  * unchecked permissions with the unchecked permissions declared first.
287  * @throws Exception
288  */

289 public void testUncheckedRemote() throws Exception JavaDoc
290 {
291    log.debug("+++ testUncheckedRemote");
292    login();
293    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSessionRemoteLast");
294    log.debug("Created spec.UncheckedSessionRemoteLast");
295    log.debug("Bean.echo('testUncheckedRemote') -> "+bean.echo("testUncheckedRemote"));
296    try
297    {
298       bean.excluded();
299       fail("Was able to call UncheckedSessionRemoteLast.excluded");
300    }
301    catch(Exception JavaDoc e)
302    {
303       log.debug("UncheckedSessionRemoteLast.excluded failed as expected");
304    }
305    logout();
306 }
307
308 /** Test access to a bean with a mix of remote interface permissions and
309  * unchecked permissions with the unchecked permissions declared last.
310  * @throws Exception
311  */

312 public void testRemoteUnchecked() throws Exception JavaDoc
313 {
314    log.debug("+++ testRemoteUnchecked");
315    login();
316    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSessionRemoteFirst");
317    log.debug("Created spec.UncheckedSessionRemoteFirst");
318    log.debug("Bean.echo('testRemoteUnchecked') -> "+bean.echo("testRemoteUnchecked"));
319    try
320    {
321       bean.excluded();
322       fail("Was able to call UncheckedSessionRemoteFirst.excluded");
323    }
324    catch(Exception JavaDoc e)
325    {
326       log.debug("UncheckedSessionRemoteFirst.excluded failed as expected");
327    }
328    logout();
329 }
330
331 /** Test that a user with a role that has not been assigned any
332  method permissions in the ejb-jar descriptor is able to access a
333  method that has been marked as unchecked.
334  */

335 public void testUnchecked() throws Exception JavaDoc
336 {
337    log.debug("+++ testUnchecked");
338    // Login as scott to create the bean
339
login();
340    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession");
341    log.debug("Created spec.StatelessSession");
342    // Logout and login back in as stark to test access to the unchecked method
343
logout();
344    login("stark", "javaman".toCharArray());
345    bean.unchecked();
346    log.debug("Called Bean.unchecked()");
347    logout();
348 }
349
350 /** Test that a user with a valid role is able to access a
351  bean for which all methods have been marked as unchecked.
352  */

353 public void testUncheckedWithLogin() throws Exception JavaDoc
354 {
355    log.debug("+++ testUncheckedWithLogin");
356    // Login as scott to see that a user with roles is allowed access
357
login();
358    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.UncheckedSession");
359    log.debug("Created spec.StatelessSession");
360    bean.unchecked();
361    log.debug("Called Bean.unchecked()");
362    logout();
363 }
364
365 /** Test that user scott who has the Echo role is not able to
366  access the StatelessSession2.excluded method even though
367  the Echo role has been granted access to all methods of
368  StatelessSession2 to test that the excluded-list takes
369  precendence over the method-permissions.
370  */

371 public void testExcluded() throws Exception JavaDoc
372 {
373    log.debug("+++ testExcluded");
374    login();
375    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.StatelessSession2");
376    log.debug("Created spec.StatelessSession2");
377    try
378    {
379       bean.excluded();
380       fail("Was able to call Bean.excluded()");
381    }
382    catch(Exception JavaDoc e)
383    {
384       log.debug("Bean.excluded() failed as expected");
385       // This is what we expect
386
}
387    logout();
388 }
389
390 /** This method tests the following call chains:
391  1. RunAsStatelessSession.echo() -> PrivateEntity.echo()
392  2. RunAsStatelessSession.noop() -> RunAsStatelessSession.excluded()
393  3. RunAsStatelessSession.forward() -> StatelessSession.echo()
394  1. Should succeed because the run-as identity of RunAsStatelessSession
395  is valid for accessing PrivateEntity.
396  2. Should succeed because the run-as identity of RunAsStatelessSession
397  is valid for accessing RunAsStatelessSession.excluded().
398  3. Should fail because the run-as identity of RunAsStatelessSession
399  is not Echo.
400  */

401 public void testRunAs() throws Exception JavaDoc
402 {
403    log.debug("+++ testRunAs");
404    login();
405    StatelessSession bean = (StatelessSession)getInitialContext().lookup("spec.RunAsStatelessSession");
406    log.debug("Created spec.RunAsStatelessSession");
407    log.debug("Bean.echo('testRunAs') -> "+bean.echo("testRunAs"));
408    bean.noop();
409    log.debug("Bean.noop(), ok");
410    
411    try
412    {
413       // This should not be allowed
414
bean.forward("Hello");
415       fail("Was able to call RunAsStatelessSession.forward");
416    }
417    catch(Exception JavaDoc e)
418    {
419       log.debug("StatelessSession.forward failed as expected");
420    }
421    
422    logout();
423 }
424
425 /** This method tests the following call chain:
426  Level1CallerBean.callEcho() -> Level2CallerBean.invokeEcho()
427    -> Level3CalleeBean.echo()
428  The Level1CallerBean uses a run-as of InternalRole and the Level2CallerBean
429  and Level3CalleeBean are only accessible by InternalRole.
430  */

431 public void testDeepRunAs() throws Exception JavaDoc
432 {
433    log.debug("+++ testDeepRunAs");
434    login();
435    CalledSession bean = (CalledSession)getInitialContext().lookup("spec.Level1CallerBean");
436    log.debug("Created spec.Level1CallerBean");
437    String JavaDoc principal = bean.callEcho();
438    assertEquals("scott", principal);
439    log.debug("Bean.callEcho() ok");
440 }
441
442 public void testRunAsSFSB() throws Exception JavaDoc
443 {
444    log.info("+++ testRunAsSFSB");
445    login();
446    log.debug("Found CallerFacadeBean-testRunAsSFSB Home");
447    CalledSession bean = (CalledSession)getInitialContext().lookup("spec.CallerFacadeBean-testRunAsSFSB");
448    log.debug("Created spec.CallerFacadeBean-testRunAsSFSB");
449    bean.invokeEcho("testRunAsSFSB");
450    log.debug("Bean.invokeEcho() ok");
451 }
452
453 /**
454  * Test the run-as side-effects raised in
455  * http://jira.jboss.com/jira/browse/JBAS-1852
456  *
457  * @throws Exception
458  */

459 public void testJBAS1852() throws Exception JavaDoc
460 {
461    log.info("+++ testJBAS1852");
462    login();
463    SessionFacade bean = (SessionFacade)getInitialContext().lookup("spec.PublicSessionFacade");
464    log.debug("Created PublicSessionFacade");
465    log.debug("Bean.callEcho('testJBAS1852') -> " + bean.callEcho("testJBAS1852"));
466 }
467
468 /** Test that an MDB with a run-as identity is able to access secure EJBs
469  that require the identity.
470  */

471 public void a1testMDBRunAs() throws Exception JavaDoc
472 {
473    log.debug("+++ testMDBRunAs");
474    logout();
475    QueueConnectionFactory JavaDoc queueFactory = (QueueConnectionFactory JavaDoc) getInitialContext().lookup(QUEUE_FACTORY);
476    Queue JavaDoc queA = (Queue JavaDoc) getInitialContext().lookup("queue/A");
477    Queue JavaDoc queB = (Queue JavaDoc) getInitialContext().lookup("queue/B");
478    QueueConnection JavaDoc queueConn = queueFactory.createQueueConnection();
479    QueueSession JavaDoc session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
480    Message JavaDoc msg = session.createMessage();
481    msg.setStringProperty("arg", "testMDBRunAs");
482    msg.setJMSReplyTo(queB);
483    QueueSender JavaDoc sender = session.createSender(queA);
484    sender.send(msg);
485    sender.close();
486    log.debug("Sent msg to queue/A");
487    queueConn.start();
488    QueueReceiver JavaDoc recv = session.createReceiver(queB);
489    msg = recv.receive(5000);
490    log.debug("Recv msg: "+msg);
491    String JavaDoc info = msg.getStringProperty("reply");
492    recv.close();
493    session.close();
494    queueConn.close();
495
496    if( info == null || info.startsWith("Failed") )
497    {
498       fail("Recevied exception reply, info="+info);
499    }
500 }
501
502 /** Test that an MDB with a run-as identity is able to access secure EJBs
503  that require the identity. DeepRunAsMDB -> Level1MDBCallerBean.callEcho() ->
504    Level2CallerBean.invokeEcho() -> Level3CalleeBean.echo()
505  The MDB uses a run-as of InternalRole and the Level2CallerBean
506  and Level3CalleeBean are only accessible by InternalRole.
507  */

508 public void a1testMDBDeepRunAs() throws Exception JavaDoc
509 {
510    log.debug("+++ testMDBDeepRunAs");
511    logout();
512    QueueConnectionFactory JavaDoc queueFactory = (QueueConnectionFactory JavaDoc) getInitialContext().lookup(QUEUE_FACTORY);
513    Queue JavaDoc queD = (Queue JavaDoc) getInitialContext().lookup("queue/D");
514    Queue JavaDoc queB = (Queue JavaDoc) getInitialContext().lookup("queue/B");
515    QueueConnection JavaDoc queueConn = queueFactory.createQueueConnection();
516    QueueSession JavaDoc session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
517    Message JavaDoc msg = session.createMessage();
518    msg.setStringProperty("arg", "testMDBDeepRunAs");
519    msg.setJMSReplyTo(queB);
520    QueueSender JavaDoc sender = session.createSender(queD);
521    sender.send(msg);
522    sender.close();
523    log.debug("Sent msg to "+queD);
524    queueConn.start();
525    QueueReceiver JavaDoc recv = session.createReceiver(queB);
526    msg = recv.receive(5000);
527    log.debug("Recv msg: "+msg);
528    String JavaDoc info = msg.getStringProperty("reply");
529    recv.close();
530    session.close();
531    queueConn.close();
532
533    if( info == null || info.startsWith("Failed") )
534    {
535       fail("Recevied exception reply, info="+info);
536    }
537 }
538
539 /** This method tests that the RunAsWithRolesMDB is assigned multiple roles
540  * within its onMessage so that it can call into the ProjRepository session
541  * bean's methods that required ProjectAdmin, CreateFolder and DeleteFolder
542  * roles.
543  */

544 public void a1testRunAsWithRoles() throws Exception JavaDoc
545 {
546    log.debug("+++ testRunAsWithRoles");
547    logout();
548    QueueConnectionFactory JavaDoc queueFactory = (QueueConnectionFactory JavaDoc) getInitialContext().lookup(QUEUE_FACTORY);
549    Queue JavaDoc queC = (Queue JavaDoc) getInitialContext().lookup("queue/C");
550    Queue JavaDoc queB = (Queue JavaDoc) getInitialContext().lookup("queue/B");
551    QueueConnection JavaDoc queueConn = queueFactory.createQueueConnection();
552    QueueSession JavaDoc session = queueConn.createQueueSession(false, Session.AUTO_ACKNOWLEDGE);
553    Message JavaDoc msg = session.createMessage();
554    msg.setStringProperty("name", "testRunAsWithRoles");
555    msg.setJMSReplyTo(queB);
556    QueueSender JavaDoc sender = session.createSender(queC);
557    sender.send(msg);
558    sender.close();
559    log.debug("Sent msg to queue/C");
560    queueConn.start();
561    QueueReceiver JavaDoc recv = session.createReceiver(queB);
562    msg = recv.receive(5000);
563    log.debug("Recv msg: "+msg);
564    String JavaDoc info = msg.getStringProperty("reply");
565    recv.close();
566    session.close();
567    queueConn.close();
568
569    if( info == null || info.startsWith("Failed") )
570    {
571       fail("Recevied exception reply, info="+info);
572    }
573 }
574
575 /** Login as user scott using the conf.name login config or
576  'spec-test' if conf.name is not defined.
577  */

578 private void login() throws Exception JavaDoc
579 {
580    login(username, password);
581 }
582 private void login(String JavaDoc username, char[] password) throws Exception JavaDoc
583 {
584    if( loggedIn )
585       return;
586    
587    String JavaDoc confName = System.getProperty("conf.name", "spec-test");
588    AppCallbackHandler handler = new AppCallbackHandler(username, password);
589    log.debug("Creating LoginContext("+confName+")");
590    lc = new LoginContext JavaDoc(confName, handler);
591    lc.login();
592    log.debug("Created LoginContext, subject="+lc.getSubject());
593    loggedIn = true;
594 }
595 private void logout() throws Exception JavaDoc
596 {
597    if( lc != null )
598    {
599       loggedIn = false;
600       lc.logout();
601       lc = null;
602    }
603 }
604
605
606 /**
607  * Setup the test suite.
608  */

609 public static Test suite() throws Exception JavaDoc
610 {
611    try {
612       Configuration.setConfiguration(new XMLLoginConfigImpl());
613       return getDeploySetup(EJBSpecUnitTestCase.class, "security.jar");
614    }
615    catch (Exception JavaDoc e)
616    {
617       e.printStackTrace();
618       throw e;
619    }
620 }
621 }
622
Popular Tags